Okta architecture for mergers and acquisitions
If your organization acquires another company, Okta helps you enable secure and flexible identity management throughout the entire business integration journey. On the first day, you can immediately onboard employees from the acquired company and grant them secure access to business applications without changing their credentials. You can configure secure access to all resources for all users, whether they're in the parent or acquired company. As you integrate the acquired company into your business, you can fine-tune the access management model to fit your evolving requirements: you can consolidate access, preserve autonomy between business units, or configure something in between.
Benefits
These are the main benefits of using Okta to onboard an acquired company:
-
User and group syncing from any source: You can give new employees access to applications in your org by connecting the acquired company's directory to your Okta org. The acquired company might use Active Directory (AD), Lightweight Directory Access Protocol (LDAP), Okta, or a different IdP than Okta.
-
User and app management flexibility: You can configure user management in your org or in the acquired company's directory. The acquired company can preserve its autonomy and continue to manage their users and applications. To share some of your org's apps with the employees of the acquired company, sync the users to your org.
-
Security policy enforcement: Configure Okta policies to give new employees access only to the apps they need and to enforce your security requirements for the apps in your org.
-
Easy end-user experience: If you delegate authentication to the acquired company, end users can have a seamless sign-in experience. They don't have to reset their usernames or passwords to access resources in your Okta org.
-
Flexible user profile sourcing: Select which user profile attributes to sync between the acquired company and your Okta org. Sync only the attributes that are needed. Attribute-level sourcing allows the your parent company to control specific attributes that may be required for shared app provisioning, without worrying about these attributes getting accidentally overridden in the acquired company's directory.
Use cases
Okta offers the following integration models:
-
The acquired company uses and external IdP (a different IdP than Okta, such as Azure Active Directory)
-
The acquired company uses Active Directory or Lightweight Directory Access Protocol (LDAP)