Protect Okta

AuthN by IDEE Integration: Okta Universal Directory

Further Securing Your Digital World
Okta Universal Directory is used by professional organizations that are serious about putting identities at the heart of their IT environments – we wholeheartedly approve! Okta’s highly acclaimed cloud-based directory is used by tens of thousands of organizations, to store user ID’s, attributes, and permissions and effectively manage workforces world-wide.  

It all starts with people, and Okta Directory sits at the core of the organization - the data it stores and systems it connects to are as critical as they are valuable.  

What if you could protect it all with next-level security in the form of same-device phish-proof MFA? We’re glad you’re here!  

Okta Universal Directory Integrates with AuthN by IDEE

All the Functionality of Okta Directory…  
Just With a Whole Lot More!

If you want all the benefits of Okta’s Directory, but with an additional layer of top-level-security and user convenience,
then AuthN by IDEE is the right choice.

Here are some of the reasons why businesses know it makes sense to add AuthN by IDEE...
Cost Effective Multifactor Authentication
Cost Effective Multifactor Authentification

AuthN by IDEE is the most effective way to add the highest level of authentication security for the most optimum price per user - all the advantages of the highest tier of Okta MFA with an abundance of extra benefits.

Highest Level of Authentication Security
Highest Level of Authentication Security

Protects against all credential phishing & password-based attacks including AiTM.
AuthN by IDEE makes your solution even more secure with an extra layer that is not just phish-resistant, but demonstrably phish-proof.  

No disruption to your Existing IT Environment with AuthN by IDEE
No Disruption to Your Existing IT Environment

Okta is still your central repository, and the AuthN integration is the phish-proof forcefield that slots expertly into your existing IT infrastructure, protecting everything with no changes required.

AuthN by IDEE Improved Productivity Superior UX MFA
Improved Productivity With Superior UX for Users

Users authenticate right on the device they are already using making sign-in and authentication seamless to the point that it is almost unnoticeable.

With AuthN by IDEE MFA Compliance Just Became a Breeze
Compliance Just Became a Breeze

Many use cases demand higher levels of authentication security and AuthN guarantees a zero-trust solution that stores zero PII of any user.

Blue Okta Directory Logo
AuthN Is Available via the Okta Integration Network

Integration is easy and AuthN by IDEE is an approved integration that can be found via the Okta Integration Network:

What Does Login Look Like?

Users’ authentication and login just got super slick. With AuthN by IDEE it’s like going back to before you had MFA… but you still have MFA! Here’s what it looks like for users.

How to Integrate Okta Universal Directory With Authn by Idee

Just like everything else about our product, integration is simple.

Your Step-by-step Integration Guide

The following guide will walk you through adding IDEE AuthN as an external SAML 2.0 provider to allow logging in to Okta and associated applications using IDEE AuthN (single-device, phish-proof MFA).
Step 1.
  1. In the Admin Console, go to Security Identity Providers.
  2. Click Add identity provider, and then select SAML 2.0 IdP.
  3. Click Next.
  4. Configure the General Settings and Enter a Name for this IdP.
Step 2.
  1. Scroll down to Account matching with IdP Username, select idpuser.subjectNameId.
  2. Under Match Against section select Okta Username or Email.
  3. Change the Account Link Policy to Automatic.
  4. Select the option for If no match found as Redirect to Okta sign-in page.
Step 3.
Configure settings under SAML Protocol Settings.
  1. Provide the IDP issuer URI by copying the IDP Issuer URI from the IDEE Integrations page.
  2. Provide the IDP Single Sign-On URL by copying the IDP Single Sign-On URL from the IDEE Integrations page.
  3. Download the IDP Signature Certificate from IDEE Integrations page and upload it to the IDP Signature Certificate section.
  4. Change Request Binding to HTTP Redirect.
  5. Click on Finish to save.
Final Steps
  1. Download the SAML Metadata.
  2. Upload the metadata.xml file to the Service Provider Metadata section on the Integrations Page.
  3. Once uploaded, select your preferred Authentication method to complete your integration. We recommend using Web-AuthN 🔒
Testing Your Okta Integration
  1. You can test out your integration by using in your Browser.
  2. A new integration takes up to 5 minutes to be complete! ⏰
  3. This should redirect you to the IDEE Login Page.
Fingerprint used for Biometric Authentication MFA

Enrollment: Register
A New Device in Seconds!

AuthN by IDEE works on the basis of transitive trust, which means that only a trusted user can access a trusted service on a trusted device when proven to be in possession and control of their device. User devices, therefore, must be registered, but it is so straight forward, users can complete the process in just a few seconds, guided step-by-by-step from within the app. It’s child’s play!

Man Registering a New Device AuthN by IDEE MFA with Okta Directory
Your Step-by-Step Guide
  1. User goes to login to a protected domain for the first time and signs in  
  2. They will be redirected to AuthN by IDEE to set up their device.
  3. The user simply unlocks their device, using facial recognition, PIN, or fingerprint.
  4. They will receive a secure magic link via email.  
  5. The user clicks on the link which opens a new tab in the browser.
  6. User clicks ‘accept’ at which point they have registered their device. 🎉  
Now every time a user wants to login to their favorite accounts, they just unlock their device. That’s all.

Protect Everything (Including Legacy Systems)

Once you have added AuthN by IDEE to your Okta account, you can protect everything with same-device phish-proof MFA.

AuthN by IDEE seamlessly integrates with Okta through modern authentication protocols. Thereafter, access to the Okta user dashboard is only possible via phish-proof MFA. The legacy applications that require passwords work just as before but with the additional security of phish-proof MFA and all the convenience of same device authentication.  

In addressing the needs of legacy systems reliant on passwords, AuthN by IDEE also offers seamless integration with reverse proxy, Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE) and Virtual Private Network (VPN) solutions. By enforcing phish-proof Multi-Factor Authentication (MFA) prior to password entry, AuthN ensures robust security measures are in place. This approach guarantees that only authenticated users with the appropriate access rights to the designated application, are permitted to enter passwords and gain access. They must have also successfully completed the phish-proof MFA process first, thereby fortifying system security comprehensively.

IDEE Deployment Architecture Showing All MFA Integrations and Use Cases

Authentication Methods

Chose An Authentication Method That’s Right for You

We highly recommend you use Web-Authn which is the passwordless, same-device phish-proof, method of MFA. However, you do have choices and, it is up to you. Supported authentication methods include:  

The following popular browsers are supported:

  • WebAuthn
  • FIDO2 Security Key
  • PUSH
  • QR
Lady super happy and zen because AuthN by IDEE Supports her Authentication Method

Web-Authn offers the highest level of protection. We ensure that your digital identity is secure from phishing and password-based attacks throughout the entire lifecycle, which is why Web-Authn is our preferred and recommended option.

Device Requirements

Web-Authn works on any computer with a TPM chip (most machines from 2016 onwards have this) and/or any smartphone with a secure enclave or secure element.

The following popular browsers are supported:

  • Microsoft Edge
  • Chrome
  • Safari
  • Internet Explorer 7 or higher
Happy Man Showing A Mobile Phone with Every Browser Logo AuthN by IDEE MFA Webauthn
Fingerprint used for Biometric Authentication MFA

Fallback Procedures

We have not only eliminated phishing,
but we can also promise to eliminate the anxiety of account resets and recovery.  

Our aim is to remove the complexity and stress from every area of authentication. Of course, a solution’s fallback procedure is always a consideration when weighing up whether an app is right for your use case, but there really is not much to talk about in this section because it is all so simple!

There’s Nothing to Lose!  

First of all, there are no additional tokens, keys or USBs, let alone any secondary devices, and there are no passwords at any stage of the identity life cycle. This means that there is nothing to lose. Everything you need is already housed within the secure hardware of your registered device. This reduces the need for account recovery due to lost devices or hardware, and also eliminates the need to have back-up codes, or purchase replacement back-up hardware and we never fallback to passwords.

In the highly unlikely event that you do lose access to your trusted device (which will most likely be a work laptop or PC), you simply re-establish trust on your new one using secure identity proofing or setup the new device from an existing device using transitive trust.

Man Showing Empty Pockets Because AuthN by IDEE is Same Device MFA with No USBs or Second Devices Required
Man Laid Back & Happy Because He Has No Updates or Maintenance Worries with AuthN by IDEE Same Device MFA

Updates & Maintenance

Maximum Security – Zero Fuss

Because the AuthN solution is fully SaaS (Software as a Service), keeping everything up to date is a job that you simply don’t have to worry about. Let us take care of that – we can imagine you and your teams are busy enough!  

