Okta — Overview
Status: Scaffold — content in progress
Okta is a leading cloud Identity Provider (IdP) used by thousands of enterprises. It federates identity across SaaS apps via SAML 2.0 and OIDC, provides MFA, and manages user lifecycle via SCIM.
Architecture
- Okta Org: tenant instance (e.g.,
corp.okta.com) - Universal Directory: Okta's user/group store
- Okta Verify: Authenticator app for push MFA
- Workforce Identity Cloud: enterprise SSO + MFA product line
- Customer Identity Cloud (Auth0): developer-focused CIAM
Key Capabilities
| Feature | Description |
|---|---|
| SSO | SAML/OIDC federation to SaaS apps |
| Adaptive MFA | Risk-based MFA policy |
| Lifecycle Management | SCIM provisioning to downstream apps |
| API Access Management | OAuth2 authorization server |
| Okta Workflows | No-code automation for identity events |
Security Telemetry
Okta System Log (/api/v1/logs) is the primary detection source:
- Authentication events (success, failure, MFA)
- Admin actions
- Policy evaluation results
- Suspicious activity reports
Cross-Links
| Topic | Link |
|---|---|
| Okta MFA | okta-mfa |
| MFA Fatigue | mfa-fatigue |