Oktane19: Roadmap: Unleash the Full Power of the Okta Integration Network (OIN)



Chuck: Welcome, good afternoon! And thank you for the cowbell, much appreciated. Are you guys ready turn on the full power of the OIN? Yeah, me too. Fantastic. Well, I think we have a great, great deck here. Maggie and David will be giving you a tremendous review of what we've done and more importantly where we're going. And this session is really about you because as I mentioned earlier today, everyone in here plays a role in the Okta Integration Network. So, real quick, let me get to the next sort of slides... this is the safe harbor, so as he said, “Objects in the mirror are closer than they really are. Do not back up so your tires damage.” Okay, here we go.

Chuck: This is me. Okay, that was a few years ago. I'm getting better looking, day by day. I made an earlier analogy... Who was at the keynote this morning? Fantastic, everybody reigned it in and came in early, bright and early. The theme I was talking about was a notion of the role I get to play, and it really is a privilege, to lead an extraordinary group of men and women from cross engineering, across our partner organizations, to think about how do we connect to everything, to really help our partners get closer to their customers, how our customers get closer to their supply chain to their employees, how we connect everything to really bring the power of network effects. And it really is an orchestrated effort. And the cowbell analogy from earlier this morning was meant to convey that each of you does play a tremendous role. We don't come up with these academic notions of the whiteboard and wouldn't it be great to connect this, is we listen to you. We listen to our SE's. We listen to our customer success teams. We listen to our partners, what are the kind of use cases and the kind of things we are trying to achieve? So, this session is about you and us and how we're looking to connect everything and get network effects to everyone.

Chuck: Among my roles, beyond being a conductor, I'm a carnival barker sometimes, which means if you're a developer in the audience...Any developers out there? Okay, there you are, rock and roll. I'm actually calling out to you as well because we're trying to get you, folks, to actually build more into the OIN. And David will show you some more of the things we have around API's, hooks, protocols, where we're going because we want to make sure that we give you the best experience as possible to make your app really go full power. And a lot of times people also ask me, “What's important to you folks on the OIN team?” And it's really this, you're all rock stars. And by that, I mean every app matters to us. From the small three people and a dog in a garage to the 50 thousand person technology company, every integration matters to us. From the smallest developer to the biggest titans of tech, our goal is to make sure we provide the most phenomenal experiences we can for your developers, for your product teams, for your sales organizations, to remove the friction of getting your apps to market and as a customer, more importantly, to connecting to everything you need to connect to.

Chuck: So, as a bit of a backup baseline, what is the Okta Integration Network? Of course, as you well know, we are very proud of the fact that there's over 6,000 plus integrations across everything from applications where we got our start, and that's where we first used to be called the Okta Application Network. That's where Okta really got going and that was back in 2012 when I first joined Okta. And then as we moved along, our customers and partners took us through this journey that said, “Hey, that's great you connect to applications, but you know I need to connect to firewalls. I need to connect to VPN's. I need to connect to API gateways.” And so what was the Okta Application Network became the Okta Integration Network and I think that's part of the journey, as I mentioned, that what's really what we're trying to deliver is extraordinary experiences for our customers, partners, and developers alike.

Chuck: So, why does it matter? You know people refer... I love my boss Freddie, what he likes to always say is, “Nobody buys Okta just to buy Okta." They're trying to connect to something. They have a broader purpose. So, you know our vision is to enable any company to use any technology and we really do that through the OIN because the OIN is about how. How do I connect my users? How do I secure my endpoints? How am I going to remove the friction of making my company go faster in a more secure way? And so that's essentially what the OIN is about because we do that through our partners. Okta can't and won't create everything, but we sure as heck can connect you in the ways that we need to be able to deliver the kind of experiences you need to have.

Chuck: So, how we do it? A couple ways. Number one, open standards. I think what's great about what Okta's committed to, it's always been committed to open standards and I think that's a premise that any developer that's doing work with Okta is not just some proprietary platform that we're trying to lock you into. We're trying to help you go faster. So, we will always be committed to that foremost. And certainly around as a platform, some of the announcements from yesterday that Todd had to tell us about, was fantastic. We've got webhooks, the identity engines. There's a lot of capabilities that we have as API's and a platform which I think will really differentiate you and your business, whether you're a customer, whether you're building on Okta, whether you're buying Okta, I think the capabilities that we're going to be extending to developers and to our customers is going to be extraordinary.