Just be safe in the knowledge that with no additional hardware or software, there is absolutely zero firmware or software updates – you are fully protected with maximum-level security and with zero fuss.  

How We Protect Your Data

Actually… what data? AuthN by IDEE holds zero personal identifiable information (PII) about its users, which is one of the reasons why it is so secure! That said, we take security and privacy incredibly seriously. Privacy is our primary company value, and this is why we also go to enormous lengths to ensure we meet all the important standards and compliance regulations you would expect from a chief cyber security vendor.

AuthN by IDEE is GDPR Compliant - GDPR Logo

GDPR Compliant

IDEE is fully GDPR compliant, meaning that we take your data seriously. Always.

ISO 27001 Logo - AuthN by IDEE MFA is Compliant

ISO 27001

We are 27001 certified.

SOC2 Type II Logo - AuthN by IDEE is SOC2 Compliant

SOC2 Type II

We are SOC2 certified.

MFA Defense In Depth Shield Icon

Defense In-Depth

One layer is not enough. We employ layered security for every action.

MFA with Decentralised Credentials - Icon

Decentralized Credentials

Fully decentralized asymmetric keys stored inside the device security chip.

Strong Encryption Icon

Strong Encryption

AES-256-Bit & ECC-512.

Did Somebody Say Compliance?

Rest assured, we are proud to say, that the AuthN by IDEE technology is backed by all the important standards. Due to new and incoming legislation, this is especially important if you are based in Europe or The United States.

EO 14028 OMB M-22-09 Icon

United States - EO 14028 & OMB M-22-09

This executive order outlines the mandate for all federal government agencies and civilian agencies in the federal government, to use phish-resistant MFA. AuthN by IDEE goes one step further, in offering phish-proof protection compliant with EO 14028 & OMB M-22-09.

DORA Digital Operations Resilience Act Icon

Europe - The Digital Operational Resilience Act (DORA) - Regulation (EU) 2022/2554 – DORA

DORA is new legislation aimed at increasing security in the financial sector in the EU and asserts that organizations will be obliged to “Implement  strong authentication mechanisms, based on relevant standards.” AuthN by IDEE is fully compliant with DORA.

NIST Complant Logo

NIST (National Institute of Standards and Technology) Compliant

We are compliant with NIST’s digital identity guidelines (NIST SP 800-63).

FIDO2 Architecture Logo

FIDO2 Compliant

Expanding upon a FIDO2 compliant architecture, AuthN by IDEE is a strong zero-trust application of MFA. We do not trust blindly; all authentications are explicitly verified.

PSD2 Compliant Logo

PSD2 Compliant SCA

Our MFA uses factors that supersede the PSD2 strong customer authentication requirement.

PKC TPM Secure Enclave Strong Encryption MFA Technology - Chip Icon

Based on proven Technology

We leverage PKC, TPM/Secure Enclave, and strong encryption.

Transitive Trust Icon

Transitive Trust

Ensuring a transaction can only be carried out on a “trusted service” by a “trusted device” coupled to a “trusted user” and authorized under the “user’s total control.”

Unphishable MFA for Okta Icon


AuthN by IDEE protects against every credential phishing and password-based attack, including Adversary in the Middle attacks (AiTM).


It’s easy to find the support you need. Here are your resources:

AuthN Admin FAQ

Admin FAQ

Got questions? Well, the chances are that they may have been asked before, which is why we have a neat collection of the most frequently asked questions all in one place! Check it out!

Raise a Ticket Icon

Raise a ticket

Sometimes we just need a bit of technical support. Do you need to raise a ticket? No problem head over to the service desk and tell us how we can help. We will get back to you quickly!

Report an incident icon

Report an incident

Is there something we should know about or maybe you just have some excellent feedback for us? Please use this form to report a security incident, vulnerability, or an improvement.

AuthN by IDEE Video Tutorials

Video tutorials

Already an admin? Visit the Knowledge Centre for step-by-step interactive video tutorials. Looking for demo videos? Check our YouTube playlists.

AuthN by IDEE Blog - Book Icon

The IDEE Blog

We discuss many topics on our blog from authentication & cyber security, how our partners can build their business and featured guides and tools.  Check it out!  

You like what you see? 

Speak to us today to try the best MFAsolution for yourself.