After 6 months of development, the partnership between product teams at Okta and PlainID, an offering for a centralized Authentication and a centralized Authorization platform has launched.
One big reason is that customers have asked for this.
In general, large enterprises tend to have rules governing how applications and data should be accessed.
Sometimes these rules are hidden inside applications and these are managed and maintained by staff or developers with little contact or insight to the owner of the application being accessed. To manage this, some use home grown solutions that access lists, databases or maybe an Active Directory. Slightly more advanced companies might turn a rule into a ‘Role,’ and use Role-Based Access Controls. However, more often than not, to keep up with a growing enterprise, both in people, resources, applications, mobility and infrastructure (like Digital Transformation or moving to SaaS), the number of roles explodes into large and uncontrolled, unchecked, and non-compliant situations. Furthermore this leads to not only employee and client frustration, but lower productivity and security gaps.
For all of these reasons, enterprises seek out a solution to shift from a static, rules-based approach to a dynamic, policy-based approach.
Combining two state of the art platforms to get the best in class of both Authentication and Authorization, we have provided a powerful, centralized Policy-Based Access Control (PBAC) solution over all enterprise authentication and authorization.
Okta is used as the trusted identity source, and handles the authentication/SSO flows using various standards like OAuth, OIDC and SAML, while PlainID centralizes access control and authorization with a real time, policy-based access control platform supported by an advanced authorization rule engine. Companies can set fine-grained (or coarse-grained) access policies around business rules, industry or government regulations, or just about any other concerns that might warrant a rule. These rules can also be dynamic, meaning they can take into account things like time of day, changing locations, or real-time status of an attribute (maybe a risk score, or a compliance policy change). IT teams can easily administer, monitor, and enforce these policies via an intuitive graphical user interface that makes it easy to analyze access requests, evaluate the current user’s role, and make informed access decisions.
When policy permits, access is provided either by utilizing the virtual token (OIDC, SAML), automated provisioning through API-driven SCIM , or JIT (just-in-time provisioning), based on flexible and contextual access policies.
Access to managing the policies, or access relationships can be delegated to a company’s customers, and can be partly restricted at a fine-grained level to meet segregation of duties requirements.
With the PlainID + Okta integration, end users (e.g. employees, partners, customers, etc) have a frictionless path to access what they are allowed to access, without needing to make requests to IT or their manager for the apps, data and resources they need to perform their jobs.
Pretty cool, ehh? We’re really excited about it, and can’t wait to show you what it can do for you.
If you’re an Okta customer, or if you’re looking into implementing Okta, schedule a demo with us so we can show you how this fits into your larger Identity Management picture, and you can leverage the benefits of Policy-Based Access Control across your enterprise.