We're Hiring

Field Marketing Manager, EMEA - CONTRACT
Corporate Account Executive
Sales Development Representative
Sales Development Representative - DUTCH SPEAKING
Senior Accountant
Director of Product Management, Mobile
Director/Senior Product Manager (Strong Authentication)
Director/Sr. Product Manager
Product Marketing Intern - Summer Internship 2015
Product Marketing Manager - Business Value Assessment
Technical Marketing Intern - Summer Internship 2015
Technical Marketing Manager
Customer Success Manager
Customer Success Manager
Sr. Customer Success Manager
Sr. Director - Training
Manager, Marketing Operations
Business Operations Intern - Summer Internship 2015
Expert Services Manager
Technical Manager, Professional Services
Head of Technical Operations
Quality Engineer - Adaptive Authentication (Sr./Staff/Principal)
Senior Technical Release Manager
Senior Technical Writer
Site Reliability Engineer Intern - Summer 2015
Site Reliability Operator
Software Architect
Software Engineer - Adaptive Authentication (Sr./Staff/Principal)
Software Engineer - Analytics & Reporting (Sr./Staff/Principal)
Software Engineer - Android (Sr./Staff/Principal)
Software Engineer - Build & Release
Software Engineer - College Grad - 2015
Software Engineer - Core Technology (Sr./Staff/Principal)
Software Engineer - O365 Identity Management (Sr./Staff/Principal)
Software Engineer - O365 Identity Management (Sr./Staff/Principal)
Software Engineer - UI (Sr./Staff/Principal)
Software Engineer in Test - Analytics & Reporting (Sr./Staff/Principal)
Software Engineer in Test - Technical Operations (Sr/Staff/Principal)
Software Engineer in Test - UI/Selenium (Sr./Staff/Principal)
Sr. Software Engineer - Integration Infrastructure
Staff Database Engineer
Manager, Global Compensation
People Business Partner
Recruiting Coordinator
Sr. IT Technical Engineer
Sr. Penetration Testing Engineer
Customer Marketing Associate
Partner Marketing Manager
Senior Manager, Corporate Communications
Account Executive, Renewals
Corporate Account Executive
Corporate Account Executive
Corporate Account Executive
Enterprise - Regional Sales Manager (Atlanta)
Enterprise - Regional Sales Manager (Houston, TX)
Enterprise - Regional Sales Manager (LA Area)
Enterprise - Regional Sales Manager (Phoenix Area)
Enterprise - Regional Sales Manager, Atlanta
Field Corporate Account Executive - Central (TOLA)
Field Corporate Account Executive - MI/OH/IN/WI/Eastern Canada
Field Corporate Account Executive -- Southeast
Sales Development Representative
Sales Development Representative
Sr. Sales Engineer
Sr. Sales Engineer (North East)
Technical Support Engineer
Business Development (ISV) Intern - Summer Internship 2015
Channel Sales Intern - Summer Internship 2015
Director, Business Development -- Mobile Partnerships
Senior Manager, Business Development

Simple, Comprehensive, Robust

Extend Active Directory & LDAP to the Cloud

More Active Directory Resources


Okta's Active Directory Integration



Okta Directory Integration - An Architecture Overview



Three Ways to Integrate Active Directory with Your SaaS Applications



Three Ways to Extend Active Directory to Your Cloud Apps

Watch Now

In the majority of enterprises, Microsoft’s Active Directory (AD) is the authoritative user directory that governs access to key business applications. SaaS applications were developed with their own native user directories and because they run outside of the firewall, are typically beyond the reach of Active Directory. As a result users have to remember multiple usernames and logins and IT has to create, manage and map user accounts in AD and across their SaaS applications. Clearly these applications must be integrated with Active Directory in order to accelerate their adoption.

Okta offers the industry’s most complete, robust and easy to use Active Directory single sign-on integration.

Active directory SSO set up and configuration

Active directory SSO set up and configuration

Simple Set Up and Configuration

Enabling Active Directory single sign-on integration is a simple, wizard driven process. With the click of a button from the Okta administrative console you can download the Okta Active Directory agent and install it on any Windows Server that has access to your Domain Controller. Once installed you simply enter your Okta URL and credentials and the agent securely establishes a connection with your Okta instance — no network or firewall configuration required.

The rest of the configuration takes place centrally from the Okta administration console and covers setting up the AD integration account, specifying the target OUs and determining the schedule for ongoing user imports.

Learn more - Okta's Active Directory Integration Architectural Overview Whitepaper

Active directory SSO synchronization

Active directory SSO synchronization

Intelligent User Synchronization

Once the agent is installed and the initial user import takes place Okta intelligently processes the results. Matching algorithms are applied to analyze the incoming AD users and determine if there is a match to existing Okta users or to accounts that you have imported from other SaaS systems. Future user imports can be scheduled or performed on demand.

Active directory SSO authentication

Active directory SSO authentication

Robust Delegated Authentication

Okta’s Active Directory single sign-on integration also allows you to delegate the authentication into Okta, to your on-premises AD Domain. Users can easily log into Okta using their Okta username and active directory password.

As this feature governs user access into Okta, the architecture also support multiple Okta AD agents running in your environment to provide higher throughput, redundancy and thus greater availability. If one of the agents stops running or loses network connectivity, the authentication requests are simply routed to the other agents.

Integrated Desktop Single Sign-On

Okta leverages Microsoft’s Integrated Windows Authentication to seamlessly authenticate users to Okta that are already authenticated with their Windows domain. You simply download and install Okta’s IWA web application, configure the relevant IP ranges, and the setup is complete.

Both Mac and PC users can simply log into their corporate network once and access any cloud application with a single click. No additional usernames or passwords required, just like on-premises apps.

Security Group Driven Provisioning

Through the use of Active Directory security groups, Okta can automatically provision applications to users. Just add a user to AD, place them in a security group, and when synchronized with Okta that user will be added, and an account in the application mapped to that security group will be automatically provisioned on their behalf.

One Click Deprovisioning

User deactivation is typically triggered from a corporate identity store such as Active Directory. With Okta’s Centralized Deprovisioning, deactivating a user in AD initiates a deprovisioning workflow immediately to ensure maximum effectiveness in preventing rogue access to Okta and other cloud applications.

Self Service Password Reset

Your users can also change their Active Directory password via Okta. When a user's AD password expires or is reset they will automatically be prompted to change it the next time they log in to Okta. Users can also proactively change their AD password directly from the account tab on their Okta homepage, and Okta keeps all of these credentials synchronized with AD.

Enterprise-grade identity & mobility management for all your apps, users & devices

Try Okta Free