Okta aims to expand its addressable market with its new Okta Customer Identity Cloud and Okta Workforce Identity Cloud. The company launched the two platforms during this week’s Oktane22 conference in San Francisco, an event that Okta said drew 6,000 partners and customers.

The two platforms represent a rebranding of Okta’s respective enterprise identity and access management (IAM) portfolio and Auth0 offerings. Okta acquired Auth0 in May 2021 for $6.5 billion. Oktane set the stage for Okta to share how it plans to create a broader ecosystem for managing user identities.

In his keynote address at Oktane, Okta’s co-founder and CEO Todd McKinnon (shown above onstage) described identity as “the center of the technology landscape.” Organizations must manage identities for both their workforces and endpoint infrastructure where Okta has a focus, but also customers.

The strategy, which comes 18 months after Okta completed the acquisition, took longer than expected, said Gartner analyst Henrique Teixeira. “I don’t think they anticipated how big and complex the merger would be,” Teixeira said. “But it’s a very good opportunity for them to grow in the white space of customer identity.”

Framing the Okta Identity Management Platform

While managing workforce and customer identities have different governance requirements, characteristics and teams managing them, the need for phishing-resistant authentication continue to accelerate across both constituencies.

Auth0 provides a leading identity service for consumer authentication, complementing the Okta IAM offering focused on employee authentication. McKinnon explained how Okta is framing the new identity platforms.

Okta’s Eugenio Pace

Okta’s Sagnik Nandy

McKinnon said that while the two are distinct, both run on the Okta Identity Platform. Eugenio Pace, Auth0’s founder, is the Okta Customer Identity Cloud president, while Sagnik Nandy is the Workforce Identity Cloud president. McKinnon described the Okta Identity Platform as an interoperability layer across both clouds. But he emphasized that Okta doesn’t plan to combine them into one platform.

“The strategy and the goal here is very clear,” McKinnon said. “It’s not to merge these two classes together. “Our two clouds and platform are purpose-built to get your teams there.”

Besides framing its vision for identity management, Okta previewed new tools and capabilities coming to both platforms.

Customer Identity Cloud

Okta has broken down its Customer Identity Cloud to serve two constituencies: those who build and support consumer apps, and the other is SaaS app developers. In both scenarios, Pace said the goal of customer identity is simplicity. The Customer Identity Cloud focuses on privacy, security and user experience.

“Companies have made tradeoffs between the states,” Pace said. “We think that to make an application super easy to use, you can’t sacrifice security. And conversely, if it’s super secure, then you know it’s really hard to use. And the trick, which is not easy to pull off, is to maximize all these three things at the same time. That’s what the Okta Customer Identity Cloud does.”

The Okta Customer Identity Cloud for SaaS builders provides user onboarding and manages customer authentication. Okta said it provides SaaS builders with enterprise federation and directory synchronization manages organizations’ security policies and offers customized branding.

Although McKinnon emphasized that the Customer and Workforce clouds will remain distinct, Okta introduced a connector. The Okta Workforce Enterprise Connection, now available, lets organizations use the Okta Workforce Identity Cloud for their employees’ single sign-on.

The connector provides access to the workflow rules for login, authentication and provisioning from the SaaS application using the Customer Identity Cloud. “It makes it easier for SaaS builders to get value with free federation with every Okta Workforce Customer Identity Cloud user in the entire world,” McKinnon said.

Okta Customer Identity Cloud will also enable SaaS builders to configure custom branding and policies. According to Okta, the platform can now provide SaaS builders with up to 2 million organizations per tenant and 2 million members per organization. Okta said it also offers enhanced search features.

The second constituency of the Customer Identity Cloud is consumer apps. Okta said the platform enables authentication from social networks and provides progressive profiling and enhanced security, including adaptive multi-factor authentication (MFA).

Okta plans to roll out the enhancements to the Consumer Apps component of the Customer Identity Cloud by the end of the second calendar quarter. Among the new features include support for passkeys, a new toolset that allows organizations in regulated industries to create rules and policies. Okta also previewed Security Center, which provides an interface for security teams to monitor threats using telemetry from “billions of authentications.”

Workforce Identity Cloud

Besides the new brand, Okta introduced a host of new capabilities planned for the Workforce Identity Cloud. Perhaps most notable is integrated privileged access management (PAM), enabling organizations to apply tighter controls over administrative access.

The new PAM capability will allow organizations to secure credentials to highly privileged accounts. Using Okta’s vaulting service, it will automatically rotate passwords. PAM will also manage requests for privileged access and provide monitoring of activity and can generate compliance reports for auditors. It will also offer password-less access management using certificate-based authentication for on-premises and cloud-based infrastructures, including Kubernetes-managed applications.

Okta will release an early access preview of Privilege Access Management in the second quarter of next year. The company plans to offer it as a standalone in the fourth quarter of next year.