My new company (spin off) has decided to use OKTA and I like it. What we see is simple, you logon to OKTA and see all the apps the company uses for timecards (Deltek), payroll (UTLIpro), Travel expenses (Concur), Learning (Skillport), Benefits (Empyrean), talent management (PeoleFluent), rewards (OC Tanner), the company home page and the company store. Is seems simple an useless, why not web page links, but it does make the apps recognize the company they are for and they accept your Windows login credintials. Some of the apps make you type in your credentials again and some don’t, so that is nice. As far as I know, that is all it does and the User Interface level. I suspect it adds more value behind the scenes and reduces my company’s need to back more back office workers to keep things straight.

FYI, I am long ULTI (UltiSoft, which creates the Ultipro app).

Another non-actionaable post, but may a tiny bit of helpful info.


Okta is an identity management service.

The services that are listed on that landing page are entirely up to your company. Any company using Okta will populate the list of services from services that are part of the Okta Integration Network.

The benefit to your company is that the can enforce a security policy for authentication and authorization across all of the services they use. So they can force you to change your policy every 30 days, enforce password entropy requirements, require multi-factor authentication, and they can disable your account in the event of compromise just from Okta (instead of per service).

https://developer.okta.com/blog/2017/06/21/what-the-heck-is-… is a good explanation of the technologies involved. To summarize briefly they are basically OAuth 2.0 and OpenID. OpenID is a standard around authentication (“Are you who you say your are?”) and OAuth 2.0 is a standard around authorization (“Are you allowed to use what your are asking for?”).

I can’t say for sure, but the reauthorization to some of the services your company uses are probably quirks of their OAuth 2.0 integration.

It is for the most part a security company.