Chuck: And lastly, we have a very dedicated cross-functional team. It is truly orchestrated across product management, engineering, legal, everyone. Everyone's involved within Okta to make the OIN greater and provide more network effects to everybody. And to that end, I want to now... I have the distinct pleasure, to introduce Maggie Adams and David Nissen, who are from our respective teams in business development and product managing. We're starting off with David. Please join me in welcoming him.

David Nissen: Thanks, Chuck. Hi, everyone. Thanks for coming. One of the most exciting things for me about coming to Oktane is talking to all of the customers and seeing the range of different kinds of organizations that are here. So, I've spoken to a customer who works for a chain of convenience stores. I've spoken to customers from the automotive industry, job seekers website, a whole range of different companies. And one of the benefits of that is if you look around and you look at the people sitting in front of you or the people sitting behind you, there's a good chance or a 99% chance that you don't compete with those people. They're not in your market, but you're all trying to solve the same business problems, “How do I protect my data,” “How do I make work life easier for my employees,” “How do I reduce cost?” And that's a big part of the value that we try to bring for you with the Okta Integration Network and how can we build that ecosystem, where people can collaborate to deliver great integrations built on top of Okta as the identity platform. And I'll come back to that point later in the presentation.

David Nissen: So, I don't want to spend too much time looking back. This is a roadmap presentation, so it's about what we're doing in the future. But, Maggie and I want to quickly touch on what we've done since the last Oktane in Vegas 11 months ago. When you hear us talk about the Okta Integration Network, you'll hear us talk about breadth and depth. And so, breadth being how many applications are in the integration network and depth being the depth of functionality of those integrations that we deliver. And so, this slide is about breadth and about growth. And you can see here, this chart shows growth of SAML integrations over time in the integration network.

David Nissen: And we're at more than 1,200 SAML integrations. And you might expect that over time that that number would start to drop off, but what we see is that actually, the proliferation of SaaS apps is growing faster and faster as the industry starts to deliver interesting components that make it easier to deliver applications. We heard from Twilio yesterday about how they deliver components that you can integrate for communications, SaaS platforms that mean that you don't need to run infrastructure anymore. And that means that we see more and more applications coming onto the market and we want to bring all of those applications to you. So, any application that you want to use anytime, connecting any organization to any technology is really the foundation of what we do with the OIN.

David Nissen: And so quickly to run through since the last Oktane, 150 new SAML apps, 60 new SCIM apps, and more than 40 new advanced integrations that Maggie's going to talk about. And one of the interesting things about these is that of those SAML and SCIM integration applications, Okta didn't build any of those integrations. We've been focused on building the tools, the platform, documentation, and a support program to bring an ecosystem of developers to build on top of Okta. And so all of those integrations were built either by the third party application vendor or by a systems integrator or a solutions partner, like Aqura, who has a booth in our expo hall downstairs, who are helping customers build integrations. To everything from legacy applications and on prim applications that don't support SAML and SCIM, through to HR's master solutions or integrations with applications that do support those protocols, but maybe you're looking for some different functionality than what the Okta integration provides. So, that was a little bit about breadth.

David Nissen: And then just quickly talking about depth, we're always adding new functionality to the platform to let us advance the integrations that we have built. And so over the last 12 months, we've added a bunch of new functionality. And I just picked two of these here today. So, group linking is about how do you connect groups in Okta with groups in a third party application and in particular when you've been using that third party application for some time and you've invested in building groups and group members in Okta and you have groups and group members in the third-party application and you want to seamlessly integrate those groups as you implement provisioning with Okta.

David Nissen: And then SCIM and discovery is about linking attributes. So, imagine that you have attributes that are important to your company, but maybe are not by default in the schema of one of the applications that you use like Box, for example. If those applications let you create custom attributes in their schema, the schema discovery functionality in Okta lets you reach out to that application, pull in that schema including those new attributes, and then create that link between the attributes that you have in Okta and the attributes in that downstream application. And all of these additional functionalities that we're adding are about how do you move data around your ecosystem? How do you move data into Okta and then from Okta to other applications and back? And then Maggie's going to talk to you a little bit about some of the advanced integrations that we've released.

David Nissen: Sorry, I've skipped my own slide. One step back. So, we build a bunch of integrations and we have a ton of integrations in the network, but we do recognize that sometimes you want to build your own custom application. And if you build your own custom application, you're not going to submit it to the catalog, but you still want it to support single sign-on and provisioning. And so, this year we released SCIM app wizard and that lets you provision to your own custom application or to any application that exposes a SCIM façade. And with that, I will, at the correct time, hand over to Maggie.

Maggie Adams: Thanks, David. So, yes, by way of introduction, my name is Maggie Adams and I'm on our strategic partnership team. You can basically think of me as one of Chuck's backup singers. And I'm here today to talk about some of our advanced integrations that we've delivered this past year and where we're going this upcoming year. You'll see a whole lot of logos. We love our logos at Okta, up on the screen, and these are all of the integrations and use cases that we've delivered this past year across workforce identity, customer identity, and security more broadly. And why do we do these? Why did we build these? Why do we work with partners on these? It's not just because it's fun, I mean it is. It's not because we're bored because we're pretty busy. It's really because you've asked for it. Just as Chuck's said, it's really delivering the value that you need and solving the use cases that you have.

Maggie Adams: So, a whole lot of breadth. I could talk about all of them, but just to focus on a couple, a couple that we've done this year. So, let's start first with ID proofing. So, this is really how Okta and our ID proofing vendors can partner together to increase identity assurance. So, this is when you, as a user, are registering for an account, let's say an Okta, you work with these vendors to provide enhanced assurance that you are who you, in fact, say that you are. So, this could be something like a document providing a picture of your passport or it could be knowledge-based. It could be the name of your imaginary friend when you grew up. So, the flow here is... our classic use case is anti-fraud.

Maggie Adams: So, let's say that I'm logging into my bank account, let's say Wells Fargo. And in order to register my account to say that I am in fact Maggie Adams, I may take a picture of my drivers license with a vendor like [Acuen 00:12:52]. Acuen checks on the background that I am in fact Maggie Adams and registers my account. Let's say I need to do a sensitive transaction within Wells Fargo, like send a wire transfer, let's say to my little brother who's in college and Wells Fargo can then prompt for Okta MFA within that flow to make sure that it's me and not my little brother trying to wire himself money from my account. So again, working together with ID proofing vendors, we can solve use cases like anti-fraud, that's a very classic one, even things like proof of membership, that you are in fact a student, that you're a veteran, and that you should benefit from certain group benefits, even some more thought forward kinds of things like a digital wallet and having a pervasive identity that you can carry with you. And then, that's just in the customer identity world. There's a whole lot within workforce as well, solving MFA registration etcetera. So, we're really excited about these partners and several of them are in the expo floor.

Maggie Adams: Moving next to devices, everyone in the room probably has a mobile phone. And my guess would be that everyone uses their mobile phone to access something like their email or do work. The problem here is that making sure that those users are securely accessing the right resources on the right devices. So, Okta works with endpoint management systems to really provide that unified access. So, there's an explosion of devices. There's your laptops, your personal phones, your corporate resources, and for your security teams, for your IT teams, it's a real headache to manage them. How do you manage your corporate resources, manage BYO devices, all while keeping your users and your data safe? So, with Okta working with the likes of Jamf, VMware, etcetera we can provide secure access for users across all of their devices to whatever resources. So, some integrations flows here could be enrolling devices seamlessly, essentializing and consolidating access, and then enforcing device compliance to those downstream applications and that's on the management side. On the security side, it could be enforcing device trust policies across your users and your devices and your network. So, streamlining those security policies and then applying those for conditional access to those downstream apps.

