Adapt to the cloud operating model
Unified identity & access purpose-built for dynamic hybrid and multi-cloud environments
Secure server access across any cloud
Okta Advanced Server Access enables you to manage and automate identity and access controls for Linux and Windows servers in the cloud or on-premises.
Lightweight client-server approach
Okta Advanced Server Access is delivered as a SaaS, shipped with a lightweight server agent and client application.
Integrates with your Infrastructure as Code
Okta streamlines the automation of identity & access controls across your infrastructure fleet using any infrastructure automation or configuration management tool of your choice. To learn how to automate Okta Advanced Server Access via your DevOps tools, visit the documentation ›.
Certified Terraform Provider for Okta Advanced Server Access
NEW: Now developers who use HashiCorp Terraform to automate infrastructure provisioning across AWS, GCP, and Azure, can configure Advanced Server Access in parallel with a certified Terraform Provider.
Automate Server Lifecycle Management
Remove barriers to scale by automating server accounts and policies with Okta as the source of truth
The only Identity-first approach to server access
Keep a unified directory of server users, groups, and policies within Okta Universal Directory, replacing the need to manage and protect shared accounts & shared credentials.
Central control plane for managing and deploying least privilege access
Okta enables command-level permissions via sudo entitlements as a function of its role-based access controls
Automate user, group, and policy provisioning and deprovisioning at scale
Okta manages the end-to-end lifecycle of server users, groups, and policies directly from Universal Directory across infrastructure fleets of any scale.
Solve compliance with less burden
Enforce least privileged access controls to adhere to SOC2, PCI-DSS, and FedRAMP guidelines.
Zero Trust architecture to enforce least privileged access
Every login is independently authenticated and authorized, and issued a short-lived tightly scoped credential to match.
Granular audit of server login events
Clear record of who accessed what server from which device and when - exposed via Dashboard or exported to your SIEM.
Capture & log interactive SSH sessions
Funnel traffic through an SSH Gateway service that captures interactive sessions and delivers to a secure object storage location in your environment.
Keep developers secure & happy
Extend familiar SSO & MFA workflows to SSH & RDP authentication for human and service user use cases
SSH & RDP integrations
The Client Application integrates with your local tools, allowing you to simply use SSH & RDP as you normally would, transparently interacting with Okta for auth behind the scenes.
A clever feature of OpenSSH allows you to just type ssh from the command line to call the Client Application.
Open your local RDP GUI automatically from the command line using the CLI.
Everything about Okta is exposed as an API, allowing you to automate your identity & access controls with ease.
Okta ASA Connector for Workflows
Automate time-based access to servers based on events through a simple no-code Workflows integration.
With the Okta Identity Cloud, Personal Capital can manage its large-scale cloud environment easily and securely
Okta ties everything to identity. Advanced Server Access binds user devices to authenticated sessions, so we have added assurance that each device can be trusted, at each point in time.
-Maxime Rousseau, CISO, Personal Capital