Okta today announced its Directory Integration Edition cloud-based identity service. The idea is if done correctly, end-users should not even know which of their apps is on-premise and which is based in the cloud. And as more apps migrate to the cloud, the seamless integration of where they are located means that the directory services piece has to function better and recognize more off-premises apps with ease.
The notion of directory integration with cloud-based apps isn’t new: Previously, Okta offered through its Cloud Service Platformthe ability to federate authentication between a single cloud app and AD. And there are lots of others in this space, including Cloudswitch, Centrify, and Microsoft’s own Active Directory Federation Services who have been available for some time. Today’s announcement adds a SaaS-based service that replicates an on-premises Active Directory store with a number of cloud-based services. Setup is fairly straightforward and requires a downloadable Windows-based software agent to make an outbound connection across the link.
Okta’s Directory Integration Edition goes beyond federation to provision and update user information across the cloud/premises links. It can handle thousands of multiple cloud apps that they have already cataloged for this kind of integration. Here you can see an example of how to setup your Salesforce integration using this service.
This means once a user logs into a Windows domain, their identity is maintained no matter what other app they bring up on the local network or in whatever cloud apps they pull up in their browser.
Pricing is $1 per user per month, with discounts beyond 200 users.