Introducing the Okta Devices SDK and API: A Better Way to Secure and Delight Mobile Users

g34lO5ZWrgiDAsYqWoBJ9Y2pkmll8L4HVb9IK8JCuBvetC2h6AJMOIug0YQ6a Ivk263M2hOJbwri7zm pBIWRkXUCs8SLRVNTcyTkhsj Ut hyua GDxEF6DMWpRWXKhcfM WjG

The world has increasingly become mobile-first, with customers demanding seamless experiences across all of their devices to interact with brands, services, and products. But when it comes to building these customer experiences, developers are often forced to make tradeoffs between usability and security—difficult choices that inevitably decrease customer engagement and waste valuable developer resources on functionality that rarely differentiates an app. What if you could balance frictionless customer experiences and secure, passwordless sign-in flows, without heavily relying on developer resources? Using Okta, you can, and it’s the latest way we’re making security stronger, experiences better, and developers’ lives easier. 

We’ve been paving the way for a passwordless future for a while now. Earlier this year at Oktane20, we announced Okta FastPass, a breakthrough passwordless experience for the workplace. Today, we’re excited to share how we’re extending the passwordless mission to customer-facing applications and devices with the Okta Devices SDK and the Devices API. These new innovations put the power of uniting user identity and device identity directly in the hands of developers to eliminate usability and security tradeoffs altogether. 

Unlike any other SDK of its kind, the Okta Devices SDK offers mobile developers on every major platform everything they need to build bespoke, passwordless sign-in flows. These flows include brandable, embeddable Okta Verify with push notifications and biometric capabilities—all in a single integration.

Enhance the omnichannel experience

With an estimated seven billion mobile users by 2021, tailoring customer experiences across all channels is critical to enhancing customer engagement. Developers need to reduce friction across omnichannel experiences, while still implementing high assurance security factors into the login experience. Passwords are notoriously cumbersome and insecure, as are factors like SMS and voice, so developers need to replace them with convenient and secure passwordless alternatives. And to further enhance the login experience, end users need the ability to easily and securely manage their devices. 

Unifying user identity and device identity

Powered by the Okta Devices Platform Service, the Okta Devices SDK and the Devices API offer a single integration to unify user identity and device identity, along with all of the tools necessary to build passwordless sign-in flows through branded push notifications and biometric capabilities. All of these powerful functionalities come together to deepen security without sacrificing customer engagement. 

nuum5BnlyYkX48RAQAzEI8lUtLKgWl85BsoAaOyDfGAkgN 68EkGswSb UmpKyPOkP3G0Bqed9b7s krN9ZtMzR0 9rTgoB6NvxLL2k6R22vVhdujvlYpZyRfhF1uwyE7oRBmpWp

wDqVzYyC5MByTWXDHWAAyOevI8sv7moo4cCT9f99LDnQmyqAix8UXBgtT3sBibIHfbxd8zMY8B6OyFXPdjM8u98h1KQK0T0E0QZ21azlNNYOVn6h1KMQLqbtqUm3LaaeR0ST e3l

Branded, embeddable Okta Verify Push 

Consistent branding across all of your digital touchpoints is an important way to create a cohesive customer experience. Using the Okta Devices SDK, developers can embed Okta Verify push capabilities into their mobile application, or even build their own branded Okta Verify mobile application. In either case, developers can send customisable, branded push notifications and use biometrics for a frictionless login experience. 

OJv6ykFXkzuAO7ExCRfHnj9cjaZWIfH63IUG 23j9O1ZCHbd9oaE1lPDYEjqxqKV6IDfTm1K  nB0KXHMlFlX6SarcLzq2areCVFu9YBHRN251ACKcEyOThj MCnGLoKOmpppZ53

Passwordless experience

We’re saying goodbye to passwords, and we want our customers to join us. Passwords are not only insecure, but also inconvenient for end users, especially in a mobile-first world. Using the Devices SDK, developers can build a fully passwordless authentication experience, where end-users can use frictionless biometric capabilities like FaceID to log in, without ever needing a password or PIN. In the future, the Devices SDK will also be able to capture device security posture to provide secure, seamless access.

xGBzhFGug4oqQOEuhe6glkGGaRXDj0 LAHiW7oMeI9hgURcjg sr2lIBiIYGEEDjTElQ30dhVq66DL3 1D4cxYmvNoeW5PWx c3YrTkMuMsRJ7byJ5K T7uOVIhihCM2cnnhNrWw

Transparent device management

The Devices API binds user and device identity by creating device identity and registration records in a user’s Okta Universal Directory (UD) profile. By establishing this trusted and binding relationship, end users have more power and visibility into their devices. They can easily register their devices within UD, and also rely on self-service device removal if their device has been lost or stolen. Using the Devices API, organisations can securely manage device lifecycle, while end users still have visibility and control. 

0h8ZZjhAZphcA9 t1VgnCjFuhHACJ IxDkItFt5aTFzvAEKhbtDMIA2cQV09YZ7wTDKcu7wioLdTByR7m3awNc9JjSo1lfek 0kKpSrdFygPVdPOhNoAs9TSUsSo05BYmBXZcC V

Secure and delight your end users 

By unifying user and device identity, organisations can enhance omnichannel experiences and increase customer engagement in a way that is both secure and seamless. Using the Okta Devices SDK and the Devices API, developers can reduce the friction of adding multi-factor authentication to their custom applications with a single integration for passwordless login—including cohesive, branded push notifications and biometrics. And powerful device management capabilities will allow end-users to easily register and remove trusted devices for authentication, all via self-service. 

Get started

The Devices SDK and the Devices API will be in Early Access in Q1 of 2021. If you’re interested in learning more, please reach out to your customer success manager or Okta account representative.

For more information, check out our Devices page, or contact us with questions.