The new platform will allow developers to leverage Okta's SSO technology to build branded biometric authentication for iOS and Android apps.
Single sign on (SSO) provider Okta is opening its platform to third-party developers with a new Okta Devices SDK and an accompanying API that it said will allow developers to "leverage the power of Okta Verify to build customized, secure, and seamless login experiences for their customers."
Announced at Okta Showcase 2020, the new SDK was built for a mobile-first world that Okta said requires organizations to constantly deliver new bespoke and custom-tailored experiences for customers. This creates a challenge for businesses, Okta said in a press release, because of the need to "constantly ship new features while still accounting for security and remaining agile."
"This dynamic [mobile first] landscape has placed an extra emphasis on today's modern businesses to be relevant across every device. The Devices SDK takes the customizability and security of the Okta Identity Cloud and puts it in the hands of developers everywhere," said Okta Chief Product Officer Diya Jolly.
SEE: Identity theft protection policy (TechRepublic Premium)
Okta hopes that its Okta Devices SDK can be the bridge between safety and agility, allowing developers to shift the burden for identity verification off of themselves and on to Okta, which already has the infrastructure in place to handle login security.
The Devices SDK will let developers build branded passwordless login features into their apps and is able to use biometric features like FaceID and TouchID to accomplish logins, which Okta said will offer "layers of protection and security while eliminating friction and increasing customer engagement."
Users that opt to use Okta for signing in to an app that uses the Okta Devices SDK will have their devices registered with the Okta Universal Directory, allowing them to use Okta services from other devices and apps, as well as handle security on devices that are lost or stolen.
In a press release, Okta describes the integration of the Devices SDK with apps to be a way "to deepen and extend device and user identity in customer experiences that adds UX value rather than detracting from it."
Okta mentioned five specific ways developers can integrate Okta into their applications using the Devices SDK and API that should fulfill its goal of enhancing user experiences:
- Embedding Okta Verify into apps with push notifications and biometric login capabilities.
- Giving developers the ability to build branded, omnichannel multifactor authentication features with custom notifications and action buttons.
- Adding additional layers of security to address potentially malicious login attempts.
- Allowing end users to view and manage Okta-registered devices.
- Increasing overall security posture and simplifying device management.
Okta said it plans to continue building on the Devices SDK "through unlimited integrations including completely passwordless authentication experiences to secure transactions on every major operating system."
SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
Developers interested in trying the Okta Devices SDK and API for iOS and Android will have to wait for early access to open in Q1 2021, and can find out more information on Okta's website.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)
- Shadow IT policy (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)