Maggie Adams: A great example actually of this is Adobe. I actually think they're talking right now, but they are a great customer of ours and they have a project called Project Zen. This is really their zero trust initiative within their organization. And they really wanted to work with Okta; they standardized on Okta for identity and VMware for the device management to provide that seamless access.

Maggie Adams: Moving next to the world of API's. So, in this, we've talked about connections and Okta wants to connect everything. Well, in this interconnected world, we need to secure those microservices that enable all of that. You know Twilio, helps developers build communications API's. So, Okta works alongside API gateway vendors to provide secure access and secure management for those API's. So, again the explosion of connections, microservices, API's, it's a lot to manage for IT teams, security teams. How do you make sure that the right internal users, the right third party developers are getting access to those API's? And how are you making sure that that access is secure? I mean recent headlines were I think Panera and Facebook actually, were both breached because of API vulnerabilities. So, it's very, very important to secure all of those exposures.

Maggie Adams: So, Okta working alongside API gateway vendors, helps us extend Okta identity and access from the app layer to the API layer. So, with this, Okta provides authorization servers, OAuth access tokens, to those downstream API gateways who make those allow and deny access decisions. And with that, I'm going to pass it back to David for a look ahead.

David Nissen: Thanks, Maggie. So, we spent a bunch of time talking about things that we're doing in the past, let's look at things that we're going to be building in the future. If you were at Todd's keynote yesterday, you heard this idea that we have 6,000 integrations in the catalog today. But when we look at the future we think of 60,000, or 600,000, or unlimited integrations in the catalog. And we're adding a bunch of functionality that's going to expose more integration surface area so that we can have more types of integrations in order to reach that goal of having unlimited integrations in the catalog. But, with unlimited integrations in the catalog, you need to be able to find what you're looking for.

David Nissen: And so, something that we're working on this year is a new version of the catalog. How do we take the data that's there about the integrations and surface it so that you can find both what you're looking for, but also how do you find things that you didn't even know you were looking for? How do we tell you that there's a new integration for an app that you already use? Or new functionality added for an app that you already use? And the new version of the catalog is really focused on that. How do we add more content so that you don't have to dig down into documentation to find details about what a specific integration supports? And just as importantly, how do we improve search? So, when you search, your searching not just for the application that you're looking to integrate with, but in the future of hooks and workflows, how do you find other components that can integrate into that workflow? And I'll come back to that point in a moment. And that touches on this idea of more integration types, beyond single sign-on and provisioning. How do we bring all of that data and make it accessible and let you know what's there?

David Nissen: Another thing that we're adding is support for OIDC for OIN apps. SAML has long been the industry standard for B to B app integration, but as we've seen the rise of OAuth, particularly in the consumer space, people started hacking authentication on top of OAuth. OAuth is an authorization protocol and people started then hacking their own versions of authentication on top of it. So, in response, the group, the standards body that responsible for OAuth, built open ID connect, as in authentication standard on top. And we've started to see a little bit of traction with that with some application vendors choosing to use OIDC instead of using SAML for integration. So, you'll see a beta for that in the first half and then a GA for that in the second half.

David Nissen: And then, when we talk about expanding the catalog and getting to that 600,000 or unlimited applications, we're moving beyond single sign-on provisioning and we're letting you tap into different parts of the pipeline of Okta's product. And the first part of delivering on that is putting hooks into the products that let you tap into those pipelines. So, I have an example here in the registration pipeline and you saw a demo of this in the keynote yesterday, where during the registration flow we reached out to an identity proofing solution to get some validation on a user based on nothing more than just a name and an email. And these hooks are going to let us tap into those pipelines to reach out to those partner integrations and so we want to add those partner integrations to the catalog. How do we make those pluggable components or easy to integrate? Because the value that we deliver in the Okta integration network is to make these integrations easy.

David Nissen: We could just give you tools. Some of our competitors just give you tools and let you build these integrations yourself. But, there's not just a building component to that, there's also ongoing maintenance when you build custom integrations. And the OIN is about delivering you that value in pluggable components that are owned by the ecosystem, so owned and built and maintained by Okta or by a third party vendor or by anyone else in the ecosystem, so that you can easily build complex integrations without taking on too much of that maintenance burden yourself.

