Enterprise-Ready: Going Beyond MVP

© Okta and/or its affiliates. All rights reserved. Confidential Information
of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Going Beyond MVP: Make your app loved by enterprise customers Aaron Parecki @aaronpk

This presentation contains “forward-looking statements” within the meaning of the
“safe harbor” provisions of the Private Securities Litigation Reform Act of 1 5, including but not limited to, statements regarding our financial outlook, long-term financial targets, product development, business strategy and plans, market trends and market size, opportunities, positioning and expected benefits that will be derived from the acquisition of Auth0, Inc. These forward-looking statements are based on current expectations, estimates, forecasts and projections. Words such as “expect,” “anticipate,” “should,” “believe,” “hope,” “target,” “project,” “goals,” “estimate,” “potential,” “predict,” “may,” “will,” “might,” “could,” “intend,” “shall” and variations of these terms and similar expressions are intended to identify these forward-looking statements, although not all forward-looking statements contain these identifying words. Forward-looking statements are subject to a number of risks and uncertainties, many of which involve factors or circumstances that are beyond our control. For example, the market for our products may develop more slowly than expected or than it has in the past; there may be significant fluctuations in our results of operations and cash flows related to our revenue recognition or otherwise; we may fail to successfully integrate any new business, including Auth0, Inc.; we may fail to realize anticipated benefits of any combined operations with Auth0, Inc.; we may experience unanticipated costs of integrating Auth0, Inc.; the potential impact of the acquisition on relationships with third parties, including employees, customers, partners and competitors; we may be unable to retain key Safe harbor personnel; global economic conditions could worsen; a network or data security incident that allows unauthorized access to our network or data or our customers’ data could damage our reputation and cause us to incur significant costs; we could experience interruptions or performance problems associated with our technology, including a service outage; the impact of COVID-1 and variants of concern, related public health measures and any associated economic downturn on our business and results of operations may be more than we expect; and we may not be able to pay off our convertible senior notes when due. Further information on potential factors that could affect our financial results is included in our most recent Quarterly Report on Form 10-Q and our other filings with the Securities and Exchange Commission. The forward-looking statements included in this presentation represent our views only as of the date of this presentation and we assume no obligation and do not intend to update these forward-looking statements. Any unreleased products, features or functionality referenced in this presentation are not currently available and may not be delivered on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature or functionality, and you should not rely on them to make your purchase decisions. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.

of Okta – For Recipient’s Internal Use Only. © Okta and/or its afﬁliates. All rights reserved. Conﬁdential Information of Okta – For Recipient’s Internal Use Only. Aaron Parecki Senior Security Architect, Okta

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In

of Okta – For Recipient’s Internal Use Only. Map customer email domains and IDPs to tenant IDs Tenant ID Domain Identity Provider 1 example.com examplecompany.okta.com 2 example.org sso.example.org

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected]

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected]

of Okta – For Recipient’s Internal Use Only. * Don't actually use email addresses as a unique user identiﬁer Use the OpenID Connect "sub" claim (opaque user ID) A user's email address might change for a number of reasons: • Name change • Company acquisition (e.g. auth0.com → okta.com)

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected]

of Okta – For Recipient’s Internal Use Only. Two New Problems Deprovisioning Incomplete Data

of Okta – For Recipient’s Internal Use Only. Deprovisioning [email protected] Sign in with SSO Sign In

of Okta – For Recipient’s Internal Use Only. Deprovisioning Your App User DB ID Tenant External User ID* Last Login 1 1 [email protected] 2023-05-17 11:55 2 1 [email protected] 2023-05-16 09:32 3 2 [email protected] 2023-05-17 07:29 4 2 [email protected] 2023-05-13 08:25 5 1 [email protected] 2020-02-20 09:40 6 2 [email protected] 2023-05-16 13:55

of Okta – For Recipient’s Internal Use Only. Deprovisioning

of Okta – For Recipient’s Internal Use Only. Incomplete Data

of Okta – For Recipient’s Internal Use Only. Incomplete Data Search for a user Assign Task

of Okta – For Recipient’s Internal Use Only. Two Problems Deprovisioning Incomplete Data

of Okta – For Recipient’s Internal Use Only. System for Cross-Domain Identity Management SCIM

of Okta – For Recipient’s Internal Use Only. Apps Identity Provider

of Okta – For Recipient’s Internal Use Only. SCIM support is not just a nice to have feature. It's crucial to winning enterprise contracts. Brendan Ittelson, CTO, Zoom “

of Okta – For Recipient’s Internal Use Only. https://developer.okta.com/docs/reference/scim/scim-20/

of Okta – For Recipient’s Internal Use Only. SCIM: Check if a user exists ?filter=userName eq [email protected]

