Advanced Server Access
Automate identity and access management across dynamic server fleets at any scale

Adapt to the cloud operating model
Unified identity and access purpose-built for dynamic hybrid and multi-cloud environments
Secure server access across any cloud
Okta Advanced Server Access enables you to manage and automate identity and access controls for Linux and Windows servers in the cloud or on-premises.

Lightweight client-server approach
Okta Advanced Server Access is delivered as a SaaS, shipped with a lightweight server agent and client application.
Integrates with your Infrastructure as Code
Okta streamlines the automation of identity & access controls across your infrastructure fleet using any infrastructure automation or configuration management tool of your choice. To learn how to automate Okta Advanced Server Access via your DevOps tools, visit the documentation ›.




Certified Terraform Provider for Okta Advanced Server Access
NEW: now developers who use HashiCorp Terraform to automate infrastructure provisioning across AWS, GCP and Azure can configure Advanced Server Access in parallel with a certified Terraform Provider.
Automate Server Lifecycle Management
Remove barriers to scale by automating server accounts and policies with Okta as the source of truth
The only Identity-first approach to server access
Build a Zero Trust network and create a unified directory of server users, groups and policies within Okta Universal Directory, replacing the need to manage and protect shared accounts & shared credentials.

Privileged identity and access management centralised in one control plane
Okta enables command-level permissions via sudo entitlements as a function of its role-based access controls

Automate user, group, and policy provisioning and deprovisioning at scale
Okta manages the end-to-end lifecycle of server users, groups, and policies directly from Universal Directory across infrastructure fleets of any scale.

Solve compliance with less burden
Enforce least privileged access controls to adhere to SOC2, PCI-DSS and FedRAMP guidelines.
Zero Trust architecture to enforce least privileged access
Every login is independently authenticated and authorised, and issued a short-lived tightly scoped credential to match.

Granular audit of server login events
Clear record of who accessed what server from which device and when - exposed via Dashboard or exported to your SIEM.

Capture and log interactive SSH sessions
Funnel traffic through an SSH Gateway service that captures interactive sessions and delivers to a secure object storage location in your environment.

Keep developers secure and happy
Extend familiar SSO & MFA workflows to SSH & RDP authentication for human and service user use cases
SSH & RDP integrations
The Client Application integrates with your local tools, allowing you to simply use SSH & RDP as you normally would, transparently interacting with Okta for auth behind the scenes.

A clever feature of OpenSSH allows you to just type ssh from the command line to call the Client Application.

Open your local RDP GUI automatically from the command line using the CLI.
Extensible API
Everything about Okta is exposed as an API, allowing you to automate your identity & access controls with ease.

Okta ASA Connector for Workflows
Automate time-based access to servers based on events through a simple no-code Workflows integration.

Advanced Server Access
Ready to secure your infrastructure with Okta? Try Advanced Server Access free for 30 days.

With the Okta Identity Cloud, Personal Capital can manage its large-scale cloud environment easily and securely
Okta ties everything to identity. Advanced Server Access binds user devices to authenticated sessions, so we have added assurance that each device can be trusted, at each point in time.
-Maxime Rousseau, CISO, Personal Capital