David Nissen: Another example of those hooks for a feature that's coming in the near future is being able to hook into events. So, how do you subscribe to get a feed of events so that you get a proactive notification when something happens in Okta? And you can see here a bunch of examples of events that you could tap into, so things that happen every day in Okta. A user's removed from a group. A user import process failed. A new user is registered. How can you use those hooks and take applications from the Okta integration network to build flows, to go and automate your business process? And so you can send an email to a group admin. You can create a ticket in service now or initiate a marketing campaign.

David Nissen: And then, the thing that I'm most excited about, that we announced here at Oktane, and the thing that is really going to take the Okta integration network to the next level is around the workflow solution that we'll be delivering. It's an interesting challenge for us because a big part of that workflow and the value that we're going to deliver, along with hooks and API's, is around making your integrations customizable. How do you build something that is not just a generic solution, but really delivers on your specific business process that you're trying to solve? But, at the same time a big part of the value that we know that we deliver in Okta is that Okta is easy to use, is that things are out of the box. You don't have to customize everything. You don't have to build, and own, and maintain everything. We give you these pluggable components.

David Nissen: And so as we work on a first version of this product to bring to you as customers to use, we're really thinking about how do we bring the benefits of both of those things? How do we make something that's out of the box and has pluggable components that you can use and have pre-canned workflows that work end to end that are maintained? And as API's change in Okta or API's change in any of those third-party applications that you're integrated with, that those things just seamlessly keep working for you because other people own those components and are maintaining those components. But, then, how do we also let you do customization? And when you do your own unique customization, then there's the potential that you take on some of that support burden for the customized flows that you're building. And so, we're really working hard to figure out how we can deliver for you value in both of those areas.

David Nissen: And this is a big investment for us. The product is amazing. The more I see it, the more of the demos that I've seen at Oktane here, I'm blown away by both the usability of the tool, so the ability to create a simple custom workflow in minutes, but also the power of the tool. So, how can you go and take attributes and have attributes manage through a really complex custom workflow from end to end? And all of this in a really seamlessly simple to follow and manage workflow tool and also no code and that's really critical. So, we have an answer to those problems and we're trying to figure out how do we package this and bring it to you in the best possible way? How do we let you automate your custom business process without needing engineering? And that's critical. We talk about this war for talent. We, as a technology company, we know how hard it is to find engineering resources. And we also know that often if you can move the design of those business processes closer to the people who are really involved in them on a day to day basis, then you can come up with a better solution. How can you put that power in the hands of the Okta admin and the IT admins, who understand the business process that they're trying to automate? And also know when things are changing.

David Nissen: So, if you have a custom built workflow that uses a particular identity proofing solution and you decided that you want to change your ID proofing solution, you want to choose a different vendor, you don't need to put that on a road map six months in advance in order to get it with your engineering team to go and build changes to that workflow, it's a no-code solution. So, an admin can go and make that modification. They know that it's coming. They can plan for it, build it, and test it and make sure that you seamlessly transition to that new solution.

David Nissen: And then, like I mentioned, SaaS with supported connectors. How do we make as many of these components pluggable and supported by Okta, so that you don't have to maintain them? Someone else is making sure that if the slack API changes, that the pluggable component that you're selecting in your workflow is keeping up with the versions of slack's API as they make improvements, as they add functionality, and as things change.

David Nissen: And then, part of what's most exciting and part of how we get to that 600,000 or unlimited integrations in the catalog, is around leveraging best practice and community reuse. And I made that comment early on about how if you look around, that 99% of the people in this room, you don't compete with them. You're all trying to solve the same problems. And one of the things that we want to do with the Okta integration network is we've started leveraging how do we bring ISV's building onto the platform? How do we bring systems integrators building onto the platform? But, with these workflow solutions, when you as customers are building these solutions and you're thinking about business problems and you're building solutions for those business problems, how can you share them with the rest of the Okta community? How can we have everyone in this room submitting integrations in the catalog?

