Okta announced on Wednesday the application Okta API Products One, which allows teams to perform the task. engineering and developers to implement multifactor authentication, or MFA, for any web site or application.
Developers can freely use API products for an app if they display "Identity by Okta" on their app's login page.
Okta API products for an application include the following:
- Authentication and directory services for web or mobile applications;
- A self-registration feature that allows community members to easily register for an account
- A social authentication feature that allows end users to log in and create an account with a social identity, relying on simplified OAuth 2.0 connections, enriched user profiles and an authorization;
- An administration application that allows developers to manage users, groups, applications, APIs, and policies;
- Tools and controls that allow developers to use widgets, SDKs, toolkits, documentation, wizards and Okta code snippets to quickly add a modern identity to any application, with complete protocol, factor and policy; and
- Secure multi-factor authentication that allows developers to take advantage of SMS one-time pass codes or Okta Verify for a second factor.
Okta API One App products gives developers direct access to the full granularity of the Okta REST API.
Facilitate the creation of identity infrastructures
API Products One App takes the stress of building the identity infrastructure out of the internal engineering teams, which helps them bring new products to market faster, said Ed Sawma , Director of Product Marketing Okta.
Potential users range from companies that create a unique digital experience for startups to non-profit organizations with limited resources.
The integration of API One App products into a product means that its authentication solution will benefit from the latest security updates, will not require ongoing maintenance by internal developers and will offer users an experience seamless connection. ]
"Most websites are only marginally secure," said Michael Jude, director of research at Stratecast / Frost & Sullivan.
Multifactor authentication "can improve Web security," he told the E-Commerce Times.
API Products One App offers the greatest benefit to "the smallest retail Web sites that, until now, used simple password authentication," says Jude.
Leverage social media
The Products One application offers social authentication, allowing users to use a personal social media account as a security title.
Social authentication allows individuals to hide their identities while staying safe, Jude said. However, "this increases the potential for someone to be spoofed."
The Okta social authentication feature supports simplified OAuth 2.0 connections, enriched user profiles, and permissions.
"OAuth 2.0 is the next evolution of the industry standard OAuth protocol and not only is secure, but makes the customer developer experience simpler by providing specification feeds for a variety of applications." Applications, "noted Sawma Okta. These additional authorization streams "provide more security for developers and users".
Potential security issues
API Products One App does not protect against malicious applications from authenticated social network users.
Take Facebook, for example. Trustlook has identified nearly 26,000 malicious applications using a Facebook API that developers can use to obtain a series of information from a Facebook profile.
The official Android application of Facebook (com.facebook.katana) has recently started generating popups requesting superuser permissions, causing consternation among users.
Facebook later stated that the problem was due to a coding error in one of its anti-fraud systems, and stated that it had solved the problem.
Android users earlier this month complained about Reddit that Facebook was
asking for root access to their devices.
"API Products One App simply provides authentication, authorization and user management functions for an application," Sawma said. "It has nothing to do with the Facebook API."
One App allows a developer "to not have to worry about storing passwords themselves because Okta handles authentication," he explains. "However, all identities or the application are still controlled by this application."
Okta offers an alternative, said Sawma. Logging in with Okta allows users to log into an application with their own Okta identity, controlled by their employer.