Lifecycle Management
Automate all lifecycles with any business process for external and internal users.
30 min
saved on every application provisioning request
30 min
saved on determining and configuring groups and entitlements
$20
per user saved in preparing for audits each year
Pre-Integrated Provisioning
Rich integrations for mastering and provisioning that support coarse-grain to fine-grain management
Integrated to Applications & Directories
Over 80 pre-integrated applications for provisioning/de-provisioning
- Hands off real-time user provisioning triggered by your preferred HR system or Application, e.g. Workday, UltiPro, BambooHR, SuccessFactors, Google for Work
- Integration to Active Directory or LDAP including extended rich profiles, group push, and license and role assignment all in a single pane of glass
Deep Integration
Go beyond syncing users - sync groups, contacts and devices.
Automatically detect different users attributes in different applications, along with application entitlements.
Match directory groups with application groups, assign and revoke licenses, and create a custom offboarding process.
Extensible
- Extend the power of provisioning to your custom applications using SCIM
- Use the Okta API to make any application the profile master
- Get automated provisioning for your any application using the cloud or on-prem provisioning SDK
Universal Directory
Directory and meta-directory, designed for integration to any app or directory, with lifecycle awareness and extensibility
Customizable Directory for Users Groups and Devices
Extensible user profile, group profile, device profile.
Lifecycle States
Easily see and change users through different lifecycle states.
Multi-source Integration
- OIDC and SAML Inbound JIT
- Mastering users and groups from on-prem directories (AD/LDAP)
- Mastering from an app
Meta-directory with Attribute Mapping and Transformation
- Attribute-level mastering
- Customizable mappings with transformations via OktaEL
- Identity and profile sync
Prescriptive Lifecycle Orchestration
Sophisticated control of identities across lifecycle states with automation through rules, policies, workflows, and APIs for full customization
Lifecycle Engine
- App access and provisioning tied to lifecycle states
- Create and deactivate accounts in applications
- Manage entitlements
- Group discovery, matching, push and updates
Policies for Access Decisions
- Group Membership Rules
- Union of Group Entitlements
Workflows for IT Process Automation
Multi-step approval with specific people or groups
Multi-step approval with specific people or groups
ITSM, Workflow and Governance Integration
- Integration to ITSM and Ticketing (via API)
- Integration to workflow and orchestration (via API)
Simple Access Governance
Identity governance with a focus on access and ease of use that provides account and entitlement reporting with comprehensive data
Access Report
App assignment report, application access.
Deprovisioning Details Report
Apps automatically deprovisioned, apps manually deprovisioned.
Access Discovery and Remediation
- Read account and entitlement data from applications
- Access Discovery Report that compares application data against Okta system of record
- Remediate access by running an import from the application to sync, then controlling that user’s access in Okta
3rd Party Identity Governance Integration
Governance API that publishes application account and entitlement data collected through discovery, and diff data vs. Okta system of record.
Lifecycle Management
Starting at $4 per month, per user
All products are priced per user per month, and billed annually.
*Provisioning requires purchase of Universal Directory. Listed price is for typical use cases.
$1,500 per year contract minimum.
Customer Journey
Okta makes the Day One experience delightful for Medallia new hires
>900%
ROI