Okta Diagnostic

Statement of Work

Confidentiality Notice

This Statement of Work constitutes Okta Confidential Information and is intended for the internal use of Okta Customers only to evaluate the Statement of Work and may not be duplicated, used or distributed externally or reproduced for external distribution in any form without express written permission of Okta, Inc.

Copyright (c) 2024 Okta, Inc. All Rights Reserved.


1. Project Summary

This Statement of Work (“SOW”) is issued under, and subject to, the terms and conditions of the Agreement (as that term is defined in the Order Form).

Okta Diagnostic Services “Professional Services” are based on Okta’s practices by analyzing your identity infrastructure against business objectives. Using this data to formulate a strategy for your future-state identity architecture requirements including best practices, current usage review, and Okta product evaluation. Okta offers Diagnostic services for Workforce Identity Cloud (“WIC”), Customer Identity Cloud (“CIC”),and Customer Identity Solution (“CIS”) customers. Okta Professional Services will work collaboratively with Customer’s team in a series of virtual technical workshop sessions, in order to assist with the Diagnostic. 

Customer acknowledges and agrees that:

  • The Services are provided on an advisory basis, for information purposes only and are not intended to convey legal, regulatory or similar professional advice;
  • Okta will not discover or identify all errors, flaws, vulnerabilities or weaknesses in Customer’s [Okta environment] through the Services described herein;
  • Customer, and not Okta is solely responsible for the security of its software, systems and products, and Okta’s provision of the Services does not in any way relieve Customer of any responsibility for the design, manufacturing, testing, marketing, sale and security of Customers software, systems, and products; and
  • Okta cannot and does not provide any guarantee or warranty that its Services will ensure Customer’s software, systems or products will not be vulnerable, susceptible to exploitation, free from hacking and/or eventually breached, even if Okta’s recommendations are followed.


2. Project Scope

The following activities shall be within the scope of this SOW:

Okta will conduct up to four (4) two-hour discovery session(s) over the period of three (3) weeks. During these session(s) an Okta Architect and customer will perform a top to bottom discovery of the customer’s Okta’s identity landscape. These sessions will focus on security and operational efficiency.

The findings gathered during discovery will be reviewed and analyzed by the Okta Architect over an additional one (1) week timeframe.  

At the conclusion of the analysis, the Okta Architect will provide a Readout Report, and perform one (1) review session with the Customer team for any additional feedback. The high level diagnostic report readout will include:

  • High Level Diagnostic Analysis
  • Current State Solution Architecture Diagram
  • Future State Recommendations 

Customer Obligations

The project sponsor will participate during the project kick-off and final readout sessions, and it is critical the following customer roles participate in all sessions and readout meetings:

  • Identity Infrastructure Architect / SMEs
  • Okta Architect / SMEs
  • Application Architect / SME
  • Security Architect / SME
  • Project Management


  • Security posture review will cover core usage patterns and will not include review of individual extensions, integrations, and applications.
  • This engagement covers discovery and analysis only. Customer may contract with Okta for additional consultation or implementation on the recommendations generated.
  • All Okta assessments, reviews, and checklists will be provided on Okta templates and forms.


3. Out of Scope

Not all Okta functionality, or features, are appropriate for this type of Professional Services or potentially require additional Okta technical resources. The following features, functionality and activities are out of scope for this Statement of Work:

  • Implementation activities
  • Okta configuration updates
  • Code, extension, application, and / or integration reviews
  • Support sessions
  • Troubleshooting sessions
  • Detailed technical design documentation
  • User experience activities including personas and journey maps, business process diagram, and multiphase roadmap
  • Any services or activity not specifically included in the Project Scope section of this SOW.
  • Features not supported within the Okta Integration Network (OIN).
  • Any functionality that is part of Roadmap, Beta or Early Adopter programs.
  • Customer staging, end user communication, and change management.


4. Fees & Expenses

Customer shall pay Okta the Fees and expenses set forth on the applicable Order Form in accordance with the terms of the Agreement. Actual reasonable and out-of-pocket expenses and taxes are not included herein and will be invoiced separately per the terms of the Agreement.

