Slide 1

Slide 1 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Going Beyond MVP: Make your app loved by enterprise customers Aaron Parecki @aaronpk

Slide 2

Slide 2 text

This presentation contains “forward-looking statements” within the meaning of the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1 5, including but not limited to, statements regarding our financial outlook, long-term financial targets, product development, business strategy and plans, market trends and market size, opportunities, positioning and expected benefits that will be derived from the acquisition of Auth0, Inc. These forward-looking statements are based on current expectations, estimates, forecasts and projections. Words such as “expect,” “anticipate,” “should,” “believe,” “hope,” “target,” “project,” “goals,” “estimate,” “potential,” “predict,” “may,” “will,” “might,” “could,” “intend,” “shall” and variations of these terms and similar expressions are intended to identify these forward-looking statements, although not all forward-looking statements contain these identifying words. Forward-looking statements are subject to a number of risks and uncertainties, many of which involve factors or circumstances that are beyond our control. For example, the market for our products may develop more slowly than expected or than it has in the past; there may be significant fluctuations in our results of operations and cash flows related to our revenue recognition or otherwise; we may fail to successfully integrate any new business, including Auth0, Inc.; we may fail to realize anticipated benefits of any combined operations with Auth0, Inc.; we may experience unanticipated costs of integrating Auth0, Inc.; the potential impact of the acquisition on relationships with third parties, including employees, customers, partners and competitors; we may be unable to retain key Safe harbor personnel; global economic conditions could worsen; a network or data security incident that allows unauthorized access to our network or data or our customers’ data could damage our reputation and cause us to incur significant costs; we could experience interruptions or performance problems associated with our technology, including a service outage; the impact of COVID-1 and variants of concern, related public health measures and any associated economic downturn on our business and results of operations may be more than we expect; and we may not be able to pay off our convertible senior notes when due. Further information on potential factors that could affect our financial results is included in our most recent Quarterly Report on Form 10-Q and our other filings with the Securities and Exchange Commission. The forward-looking statements included in this presentation represent our views only as of the date of this presentation and we assume no obligation and do not intend to update these forward-looking statements. Any unreleased products, features or functionality referenced in this presentation are not currently available and may not be delivered on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature or functionality, and you should not rely on them to make your purchase decisions. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.

Slide 3

Slide 3 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Aaron Parecki Senior Security Architect, Okta

Slide 4

Slide 4 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In

Slide 5

Slide 5 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Map customer email domains and IDPs to tenant IDs Tenant ID Domain Identity Provider 1 example.com examplecompany.okta.com 2 example.org sso.example.org

Slide 6

Slide 6 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID

Slide 7

Slide 7 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected]

Slide 8

Slide 8 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected]

Slide 9

Slide 9 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. * Don't actually use email addresses as a unique user identifier Use the OpenID Connect "sub" claim (opaque user ID) A user's email address might change for a number of reasons: • Name change • Company acquisition (e.g. auth0.com → okta.com)

Slide 10

Slide 10 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected]

Slide 11

Slide 11 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Two New Problems Deprovisioning Incomplete Data

Slide 12

Slide 12 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning [email protected] Sign in with SSO Sign In

Slide 13

Slide 13 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning Your App User DB ID Tenant External User ID* Last Login 1 1 [email protected] 2023-05-17 11:55 2 1 [email protected] 2023-05-16 09:32 3 2 [email protected] 2023-05-17 07:29 4 2 [email protected] 2023-05-13 08:25 5 1 [email protected] 2020-02-20 09:40 6 2 [email protected] 2023-05-16 13:55

Slide 14

Slide 14 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Deprovisioning

Slide 15

Slide 15 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Incomplete Data

Slide 16

Slide 16 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Incomplete Data Search for a user Assign Task

Slide 17

Slide 17 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Two Problems Deprovisioning Incomplete Data

Slide 18

Slide 18 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. System for Cross-Domain Identity Management SCIM

Slide 19

Slide 19 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Apps Identity Provider

Slide 20

Slide 20 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM support is not just a nice to have feature. It's crucial to winning enterprise contracts. Brendan Ittelson, CTO, Zoom “

Slide 21

Slide 21 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. https://developer.okta.com/docs/reference/scim/scim-20/

Slide 22

Slide 22 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM: Check if a user exists ?filter=userName eq [email protected]

