What needs improvement with Okta Workforce Identity?

Okta Workforce Identity could improve provisioning it can be made simpler. They are implementing in one of the newer releases certification, attestation, and some role-mining abilities, but I don't know how far along that's going to be. That's a statement that they said they are going to have in the future.

The cost per user for this solution is really high and could be reduced. We have experienced some challenges in integrating this solution with Scope and Cognito.

We've not come across anything missing. It's under continual improvement. It is actually very good. We've not had any problems with Okta. I'd have to think hard to find anything that was badly implemented.

This user integration with the Okta integration network could be simplified.

There are many things that Okta has to improve on. I understand that Okta has a lot of apps, like any other provider, e.g. Microsoft apps, IDP apps, or cloud identity apps. The problem with Okta is that they create the app and they never update. In this fast-paced industry where versions keep getting updated, Okta is really slow at times. None of the Okta applications that they create, for example, in my case: I have used the cloud identity of Microsoft apps and now I'm using the off tabs. What I found is none of the single Okta apps that we have worked and did not create an issue. They are not fully mature. So it's that aspect that can be improved, which Okta is investigating. Their application support and not having updates for those applications also need to be improved. These are the things that surprised me and I was not able to understand from Okta. Okta's customer support should be improved. Okta should work with certain providers, e.g. the Google cloud, the AWS cloud, the Microsoft cloud, and they should evaluate the integration point because what happens is if your organization has SSO which relies on Okta, all of these three clouds and the Okta app are far from perfect. You are not able to get the right setup based on how your security is trying to define it vs what the application can support. You'll end up using the default interface Okta provides with those apps. I understand Okta could say that if they shouldn't worry about it because if AWS wanted to support Okta, then AWS should be the one providing us the app and support, but Okta should try to understand the users, do surveys from the different automation using Okta, and use different apps because those apps are very critical. They are far from perfect, so Okta has the worst implementation.

The only aspect in which it can be improved is that the interface could be cleaner. I found this even when I was trying to do my certification exam because the certification is hands-on. You find yourself fumbling around a little bit to find simple things. This happens even when you start to get familiar with the product.

I do not see much room for improvement. I have not encountered any issues with the solution, though it may be worth checking this with the technical team involved in its implementation. This said, it is scalable for midsize companies and infrastructure but, owing to the regulations we have in place in Egypt, not every enterprise-sized company. This means the solution did not comply with everything in the financial sector, such as with our central bank. As such, one who is working in the financial sector must resort to another solution or, at the least, another one in addition to Okta Workforce Identity. The solution should have greater on-premises availability, not just cloud and more package customization in its processing.

It's my personal opinion, but it was a classic UI and now the UI is different. I was used to the old UI and when I moved from the old to new, I found it a bit difficult.

Okta can consider to become also a password vaulting manager. We also didn't find an option to setup access to web services that require second factor authentication. Also it's hard to figure out which license is responsible for which features and how are they correlated.

The solution needs to improve its own marketing. It's a great solution, however, most people don't know what it does. It should be first in line for onboarding employees. The solution should continue to work to improve its interface and make it more user-friendly. The initial setup can be complex at first.

There are some issues with the interface that can be improved.

The guest user access could be improved. How do we authenticate people that aren't in our Active Directory? In the next release, I would like to see passwordless access.

API Securities Solution

The integration with third-party tools needs to be improved. Mainly, the open-source APIs for Splunk would be helpful, as that is where they aggregate most of the data. If this process can be streamlined then it will definitely help.

They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time.

With the device applications, when you are checking the logs, you can't hide the device and that's a feature that's missing. I'd like to see MDM source added.

It would be pricing, which is a tough one because it goes against Microsoft. A lot of companies say they're a Microsoft partner, and they get all their software for free. Okta is like a luxury product, and it's not the most affordable one. I would say if they could work on pricing, it would help. Other than that, they've done great strides in developing a product that is really good. The companies that do see the value tend to invest in it.

* Passwordless authentication. * Integration with the user provisioning infrastructure to track all entitlement changes; simplify the modeling of the role and access definitions at every stage of the user life cycle. * Automation of the entire entitlement and role review process, in alignment with business needs and requirements as stated by business leaders and managers. * Oversight in the form of dashboards reconciling and centralizing information for immediate insight into the status of access reviews and certification processes.

It is a complex solution, and you need a good understanding of how to use it correctly. Otherwise, you can't take full advantage of what it offers and it becomes difficult to use. I don't know if it is possible to make it simpler to use or simpler to understand, but that would be the most important thing to improve. In the next release, I would like to see them add other solutions to their suite of products. I would like to see better integration with other software. The ability to do the provisioning is a great feature and there is some software where they can sign-on but they can't do the provisioning.

The solution lacks an on-premises deployment model so it can't offer a hybrid solution. It would be ideal if clients had options that weren't just cloud-based.

Better multi-factor authentication integration and support, it's around v2.0 and will need a 3.0 release for maturity.

RESTful Web Service calls and their response seem a bit slow.

On the admin side, we can create our own passwords instead of generating one, which is usually difficult to explain to a user. Otherwise, the application is pretty awesome.

UD attribute mapping, Okta group rules, and dynamic usage could use improvement. More in-depth functionality and features to integrate with RADIUS solutions.

Maybe the interface could use some work but, for the most part, the tool is pretty cool.

We still had to write several internal programs/scripts to complete the user-provisioning process. Okta does not have the ability to provision mailbox accounts for on-premise Exchange or in a hybrid O365 environment. The Group Push function from Okta to AD did not work reliably in our environment.

Command line access Reporting