Universal Directory

One place to manage all your users, groups and devices, mastered in Okta or from any number of sources.

Up to 5x

faster integration of IT of acquired businesses

Eliminate

helpdesk calls for AD password resets

$50K

in cost avoided for an on-prem LDAP

Universal Directory - Workforce
Secure directory icon

Secure Directory with Integration

One place to manage all your users, groups and devices, mastered in Okta or from any number of sources.

IT.

Meta-directory

Integration to any app or directory, with lifecycle awareness and extensibility.

Secure Directory with Integration

One place to manage all your users, groups and devices, mastered in Okta or from any number of sources.

Secure directory and authentication

Okta's Universal Directory allows you to store an unlimited amount of users and attributes from applications and sources like AD or HR systems. Any type of attributes are supported including linked-objects, sensitive attributes, and pre-defined lists. All of it accessible by all apps in our OIN catalog, over LDAP or via API.

  • Securely store users and passwords
  • Password policy with options for complexity
  • Group-based password policy
  • Rich attribute storage and transformation for supporting rich SAML and authorization scenarios based on attributes
  • Integrate with internal systems to retrieve dynamic data or additional entitlements for downstream applications

AD/LDAP Integration & Management

AD/LDAP Integration & Management

Integration

  • Delegated authentication to AD or LDAP
  • AD password policy enforced with clear end-user error messages
  • Any number of directories or domains
  • Desktop SSO

Management

  • Password management
  • Password push to AD for Okta-mastered passwords
    (requires Lifecycle Management)

3rd Party IDP Integration

Allows you to connect any number of external IDPs and Automatically Re-Route Users with IdP Discovery based on user attributes such as email.

3rd Party IDP Integration

Meta-directory

Integration to any app or directory, with lifecycle awareness and extensibility.

Customizable Directory for Users Groups and Devices

Extensible user profile, group profile, device profile. The Meta-Directory features smart group rules to automatically group users based on attributes.

Customizable Directory for Users Groups and Devices
View users' lifecycle states

Lifecycle Stages

Easily see and change users through different lifecycle states.

Multi-source Integration

Multi-source Integration
  • OIDC and SAML Inbound JIT
  • Mastering users and groups from on-prem directories (AD/LDAP)
  • Mastering from an app (requires Provisioning)

Meta-directory with Attribute Mapping and Transformation

Meta-directory with Attribute Mapping and Transformation
  • Customizable mappings with transformations via OktaEL
  • Identity and profile sync
  • Attribute-level mastering (requires Provisioning)

Self-service password reset

With so many accounts and passwords to remember, it’s inevitable that (at some point) users will fail to recall their password and be forced to reset it – leaving users frustrated and bogging down IT with service and help desk calls if there is no automated password reset system in place. Okta’s self-service password reset allows the end user to reset their password, for both Okta and any number of Okta mastered systems such as AD and LDAP – saving IT costs, increasing productivity, and improving security.

Self-service password reset

Universal Directory

$2 per month, per user

All products are priced per user per month, and billed annually.
*Provisioning requires purchase of Universal Directory. Listed price is for typical use cases.
$1,500 per year contract minimum.