Introduction to Access Gateway
You can use Okta Access Gateway to connect Okta to on-premises applications that use header-based, KerberosKerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner., or URL-based authorization.
Okta Access Gateway helps you to seamlessly integrate your on-premise applications with Okta's Cloud SSOAn acronym for single sign-on. In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in. Okta provides a seamless experience across PCs, laptops, tablets, and smartphones. capabilities.
Access Gateway is an ideal solution for any IDaaS customer where:
Your enterprise wants to unify all IAM under an IDaaS platform, but requires integration with applications that do not support federation (SAMLAn acronym for Security Assertion Markup Language, SAML is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). The SAML standard addresses issues unique to the single sign-on (SSO) solution, and defines three roles: the end user, the IdP, and the SP. Here's how SAML works through Okta: SP-initiated flow: the end user requests (principally through a browser) a service from the SP. The SP requests and obtains an identity assertion from the IdP (in this case, Okta). On the basis of this assertion, the SP can decide whether or not to authorize or authenticate the service for the end user. IdP-initiated flow: with Okta as the IdP, an end user goes to the Okta browser and clicks on an app, sending a SAMLResponse to the configured SP. A session is established with the SP, and the end user is authenticated., WS-Fed).
Your vendors, customers, or partners must access your internal business applications (such as SharePoint, Oracle E-Business Suite, and others) from the internet.
You must restrict unauthorized network access to your applications.
You must comply with industry regulations, such as Sarbanes-Oxley, HIPAA, and others.
Your enterprise has web applications that lack a native authentication mechanism.
Your company is looking for a cost-effective replacement for your on-premise Web Access Management (WAM) solution.
Your company requires a supported replacement of Shibboleth.
Installing the Access Gateway on your own hosted solution, or on a cloud-based computing platform (like AWS or Azure), is a simple process. Access Gateway is a high-performance appliance that is installed within your hosting solution of choice and leverages your DNS and networking to provide services. As the Access Gateway leverages your existing solutions, there are specific tasks that must be completed as part of the installation.
The Getting Started section is intended to provide you with the information you need to fully understand the installation prerequisites and ensure a seamless installation of Access Gateway.Top