Slide 23

Slide 23 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM: Create a user

Slide 24

Slide 24 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● GET /Users?filter=X - Okta checks if a user exists ● POST /Users - Okta creates a user in your database ● GET /Users - Okta retrieves all users ● GET /Users/$ID - Okta retrieves a specific user ● PUT /Users/$ID - Okta updates a user's attributes ● PATCH /Users/$ID - A user is activated Similar methods exist to create and manage Groups https://developer.okta.com/docs/reference/scim/scim-20/ SCIM: Other Operations

Slide 25

Slide 25 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. [email protected] Sign in with SSO Sign In OIDC Your App User DB ID Tenant External User ID* 1 1 [email protected] 2 1 [email protected] 3 2 [email protected] 4 2 [email protected] 5 1 [email protected] 6 2 [email protected] IDP SCIM

Slide 26

Slide 26 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Search for a user Assign Task

Slide 27

Slide 27 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. © Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. SCIM Resources A Developer's Guide to SCIM https://youtu.be/JmA 3cy0uVc Sign up for our upcoming SCIM workshop! https://regionalevents.okta.com/devday 23workshopsignup

Slide 28

Slide 28 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.

Slide 29

Slide 29 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. No code identity automation and orchestration Okta Workflows

Slide 30

Slide 30 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● No-code/drag-n-drop ● Automation ● Events/Functions/Actions ● Application Connectors What are Okta Workflows?

Slide 31

Slide 31 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Workflows automates action across apps to manage complex identity scenarios Accelerate time to market Enable anyone to innovate Improve security posture Connect to and harness any API for action Automation Engine Use Cases Platform Hooks and Events Lifecycle Management Security Governance Platform Extensibility Connectors Templates No-Code Designer Customer Identity

Slide 32

Slide 32 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Replacing custom scripts/code with powerful, identity-based logic and connections “When this happens” Event Okta assi ns user to Sales orce “If this” Function Is user on EMEA sales team? “Do this” Action Assi n EMEA territory “Do that” Action Add user to EMEA Sales Channel and send a welcome messa e

Slide 33

Slide 33 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta admins can create workflows to take actions based on events like: ● "When a user is created" ● "When a user enrolls an MFA factor" ● "When a user is assigned an application" ● "When the org-wide rate limit is exceeded" ● "When a user reports suspicious activity on their account" ● And events from your application! Okta Workflows

Slide 34

Slide 34 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Replaces Custom Code

Slide 35

Slide 35 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Replaces Running Servers

Slide 36

Slide 36 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows No Code

Slide 37

Slide 37 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows Out-of-the-box Integrations

Slide 38

Slide 38 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Okta Workflows

Slide 39

Slide 39 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Customers use Kandji to manage the lifecycle of a device. With Workflows, we were able to create more value for our customers by providing another layer of automation to manage the lifecycle of devices at scale. Arek Dreyer, Senior Product Engineer, Kandji “

Slide 40

Slide 40 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. ● Connects to Applications ● Actions ● Input/Output parameters What is a Connector?

Slide 41

Slide 41 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Build a Workflow Connector to expose your application to Okta admins using Workflows Build a Connector 1. Create an API for your application 2. Create a Workflow Connector exposing parts of your API GET /tasks POST /tasks/create POST /tasks/assign

Slide 42

Slide 42 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Expose API endpoints based on expected use cases for an Okta integration ● Create new todo item ○ Parameters: text, due date, assignee ● Mark todo item as complete/incomplete ● Update item ○ Assign to a user ● Get list of all completed items ○ With date filters ● Get list of all incomplete items Build a Workflow Connector for your Todo list app

Slide 43

Slide 43 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app Every Friday at 5pm Get a list of completed tasks within the past days Email the list to a group

Slide 44

Slide 44 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app When a new Zendesk ticket is created Create a new task Send a notification in Slack

Slide 45

Slide 45 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Common workflows for your todo list app When a task is completed Send a notification in Slack

Slide 46

Slide 46 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Template Catalog

Slide 47

Slide 47 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. More Workflows Tutorials https://www.youtube.com/playlist?list=PLIid0 5fSVdvyK F4xuk4 EchBPmAVNHG

Slide 48

Slide 48 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only. Learn More Sign up for our on-demand workshops! Onboarding your customer's workforce with OpenID Connect Sync all your customer's users with SCIM Enable automation and integrations with Workflows Automate Okta management with Terraform https://regionalevents.okta.com/devday23workshopsignup

Slide 49

Slide 49 text

© Okta and/or its affiliates. All rights reserved. Confidential Information of Okta – For Recipient’s Internal Use Only.