Advanced Server Access
Elegant Zero Trust identity & access management for cloud native infrastructure
Extend secure privileged access and automate the lifecycle of server accounts and policies across dynamic fleets of infrastructure at any scale
Designed for elastic cloud infrastructure
Unified identity and centralized access controls across any hybrid or multi-cloud environment
Secure server access across any cloud
Okta provides a central control plane as a SaaS for controlling access to Linux and Windows servers across AWS, GCP, Azure, or on-premises, abstracting the complexities of managing IAM at scale.
Lightweight agent approach
Okta Advanced Server Access ships with a lightweight server agent, installed through a few lines of bash or PowerShell baked directly into your infrastructure automation tools.
Integrates with your Infrastructure as Code
Okta streamlines the automation of identity & access controls across your infrastructure fleet using any infrastructure automation or configuration management tool of your choice. To learn how to automate Okta Advanced Server Access via your DevOps tools, visit the documentation ›.
Eliminates credential management pain
Advanced Server Access is backed by an ephemeral client certificate architecture that replaces static SSH keys & passwords, elegantly mitigating the risk of credential theft & misuse.
Zero Trust server auth
Every login is independently authenticated and authorized, and issued a short-lived tightly scoped credential to match.
Granular audit of server access
Clear record of who accessed what server from which device and when - exposed via Dashboard or exported to your SIEM.
Automates server admin onboarding at scale
Local server accounts and policies are automatically provisioned and deprovisioned across all downstream servers with Okta as the source of truth.
The only Identity-first approach to server access
Keep a unified directory of server users, groups, and policies within Okta Universal Directory, replacing the need to manage and protect shared accounts & shared credentials.
Central control plane for managing and deploying least privilege access
Okta enables command-level permissions via sudo entitlements as a function of its role-based access controls
Automate user, group, and policy provisioning and deprovisioning at scale
Okta manages the end-to-end lifecycle of server users, groups, and policies directly from Universal Directory across infrastructure fleets of any scale.
Delivers a seamless user experience
Designed to work out of the box with your existing SSH & RDP tools, and is easy to configure via API
SSH & RDP integrations
The Client Application integrates with your local tools, allowing you to simply use SSH & RDP as you normally would, transparently interacting with Okta for auth behind the scenes.
A clever feature of OpenSSH allows you to just type ssh from the command line to call the Client Application.
Open your local RDP GUI automatically from the command line using the CLI.
Everything about Okta is exposed as an API, allowing you to automate your identity & access controls with ease.
With the Okta Identity Cloud, Personal Capital can manage its large-scale cloud environment easily and securely
Okta ties everything to identity. Advanced Server Access binds user devices to authenticated sessions, so we have added assurance that each device can be trusted, at each point in time.
-Maxime Rousseau, CISO, Personal Capital