David Nissen: How can we make sure that using the new version of the catalog and use search and tools like reviews and rankings and using erethistic to look at usage and how happy people are with integrations to then surface up to the top and show you what are the best integrations, whether they're built by an application vendor or built by an IT admin from any of our customers? How can we share that, raise it up, make sure that you know what's best and let you leverage the power of the network? And that's the power of the ecosystem and the power of the network effect is that the more people are building the more tools we have, the more tools we have the better the platform becomes, and the more customers we get. And it's that virtuous circle. And so, that for me, is really exciting and we have a lot of work to get there, but our roadmap for this year is really focused on how do we get workflow implemented and how do we get the catalog ready to support that exponential growth in the integrations that we have?

David Nissen: So, we're really interested in hearing your ideas. You guys are the experts on the business problems that you're trying to solve. We're here to work with you to try and solve them. So, if you send an email, if you have a great idea, or you want to participate and give us some feedback in order to help guide our direction for how we're building out these products, then if you send an email to [email protected], with subject Oktane, I'll respond to you. I built out a quick survey. There's a few questions in there, but there's also a bunch of free texts where you can just submit ideas for us.

David Nissen: And while people are taking this note, I'll give you an example of a workflow that I've been wanting to build in Okta for a long time and that with the power of this platform, I think we can finally deliver. So, often off boarding for many applications is quite difficult. Some applications you can just turn off a user. You just deep provision them and you're done. But for a lot of applications, there's content in that application that you want to manage and a classic example here, that we cite quite often, is Box. So you've got an employee, they're leaving, they've generated a lot of content, and stored it in their box folder. And you don't want to delete that when they leave. You want to do something with it. And we built some basic functionality into our Box connector today. It lets you make a decision about when an employee leaves, I move it to a shared folder or I delete it or some basic flows like that. But, it's very much a one size fits all solution. So, you configure it once and every single employee, when they get off boarded, have the same action taken. What I'm interested in doing is how do we build a multi-app workflow that makes that a process where the manager is involved during that off boarding in the decision making about what to do.

David Nissen: So, imagine a situation where you're using HR as a master. You have your HR system integrated with Okta and you set a last day of work, “Jane is leaving the company. She's leaving the company on Friday of next week and I want to know what to do with off boarding for her.” And so, I built a workflow where I use a pluggable component that is a slack bot. So, Okta's built a slack integration and that slack bot then using your custom workflow understands all the applications that Jane uses and all the ones that require decision making about off boarding and that slack bot can initiate a discussion with Jane's manager.

David Nissen: Okta has that information about who is the manager and can initiate that discussion and say, “Hey, your employee's leaving on Friday of next week. There's these three applications that she uses that require decision making about all right in Box, do I want to delete her files? Maybe they're not important. Do I want to move them to my own folder as her manager? Or maybe I already have a replacement for Jane and I just want to move all her content directly to her replacement.” So, I can have that kind of interactive discussion via slack or automated by workflow. I can have an escalation path. So, I send a message, if I don't get a response, I wait 24 hours, I send it again. If I still don't get a response, I go back into Okta and I look at Jane's managers' manager. And I go and initiate that same interaction with her.

David Nissen: So, building those kinds of interesting workflows that use multiple applications, today Okta's been very much Okta to a single application. But, building those multi-app workflows is something that for me, is really exciting and I'm really interested to see what other ideas you all have about things that we can build as products that would help you solve business problems. So, please send us an email, fill out the survey, and I'm interested in catching up with many of you here have some great ideas, no doubt. And with that, back to Maggie.

Maggie Adams: If you can't tell, we're very excited about workflows. Okay, so back to some of the advanced integration use cases and this is what's coming up this year. So, we're going to start first with one of my favorites. It's security orchestration. It's how Okta can work with security analytics and security orchestration tools to help really use identity as a security control point. So, you know if anyone in the room here is in a security team, you know that you're constantly bombarded with alerts, left and right. You're managing all of this dispersed infrastructure across your environment. And frankly, you don't have enough resources often to really look at every alert. A lot of times, they can be false positives. But, the tricky thing is, of course, you don't want anything to fall through the cracks in case a breach did occur. And if something does fall through the cracks, you need to really remediate that very quickly. And if we just look at the headlines, we know that very often data breaches may come by and often the cause are credentials. So, hackers are going after the weakest link in the chain. They're going after the end user.