of Okta – For Recipient’s Internal Use Only. SCIM: Create a user

of Okta – For Recipient’s Internal Use Only. • GET /Users?filter=X - Okta checks if a user exists • POST /Users - Okta creates a user in your database • GET /Users - Okta retrieves all users • GET /Users/$ID - Okta retrieves a speciﬁc user • PUT /Users/$ID - Okta updates a user's attributes • PATCH /Users/$ID - A user is activated Similar methods exist to create and manage Groups https://developer.okta.com/docs/reference/scim/scim-20/ SCIM: Other Operations

of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected] IDP SCIM

of Okta – For Recipient’s Internal Use Only. Search for a user Assign Task

of Okta – For Recipient’s Internal Use Only. © Okta and/or its afﬁliates. All rights reserved. Conﬁdential Information of Okta – For Recipient’s Internal Use Only. SCIM Resources A Developer's Guide to SCIM https://youtu.be/JmA 3cy0uVc Sign up for our upcoming SCIM workshop! https://regionalevents.okta.com/devday 23workshopsignup

of Okta – For Recipient’s Internal Use Only.

of Okta – For Recipient’s Internal Use Only. No code identity automation and orchestration Okta Workﬂows

of Okta – For Recipient’s Internal Use Only. • No-code/drag-n-drop • Automation • Events/Functions/Actions • Application Connectors What are Okta Workﬂows?

of Okta – For Recipient’s Internal Use Only. Workﬂows automates action across apps to manage complex identity scenarios Accelerate time to market Enable anyone to innovate Improve security posture Connect to and harness any API for action Automation Engine Use Cases Platform Hooks and Events Lifecycle Management Security Governance Platform Extensibility Connectors Templates No-Code Designer Customer Identity

of Okta – For Recipient’s Internal Use Only. Replacing custom scripts/code with powerful, identity-based logic and connections “When this happens” Event Okta assi ns user to Sales orce “If this” Function Is user on EMEA sales team? “Do this” Action Assi n EMEA territory “Do that” Action Add user to EMEA Sales Channel and send a welcome messa e

of Okta – For Recipient’s Internal Use Only. Okta admins can create workﬂows to take actions based on events like: • "When a user is created" • "When a user enrolls an MFA factor" • "When a user is assigned an application" • "When the org-wide rate limit is exceeded" • "When a user reports suspicious activity on their account" • And events from your application! Okta Workﬂows

of Okta – For Recipient’s Internal Use Only. Okta Workﬂows Replaces Custom Code

of Okta – For Recipient’s Internal Use Only. Okta Workﬂows Replaces Running Servers

of Okta – For Recipient’s Internal Use Only. Okta Workﬂows No Code

of Okta – For Recipient’s Internal Use Only. Okta Workﬂows Out-of-the-box Integrations

of Okta – For Recipient’s Internal Use Only. Okta Workﬂows

of Okta – For Recipient’s Internal Use Only. Customers use Kandji to manage the lifecycle of a device. With Workﬂows, we were able to create more value for our customers by providing another layer of automation to manage the lifecycle of devices at scale. Arek Dreyer, Senior Product Engineer, Kandji “

of Okta – For Recipient’s Internal Use Only. • Connects to Applications • Actions • Input/Output parameters What is a Connector?

of Okta – For Recipient’s Internal Use Only. Build a Workflow Connector to expose your application to Okta admins using Workflows Build a Connector 1. Create an API for your application 2. Create a Workflow Connector exposing parts of your API GET /tasks POST /tasks/create POST /tasks/assign

of Okta – For Recipient’s Internal Use Only. Expose API endpoints based on expected use cases for an Okta integration • Create new todo item ◦ Parameters: text, due date, assignee • Mark todo item as complete/incomplete • Update item ◦ Assign to a user • Get list of all completed items ◦ With date ﬁlters • Get list of all incomplete items Build a Workﬂow Connector for your Todo list app

of Okta – For Recipient’s Internal Use Only. Common workﬂows for your todo list app Every Friday at 5pm Get a list of completed tasks within the past days Email the list to a group

of Okta – For Recipient’s Internal Use Only. Common workﬂows for your todo list app When a new Zendesk ticket is created Create a new task Send a notiﬁcation in Slack

of Okta – For Recipient’s Internal Use Only. Common workﬂows for your todo list app When a task is completed Send a notiﬁcation in Slack

of Okta – For Recipient’s Internal Use Only. Template Catalog

of Okta – For Recipient’s Internal Use Only. More Workﬂows Tutorials https://www.youtube.com/playlist?list=PLIid0 5fSVdvyK F4xuk4 EchBPmAVNHG

of Okta – For Recipient’s Internal Use Only. Learn More Sign up for our on-demand workshops! Onboarding your customer's workforce with OpenID Connect Sync all your customer's users with SCIM Enable automation and integrations with Workﬂows Automate Okta management with Terraform https://regionalevents.okta.com/devday23workshopsignup

of Okta – For Recipient’s Internal Use Only.

Enterprise-Ready: Going Beyond MVP

Enterprise-Ready: Going Beyond MVP

More Decks by Aaron Parecki

Other Decks in Technology

Featured

Transcript