Okta Releases API Access Management Tool

OKtaSSO and EMM provider Okta is launching a new product aimed at securing access management to APIs.

While OAuth 2.0 has become the modern standard for API authorization, organizations still working with traditional solutions face significant challenges, including the costs of operating, scaling and securing on-prem software, and the complexity of maintaining fragmented custom-coded policies. With it’s new API Access Management product, Okta hopes to solve those modern challenges for both developers and IT.

Okta’s new capability is fully integrated to the Okta Identity Cloud, which lets users centrally maintain one identity and one set of permissions for any employee, customer or partner, across every point of access..

The release was announced at Okta’s Oktane17 conference in Las Vegas on Tuesday.

“Companies everywhere are transforming their business and going digital. They have to deliver and secure new technology-powered user experiences for their employees, partners and customers that span existing on-premises and new cloud services,” said Eric Berg, Chief Product Officer at Okta. “Okta plays a key role in securing user access for digital experiences and with our new API Access Management product, we extend from managing identity into managing service-to-service access. We’re enabling rich, secure user experiences while also making it easy to centrally administer API access policies across all of your apps.”

Okta API Access Management includes:

  • OAuth 2.0 API authorization. Okta API Access Management has standard-compliant OAuth 2.0 support for any app or service.
  • Flexible identity-driven policy engine. Designed for every type of user and service, Okta API Access Management leverages Okta’s rich core policy engine so administrators can define access policies based on user profile, group membership, network zone, device, client, user or administrator consent. Access is granted and revoked in real-time as administrators change user permissions.
  • Centralized administration across APIs. The user-friendly console in Okta API Access Management allows for consistent creation, maintenance and audit of API access policies based on native identity objects without custom code.
  • Partnership with leading API management vendors. Okta API Access Management has proven compatibility with API management solutions from Apigee and MuleSoft to create a complete digital transformation solution.


Check out these additional resources: 

Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff