Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta helps IT become more secure and maintain compliance. The Okta service provides directory services, single sign-on, authentication, provisioning, workflow, and built in reporting. ment systems.
$2
Per User Per Month
Oracle Entitlements Server
Score 4.0 out of 10
N/A
Oracle Entitlements Server is an authorization solution.
It has extensive compatibility and rich feature set of integrating with a wide array of core systems and SaaS platforms. Daily I utilize Okta's user-friendly central hub to simplify access the numerous applications we utilize within my company (Google Workspace, Slack, Zoom, Salesforce, Microsoft Office 365, among many others.)
Could be suited for cases where authorization policies change extremely frequently and unpredictably. For all other scenarios, I would avoid this product!
I'm not sure it's really a room for improvement thing, but due to the granularity offered by Okta, sometimes it can be challenging to find exactly what you're looking for.
There was an instance in which we had issues getting SAML configured for an application. I feel this challenge was mostly user error (on our part) because we didn't realize the SAML instructions were SPECIFIC to each app integration and changed (codes) each time. We attempted to mirror the settings/configurations of an existing app (same app, but different domain). I think having a note somewhere that indicated that the instructions were unique to each integration would have saved us a bit of time. Again, I'm not sure this is really an issue with Okta though, more of a user learning curve thing.
Sometimes searching for things is a challenge (without the "Rockstar" add-in). For example, if you have a user group called "Okta_users_everyone", searching for "everyone" will not find it. You have to search for the beginning of the object name (not just any part of it). The ability to search partial or wildcard would greatly enhance search functionality.
Horrible administration web UI - had to spend months with our database team to make an application's entitlements show up in < 30 seconds, difficult to navigate UI. It has sliders that make you think you can expand certain portions of the UI, but they do nothing. Many operations that must be done in day-to-day administration require 3 clicks per application, so this makes policy creation and distribution extremely time-consuming. A variety of random errors would occur and instead of friendly messages, full exceptions were shown to the user, including a stack trace. Often, this stack trace was so long, the box would overflow the screen and the user would be unable to close the popup box.
The built in Policy Decision Point's web service only supported returning a SINGLE entitlement at a time. This was completely inadequate (would have crippled our apps' performance) and somewhat laughable given this is an 'enterprise product'. We ended up having to write our own web-service which could check multiple entitlements at once using the Java API
Horrible Support - we opened at least 20 support cases and the majority were classified as bugs or product enhancements, and then nothing was done on them. I am pretty sure this product has no full-time developers, given the lack of progress seen on their product in over 2 years. A variety of issues went back and forth between the OES and Weblogic teams, both blaming each other, and never got resolved. When we tried to escalate, various Oracle manager folks claimed to be exerting pressure, but ultimately everything fell back on us (sorry, can't reproduce it on our end) and made no progress. Almost every support person we got did not speak fluent English, writing back in incomplete sentences, and confusing basic pronouns (he vs she), etc.
Lack of product documentation. It took us about a month of working with support to enable LDAPS binds for users logging into the admin UI (by default, it only worked with unsecure LDAP binds). All of such configuration was undocumented and we had to rely on support giving us explicit instructions. There was also a bevy of patches that had to be applied to 3 different components of the product in a specific order to work properly. Some patches caused regressions and broke functionality that previously had been corrected by a prior patch. They also released an entire new version (Patch Set 1 I believe) and forgot to increment the build number in the UI, causing much confusion. Any development house with basic build/release practices in place would have avoided this.
Okta has a passion to provide secure and scalable identity solution. Their passion has come across as advocacy in a way that has deepened my knowledge of the field of authentication. I took identity for granted before but after seeing features such as external authentication I know that Okta can enable my business to reach new heights
The Okta Identity Cloud advertises 4 9's of reliability and I would go as far to say that it may even do better than that. As a true Global organization that operates in just about every region of the world, we have yet to have an issue with The Okta Identity Cloud that has impacted our business operations.
From my perspective, for the things that my group uses it for, Okta is very fast. It is as least as fast as the local password database methods that it replaces on our campus enterprise services. I do not believe that it slows anything down at all. In fact, not having to think too much about the login, because they all look the same, probably speeds things up somewhat.
We've had a few support cases over the years and every case has been handled by the Okta support team beautifully. We received clear answers to questions we had regarding setup and even were provided simple to follow guides on how to setup their product to use with custom applications.
With respective to user interface and license cost, we thought The Okta Identity Cloud was better than other tools for use. Their customization of license was another reason for us to go with The Okta Identity Cloud over other tools.
I saw one other competitor at a trade show, but unfortunately their product didn't seem much better. It forced administrators to dig through horribly complex expressions with lots of ANDs and ORs to debug a basic policy. I didn't think it would be easy enough to use.
Being a cloud native application, The Okta Identity Cloud is extremely scalable and easy to setup. By integrating into existing directories and applications via standard techniques and protocols, it is very easy to both initially setup and add additional users as required. Once all the necessary integrations are setup, it's a simple rinse and repeat process to onboard additional users (which can be automated with imports as well)