Maggie Adams: So, how Okta works with these tools to really provide that identity-driven security is as follows. You have a security analytics tool in your system, something like Splunk et cetera, and these tools aggregate logs from across your environment into one centralized place, where they provide analytics and then surface alerts on actions that you should take. These tools then integrate with other tools like other orchestration tools. These are the likes of Phantom, now bought by Splunk or Demisto with Palo Alto Networks. These tools then provide those security orchestrated workflows to help remediate those alerts and especially in the case of credentials based attacks, they have native API integrations with Okta to then enforce remediation actions against that user and against that potentially compromised account. So, these are actions like prompting for step-up authentication, killing a session, or even forcing new credentials entirely when it's very clear that a breach has happened. So, these are integrations that you can see actually very shortly. I think Q2 is what we're expecting with this, so specifically Phantom and Demisto should be coming out very shortly. And again, this is identity-driven security with security orchestration tools.

Maggie Adams: Moving onto email security. I would imagine a lot of people in the room have Office 365, but this applies for G Suite as well. This is how Okta works with best of breed security vendors to provide security for Office 365. So, Okta provides the identity security and vendors like Proof Point provide that email security in advance throughout protection. So, as we know Office 365 is a huge driver of cloud adoption and cloud growth. Here at Okta, we publish our businesses that work report every year and every year Office 365 is at the top of it. But, Office 365 is ultimately a productivity tool. It's not really a security tool. And, if I can say this, in true Microsoft fashion, it suffers from good enough syndrome when it comes to security. So, working with vendors like Proof Point, Okta can help secure that access to your Office 365 account and close loopholes around MFA, specifically as it relates to legacy authentication. Proof point then provides that email security, that data security, to make sure that your users aren't receiving those fishing emails and if they do and if they click on it, they will remediate it very quickly.

Maggie Adams: So, the solution here, at least as it stands today, is that when Proof Point detects that a user has clicked on a fishing URL, they will prompt for that user to be put into an MFA group with an Okta so that the user, whose actually the user, can still get into their account, but the hacker, who has those potentially stolen credentials, are blocked out. So, together it shows how we can provide people-centric security and provide best of breed security for Office 365.

Maggie Adams: Up next, so bot detection. This is how Okta works in conjunction with bot detection vendors, like Shape, [Archos Labs 00:36:42], et cetera, to make sure that only the right traffic and the right users are accessing your site. So, as we know, or as maybe you know, I think the stat that I recently heard was 60% of internet traffic is not by users, it's by bots. It's probably even more than that. So, these bots generate a ton of traffic on the internet, but the thing is these bots aren't always good bots. Sometimes they're malicious bots and they can bombard your website with login attempts, password spraying, et cetera kinds of attacks and if you don't have the right precautions in place, you could be getting de dossed and your users are getting locked out of their accounts. So, working in conjunction with these vendors, vendors like [Disto 00:37:33] networks, Shape security, they will help filter good traffic from bad traffic and then as a first layer of defense, and then as a second layer of defense, Okta helps filter out good users from bad users. So, together we can provide multi-layer security and protection for your external websites.

Maggie Adams: And then, last but not least, this one is a fun one. It's forward thinking. It's very zero-trust centric. So, this is how Okta works from end to end security zero-trust flow with endpoint security vendors, like Carbon Black, Crowdstrike, et cetera, to provide really rich endpoint security context, passing that through into Okta to aggregate it with our user context and then providing conditional access to downstream applications. So, this is to make sure that the right users are getting access to the right resources for the right amount of time on the right devices, of course.

Maggie Adams: So, this is something that we are building out today. You can maybe see this later this year. But, again as we work to deliver zero-trust solutions for you. And with that, I'm going to pass it back, be mindful of time, to Chuck to close us out.

