UPDATED 09:00 EST / MAY 23 2018

CLOUD

Okta ‘freemium’ offer makes its authentication service available to anyone

Identity management software provider Okta Inc. is giving developers a free way to access its authentication service by exposing an application program interface they can use to layer security controls onto a single application automatically.

The company also said today that it’s expanding its access control options with a new set of contextual features dubbed Adaptive Single Sign-On and enhanced Adaptive Multi-Factor Authentication that enable access to be managed based on signals such as device, IP address and geolocation.

Okta is using its Oktane 18 conference in Las Vegas this week to further its stated mission of providing the identity layer for any application. The free version of its service enables anyone to build an Okta identity layer into a single website or mobile app provided that the software bears a “powered by Okta” notice.

“There are no limitations at all,” said Joe Diamond, the vendor’s director of security product marketing management. “They get the same capabilities as our full offering for a single app.”

The company said the freemium offer builds upon self-service features it introduced last August. API Product One App permits developers to easily add authentication to any web or mobile app with features like self-registration, compatibility with the OAuth 2.0 social connection standard, centralized identity management, multifactor authentication and direct access to the company’s Representational State Transfer API. The multifactor feature supports delivery of passcodes via short messaging service or Okta Verify authentication.

Okkta also provides a range of developer tools, including customizable user interface controls, a full software development kit and a Rest API that provides granular control over identity workflows and user experience. 

Beyond passwords

New contextual features incorporate a variety of device-specific variables into the authentication process with thresholds defined by security administrators. For example, a user attempting to authenticate from a recognized IP address on a known device and on the company network might not be required to enter a password, whereas a user  attempting to authenticate from an unknown device over a connection with a high threat level might be blocked entirely. Access can also be based upon whether the device is managed by popular endpoint management systems.

Administrators can set authentication policies for unknown devices by creating a unique fingerprint of each device based on a variety of reliable attributes. For example, users attempt to log in from a new device, they will prompted with a second challenge to confirm identity.

Contextual access can also learn from past behavior. For example, a user who regularly works from home on Wednesday may be permitted to log in without a password on Wednesdays if connecting from a known external IP address.

To help customers determine the most appropriate policies to use, Okta is introducing ThreatInsight, a collection of threat intelligence data drawn from the eight billion authentication requests the company processes each year.

“We have a great deal of insight about what a safe or malicious access attempt looks like,” Diamond said. “We’re now able to give that to customers to embed into their policies.” The overarching goal is to customize the login experience so that trusted users can log in quickly and painlessly while suspicious access attempts are blocked or challenged. “Most requests are safe, but all it takes is one motivated threat actor,” Diamond said.

In a separate announcement, Okta and VMware Inc. announced a partnership that will combine Okta’s access control layer with VMware’s Workspace One endpoint management suite. Customers will be able to define rules in Okta’s policy framework to process signals such as credentials, device, location, network and the protocol of the app or browser to set access policies.

Okta staged one of the more successful initial public offerings in the tech industry last year. After raising its offering price prior to going public in early April, the company saw its shares jump 38 percent on the first day of trading. They’ve more than doubled since then.

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU