Okta
🇬🇧 UK Focus 📅 Loading…

Okta

Okta · Identity & Access

Identity-first security and SSO platform

Importance for UK SMBs
Get Pricing / Trial → View Changelog →

Overview

Okta is an identity provider (IdP) and access management platform that provides SSO, MFA, lifecycle management, and API access management. It's vendor-neutral, making it a strong choice for organisations running multi-cloud or mixed Microsoft/Google environments.

UK Pricing Workforce Identity from ~£2/user/mo (basic SSO). Customer Identity (CIAM) separate pricing.
Target Size 50+ users, especially with mixed SaaS environments

Why Use It

Okta excels when your organisation is not all-in on Microsoft, or when you need strong identity governance across a diverse SaaS portfolio. Its Workflows feature can automate complex onboarding/offboarding processes that would otherwise require custom scripting.

Why Not

If your stack is predominantly Microsoft 365, Entra ID P1 (included in Business Premium) provides similar SSO and Conditional Access functionality at no extra cost.

Pros & Cons

Pros

  • Vendor-neutral — works across Microsoft, Google, AWS, and any SAML/OIDC app
  • Excellent user lifecycle management (provisioning/deprovisioning)
  • Advanced MFA options including FIDO2/passkeys
  • Strong developer API for custom integrations
  • Okta Workflows (no-code automation) for identity processes

Cons

  • More expensive than Entra ID P1 for Microsoft-heavy environments
  • 2022 security breach damaged trust (since remediated)
  • Overlaps with Entra ID if you're already on M365 — can cause confusion
  • Lifecycle management setup requires significant initial configuration
  • Customer support quality mixed for smaller accounts

How to Get the Most Out of It

  1. Use Okta Workflows to automate offboarding — automatically deprovision all apps when an employee leaves
  2. Enable Okta FastPass (FIDO2) to eliminate passwords entirely for managed devices
  3. Use Okta Verify with number matching to protect against MFA fatigue attacks
  4. Configure Universal Directory as your single source of truth and sync to downstream apps
  5. Review the Okta System Log regularly for anomalous authentication patterns