© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Going Beyond MVP: Make your app loved by enterprise customers Aaron Parecki @aaronpk

This presentation contains “forward-looking statements” within the meaning of the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1 5, including but not limited to, statements regarding our financial outlook, long-term financial targets, product development, business strategy and plans, market trends and market size, opportunities, positioning and expected benefits that will be derived from the acquisition of Auth0, Inc. These forward-looking statements are based on current expectations, estimates, forecasts and projections. Words such as “expect,” “anticipate,” “should,” “believe,” “hope,” “target,” “project,” “goals,” “estimate,” “potential,” “predict,” “may,” “will,” “might,” “could,” “intend,” “shall” and variations of these terms and similar expressions are intended to identify these forward-looking statements, although not all forward-looking statements contain these identifying words. Forward-looking statements are subject to a number of risks and uncertainties, many of which involve factors or circumstances that are beyond our control. For example, the market for our products may develop more slowly than expected or than it has in the past; there may be significant fluctuations in our results of operations and cash flows related to our revenue recognition or otherwise; we may fail to successfully integrate any new business, including Auth0, Inc.; we may fail to realize anticipated benefits of any combined operations with Auth0, Inc.; we may experience unanticipated costs of integrating Auth0, Inc.; the potential impact of the acquisition on relationships with third parties, including employees, customers, partners and competitors; we may be unable to retain key Safe harbor personnel; global economic conditions could worsen; a network or data security incident that allows unauthorized access to our network or data or our customers’ data could damage our reputation and cause us to incur significant costs; we could experience interruptions or performance problems associated with our technology, including a service outage; the impact of COVID-1 and variants of concern, related public health measures and any associated economic downturn on our business and results of operations may be more than we expect; and we may not be able to pay off our convertible senior notes when due. Further information on potential factors that could affect our financial results is included in our most recent Quarterly Report on Form 10-Q and our other filings with the Securities and Exchange Commission. The forward-looking statements included in this presentation represent our views only as of the date of this presentation and we assume no obligation and do not intend to update these forward-looking statements. Any unreleased products, features or functionality referenced in this presentation are not currently available and may not be delivered on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature or functionality, and you should not rely on them to make your purchase decisions. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Aaron Parecki Senior Security Architect, Okta

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Map customer email domains and IDPs to tenant IDs Tenant ID Domain Identity Provider 1 example.com examplecompany.okta.com 2 example.org sso.example.org

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected]

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected]

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. * Don't actually use email addresses as a unique user identifier Use the OpenID Connect "sub" claim (opaque user ID) A user's email address might change for a number of reasons: • Name change • Company acquisition (e.g. auth0.com → okta.com)

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected]

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Two New Problems Deprovisioning Incomplete Data

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning [email protected] Sign in with SSO Sign In

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning Your App User DB ID Tenant External User ID* Last Login 1 1 [email protected] 2023-05-17 11:55 2 1 [email protected] 2023-05-16 09:32 3 2 [email protected] 2023-05-17 07:29 4 2 [email protected] 2023-05-13 08:25 5 1 [email protected] 2020-02-20 09:40 6 2 [email protected] 2023-05-16 13:55

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Incomplete Data

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Incomplete Data Search for a user Assign Task

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Two Problems Deprovisioning Incomplete Data

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. System for Cross-Domain Identity Management SCIM

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Apps Identity Provider

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM support is not just a nice to have feature. It's crucial to winning enterprise contracts. Brendan Ittelson, CTO, Zoom “

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. https://developer.okta.com/docs/reference/scim/scim-20/

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM: Check if a user exists ?filter=userName eq [email protected]

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM: Create a user

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● GET /Users?filter=X - Okta checks if a user exists ● POST /Users - Okta creates a user in your database ● GET /Users - Okta retrieves all users ● GET /Users/$ID - Okta retrieves a specific user ● PUT /Users/$ID - Okta updates a user's attributes ● PATCH /Users/$ID - A user is activated Similar methods exist to create and manage Groups https://developer.okta.com/docs/reference/scim/scim-20/ SCIM: Other Operations

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected] IDP SCIM

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Search for a user Assign Task

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM Resources A Developer's Guide to SCIM https://youtu.be/JmA 3cy0uVc Sign up for our upcoming SCIM workshop! https://regionalevents.okta.com/devday 23workshopsignup

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. No code identity automation and orchestration Okta Workflows

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● No-code/drag-n-drop ● Automation ● Events/Functions/Actions ● Application Connectors What are Okta Workflows?

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Workflows automates action across apps to manage complex identity scenarios Accelerate time to market Enable anyone to innovate Improve security posture Connect to and harness any API for action Automation Engine Use Cases Platform Hooks and Events Lifecycle Management Security Governance Platform Extensibility Connectors Templates No-Code Designer Customer Identity

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Replacing custom scripts/code with powerful, identity-based logic and connections “When this happens” Event Okta assi ns user to Sales orce “If this” Function Is user on EMEA sales team? “Do this” Action Assi n EMEA territory “Do that” Action Add user to EMEA Sales Channel and send a welcome messa e

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta admins can create workflows to take actions based on events like: ● "When a user is created" ● "When a user enrolls an MFA factor" ● "When a user is assigned an application" ● "When the org-wide rate limit is exceeded" ● "When a user reports suspicious activity on their account" ● And events from your application! Okta Workflows

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Replaces Custom Code

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Replaces Running Servers

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows No Code

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Out-of-the-box Integrations

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Customers use Kandji to manage the lifecycle of a device. With Workflows, we were able to create more value for our customers by providing another layer of automation to manage the lifecycle of devices at scale. Arek Dreyer, Senior Product Engineer, Kandji “

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● Connects to Applications ● Actions ● Input/Output parameters What is a Connector?

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Build a Workflow Connector to expose your application to Okta admins using Workflows Build a Connector 1. Create an API for your application 2. Create a Workflow Connector exposing parts of your API GET /tasks POST /tasks/create POST /tasks/assign

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Expose API endpoints based on expected use cases for an Okta integration ● Create new todo item ○ Parameters: text, due date, assignee ● Mark todo item as complete/incomplete ● Update item ○ Assign to a user ● Get list of all completed items ○ With date filters ● Get list of all incomplete items Build a Workflow Connector for your Todo list app

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app Every Friday at 5pm Get a list of completed tasks within the past days Email the list to a group

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app When a new Zendesk ticket is created Create a new task Send a notification in Slack

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app When a task is completed Send a notification in Slack

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Template Catalog

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. More Workflows Tutorials https://www.youtube.com/playlist?list=PLIid0 5fSVdvyK F4xuk4 EchBPmAVNHG

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Learn More Sign up for our on-demand workshops! Onboarding your customer's workforce with OpenID Connect Sync all your customer's users with SCIM Enable automation and integrations with Workflows Automate Okta management with Terraform https://regionalevents.okta.com/devday23workshopsignup

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.