The Professional Services described in this SOW will be provided on a fixed fee basis.The term of this SOW (“SOW Term”) shall commence on the date the Order Form is fully executed (“Order Form Effective Date”) and shall expire on the earlier of:  (a) six (6) months after the Order Form Effective Date, or (b) upon completion of the Project Scope set forth in Section 2.  The Professional Services included in this SOW will be available to Customer during a eight (8) week period within the SOW Term commencing on the initial Project Kick Off Meeting (as defined above) which may be scheduled after execution of the applicable Order Form.  All Professional Services available under this SOW may only be redeemed during the SOW Term.   Project delays resulting from Customer’s failure to Cooperate (as defined below) will not extend the SOW Term Okta is not responsible for and shall be relieved of responsibility for performing any Professional Services which have not been completed during the term due to Customer’s failure to Cooperate or failure to schedule such Professional Services in a timely manner. No refunds or credits will be provided for any Professional Services Fees. Fees will be invoiced upon the execution of the Order Form and will be due in accordance with the terms of the Agreement.


5. Scheduling

Each project begins with a Project Kick Off Meeting to review requirements and to ensure that all stakeholders understand project objectives; identify resources, roles, and responsibilities; identify and mitigate risk; develop a project schedule, and maintain velocity during project execution. As such, Okta and Customer project managers will be responsible for planning, management and execution of a project schedule for Okta resources.

Okta will provide Professional Services during regular business hours (8:00 a.m. to 5:00 p.m.), Monday through Friday, except holidays (''Business Hours'') of the Okta office which is providing the Services. Okta will work remotely based on a mutually agreed plan throughout the execution of this engagement. Customer must cancel any Professional Services scheduled to be provided at least two (2) business days in advance or it will lose the scheduled design session(s) and that particular session will be marked as complete.


6. OKTA Resourcing

The Okta Project team will be assigned and onboarded following execution of Order Form and based on current resource availability. If Okta resources are released from the project due to lack of Customer engagement, we do not guarantee their availability when project activity resumes. As a result, new resources may need to be onboarded at the expense of Customer. 

Project Manager

  • Main point of contact for Customer
  • Schedules and organizes project kick-off.
  • Coordinates design  sessions in collaboration with Customer Project Manager. 
  • Tracks / Monitors project progress.
  • Manages any issues that arise.

Technical Architect

  • Technical subject matter expert with cloud and on-premise based IT system experience.
  • Documents, reviews, and manages technical requirements for specific cloud-based solutions powered by the Okta platform.
  • Develops architectural and strategic plans for cloud services.
  • Designs and implements identity lifecycle integration with Okta.
  • Provides technical leadership to the project team.


7. Customer Obligations

General Customer Obligations

The Customer will:

  • Remain engaged throughout the duration of the Professional Services by actively participating, providing requested integration information, and otherwise completing its obligations as set forth in this SOW in a timely manner (“Cooperate”).
  • Complete the functional and technical analysis and discovery.
  • Establish a communication and escalation plan including assigning appropriate resources who are knowledgeable about the technical and business aspects involved in the project including a dedicated project manager.
  • Provide access to any third-party services or software, as required.
  • Procure services or software and license rights necessary for the Okta Service to integrate to such services or software.
  • Pay any service provider costs required to enable SSO on applications that are in scope of this engagement.
  • Provide and test all of the necessary remote access by Okta to Customer systems prior to the commencement of the Professional Service.
  • Be responsible for all hardware/virtual machines operating system(s), browser(s), commercial application(s), code for custom developed applications, application/web server(s), directory(s), database, network, proxy, and firewall maintenance and security as well as an active backup and recovery strategy as applicable for the aforementioned.
  • Provide complete and accurate data for integration with the Okta Service.
  • Prepare and manage all corporate communications and training activities to promote greater adoption and higher satisfaction from Users. Sample communication templates may be provided for Customer use.


8. Assumptions

General Project Assumptions

  • Any service or activity not specifically included in this SOW is not included in the scope of this engagement.
  • Support for out of scope requirements will require the execution of a new SOW with an associated cost.  Upon execution of a new SOW, Okta cannot guarantee that the Okta project resources will be re-assigned to the new Professional Services engagement.
  • Okta preparation, research, and follow-up activities toward the completion of the Project Scope are billable and may not involve Customer Resources.
  • Okta and Customer will work together in good faith to resolve any issues quickly.
  • Scheduling for the Professional Services to be performed are based upon a first come first serve basis and will be mutually agreed upon by the parties prior to the commencement of the Professional Services hereunder.
  • Okta will follow independent software vendor guidelines for supported and deprecated versions of a product.
  • The Professional Services will be conducted remotely unless otherwise mutually agreed to by the parties.
  • Should any work be required at Customer’s site, travel expenses shall be invoiced in accordance with the Agreement.
  • Customer will be responsible for any fees related to Customer site travel expenses that cannot be refunded due to cancellations, such as airfare. 
  • All Professional Services are provided in the English language, unless otherwise agreed to by the parties.