Chuck: Well, hopefully, that was a really tremendous view, if you will, around where we've been and, more importantly, where we're going. I think there's something for developers, there's something for customers, and there's certainly something for our partners. But, I think the key element here for you to understand is that you are all part of this orchestra and I really mean it. We need you to lean in and play with us, which means tell us where you want us to go. Give us feedback on the tools. David is looking for feedback on workflow, in particular. We listen, that's the one thing. We absolutely listen and you are all rock stars because we listen to every one of you. Again, I can't emphasize that enough. I don't care how big a company you are or how small a development team you are, or a startup you might be, we want your success. We want you in the OIN. We want to make sure you're part of the network effects and in kind, we're giving network effects to you.

Chuck: And speaking of network effects, I want to really reemphasize network effects for good. We are so excited to have, especially the Okta for Good team here up at front, please join me in a round of applause for them, Adam Rosenzweig and [Aaron Batafelter 00:40:00] who worked with us to bring these apps for good programs to fruition. And for you customers in the room, my ask of you is this, turn this on, enable your employees, connect them to those most important organizations that are making such important impacts across the globe. We're removing the friction of your corporate adoption and we're moving the friction of getting them to volunteer. So, all you got to do is turn it on and it's a phenomenal way for you folks to give back and to engage and we'll continue to build out this program, in particular in the coming months. So, if there's a non-profit you're working with that you're particularly involved with that you want to get into the apps for good program, send them to us [email protected] and we'll get it done.

Chuck: And for a roadmap, this is just a summary of where we've been and where we're going. As you can see, there is a tremendous amount of effort across the board from endpoint protection, to anti-fraud and customer identity solutions, apps for good, and certainly around workflows. There's a whole breadth of what areas we're looking to open up for you and to help you securely connect, do whatever you need, and workforce identity, or customer identity, or just to make your business go faster.

Chuck: So, with that, that is our presentation. This is how we hope that you're going to turn on the full power of the OIN and we like to open it up now for questions to any of us.

Speaker 4: For questions, please raise your hand and I will bring the microphone to you. Questions?

Chuck: There we go, fantastic.

Speaker 4: Someone has to be first.

Chuck: Way to go, Joe.

Joe: So, one of the things we've been looking at is that when we use an application from the OIN, there's sometimes some custom attributes that we want to add on top of that. Rather than create our own SAML integration, we want to use the OIN and it'd be nice if there was enable advance features or "click this box and beware that you're going outside the scope of the canned OIN", but it will allow us to still leverage all the work that you've done, but add some additional attributes, that maybe the vendor now needs since the last time the OIN was updated. Is that a feature that is on the roadmap that Okta would consider? Or is it a matter of once you go outside of it, you've now broken the framework and it's not something that you can be in the catalog as such.

David Nissen: I can talk to that one. So, you're talking about adding custom attributes to the SAML assertion?

Joe: Adding custom attributes to a canned OIN integration, yes.

David Nissen: Yep. So, in our wizard app, so where you create your own integration, we already support the ability to add custom attributes into the SAML assertion, but we don't currently support it for the apps that are in the catalog. So, that's I think just to frame the question and that is actually on the road map. Of the top of my head, I think it's going into beta in the first half of this year and then so hopefully to EA or GA in the second half of the year.

Joe: Fantastic.

David Nissen: Yeah.

Chuck: That's a great question, Joe. Thank you. I wouldn't want to follow that. Please, somebody, I'll go. But, that was very thoughtful.

Maggie Adams: And if you have any ideas for workflows or even more advanced integrations or use cases that you have, talk to us afterwards.

David Nissen: Yeah.

Speaker 4: We do have time for one more question. Last call, in three...

Chuck: Going, going, gone. All right, just closing words. Thank you. You guys made the OIN. You made Okta what it is. I meant what I said earlier this morning, play more cowbell, all right? Let's get it done. Tell us what you want! Thank you.

David Nissen: Thank you.

Okta continues to evolve our platform to help you get even more value from your existing technologies. Join this session to learn about the latest features that enable you to unify your approach to identity-driven security, as well as specific new integrations in the Okta Integration Network. Get a sneak peek into the new catalog design, explore developer community enhancements, see OIDC in action, uncover new platform capabilities, and more. This is your chance to hear from product leaders and provide feedback to help guide Okta’s development of the next generation of features and integrations to power your enterprise security strategy.