Loading...
Blog
Identity

Access Tokens for Third-Party Services to use the Okta API

April 3rd, 2025

In an Okta environment, connecting an external service to the API typically requires a token, which can be obtained through either API Tokens or API Service Apps, each with its own benefits and drawbacks. API Tokens are quick to implement but have security and management limitations, while API Service Apps offer greater scalability, automation, and security using OAuth 2.0.

Technology

The rise of BiTM attacks!

April 3rd, 2025

Browser-in-the-Middle (BitM) attacks bypass multi-factor authentication by stealing session tokens, often through social engineering tactics like phishing. To protect against these attacks, organizations should use hardware-based MFA, client certificates, and FIDO2 standards while educating employees and monitoring for suspicious activity.

Identity

How Okta improves identity security?

March 24th, 2025

Okta automates user access management, streamlining onboarding, role changes, and offboarding while enhancing security. Integration with our HR system ensures instant access for new hires and immediate revocation for departures, reducing errors and improving efficiency.

Technology

Strengthening Security with Okta: Incident Detection & Reporting Made Easy

March 23rd, 2025

Incident detection and reporting are crucial for identifying security breaches, minimising risks, and ensuring compliance with regulations like NIS2 and NIST. Okta simplifies this process with real-time monitoring, AI-driven analytics, comprehensive audit logs, and seamless SIEM integrations, empowering businesses to respond quickly and effectively to potential threats.

Identity

Reminder – the machines are coming!

February 27th, 2025

The use of machines in organisations has grown exponentially, while growth allows for higher volume of automations and lightning speed machine to machine transactions, machines often operate with privileged access, handle sensitive data and authenticate with single factor authentication.

Technology

OAuth 2.0 and Token management

February 12th, 2025

As my work shifts to Customer Identity Cloud and I explore OAuth 2.0 and OpenID Connect, token management is crucial. Custom development offers flexibility but presents challenges, like OAuth 2.0 leaving token lifetimes to the implementer, balancing security and usability.

Identity

How NIS2, zero trust, and Okta make Cybersecurity easier?

February 10th, 2025

Cybersecurity can feel overwhelming, especially with new rules like the EU’s NIS2 Directive. But the truth is, these changes are here to help us stay safer and more resilient in a world where cyber threats are always evolving. Pair that with a smart strategy like Zero Trust and tools from Okta, and suddenly compliance and protection don’t seem so hard.

Identity

Create and update roles in Loom via Okta

January 30th, 2025

Are you having trouble figuring out how to update roles: Viewer, Creator and Admin after integrating Loom to Okta? 

Identity

Three Tenets of IAM

January 2nd, 2025

While the planning, implementation, and rollout of an IAM solution will always be an ongoing function that varies based on organizational needs and use cases, it can be useful to organize your design into three main tenets. 

Identity

Am I a human? Or am I a bot?

December 15th, 2024

Am I a human? Or am I a bot?

I recently watched Terminator 2 – what a great film! 😊 

The scene where the T-800 makes the phone call impersonating the voice of John Connor really did predict the future. Who thought we’d be living this threat IRL today? In addition to many, many spam emails, today I received a phishing phone call from my ‘HR Department’ asking me to share sensitive information. 

Engineering

Tech picks of the month

August 15th, 2024

In this post we going to introduce our top 5 pick of the month, consist of frameworks, databases, open source backends and more.