Okta Cloud Connect Integrates Webex with Active Directory/LDAP for Fast and Free Single Sign-On and Provisioning
Okta is a single platform for identity management – Cisco Webex is a single platform for all of your collaboration needs. And now we’re even better together.
Okta’s mission is to enable any organization to use any technology. Okta enables companies to easily provision applications, and then allow employees, customers, and partners to access applications and infrastructure in a secure and seamless way, other tools more smoothly and securely than ever before.
Okta is one of the most complete identity and access management platforms for workforces and customers, securing all critical resources from cloud to ground.
Born in the cloud, Okta provides an identity management cloud platform that enables customers to secure their users and connect them to the technologies and applications used by their IT department.
Okta and Cisco have worked together to make sure that we could deliver the most complete IDaaS solution for all Cisco Collaboration applications.
There were a couple of challenges to address:
Provisioning
Okta needed to provision users across a different cloud to Cisco Webex. Okta needed to push information in a secure way about users to the Cisco Webex platform and to achieve that, we used SCIM protocol.
It is an open standard for automating the exchange of user identity information between identity domains, or IT systems. It allows for provisioning and de-provisioning operations between different systems. In addition, it allows to systems to share information about user attributes, group membership, and attributes schema.
For customers that still use Webex Meetings with Identity Management user Site Admin, Okta uses the XML APIs from Webex meetings to be able to deliver provision functions for the solution.
Okta also supports just-in-time provisioning of SAML JIT, but the usage of it only allows for provisioning, which is insufficient for most of our customer needs.
Okta provisions users in Cisco on-premise products. Two possible solutions could be used:
◉ Both Okta and Cisco on-premise collaboration solutions get information about users from the same source such as an LDAP service like Active Directory
◉ For those customers that no longer have an on-premise LDAP service, Okta can provide LDAPS service for Cisco on-premise Collaboration solution
Authentication and Authorization
Okta supports many types of authentication mechanisms like Secure Web Authentication, SAML 2.0 or OpenID Connect. Typically, most customers have their applications supporting SAML 2.0 protocol, to deliver single sign-on and implementing a central authentication policy.
Cisco’s on-premise application requires support for multiple servers to act as a single SAML entity, and for that to work we require a SAML feature called Multiple Assertion Consumer Service URL’s. This allows for multiple nodes in a cluster to provide information to the IdP to which node to send the SAML assertion. Okta was the first IDaaS vendor to implement that feature, allowing the on-premise collaboration tools to work with it.
Better Together For our customers
Cisco and Okta provide unique value for our customers, allowing them to increase the security of their overall collaboration solution, but at the same time having a platform that would increase the overall security for all the IT applications in their portfolio.
Okta went one step further and offers the full feature IDaaS product only for Webex applications – allowing our join customers that don’t yet an Identity strategy to deploy the best in the market IDaaS solution and in the future extending the identity solution to all their other applications.
Get Okta Single-Sign On for Webex for Free
You can get Okta single-sign-on for Webex for free.
Posts
0 comments:
Post a Comment