Skip to main content

Help us improve the Digital Marketplace - send your feedback

Innovate IT Ltd

Okta Licences - Identity and Access Management Platform (IDP)

OKTA connects any person with any application on any device. It's the market leader for cloud identity management, providing a secure way to store your credentials. Okta’s architecture means that users just sign-on with one password, one time to access all their applications. Take advantage of this SSO service.


  • Independent SKU advice based on your requirements
  • Training for 1st & 2nd line
  • Support package
  • Identity audit report generation
  • Workflows to automate tasks
  • Manage access to legacy applications
  • Single sign-on (SSO)
  • Adaptive multi-factor authentication (MFA)
  • Professional services support
  • Platform healthchecks, reports and support


  • Enables bring Your Own Device (BYOD) (multiple platform devices)
  • Zero-trust security
  • Accelerate digital transformation
  • Enhanced staff identity security
  • Automate Workflows for JML
  • Automated licence provisioning
  • Simplified joiner, movers, leavers (JML) processes
  • Manage access to legacy (including on-prem) applications
  • Role Based Access Control (RBAC)
  • AD/AAD/HR as a Master Directory


£1,800 a unit

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Hello@Innovate.Cloud. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 0 1 6 5 3 1 3 5 8 8 0 3 9 0


Innovate IT Ltd Paul Rawlinson
Telephone: +44(0)1233 800 102
Email: Hello@Innovate.Cloud

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
OKTA is an extension of over 6,500 application integrations. For a full, up to date list visit:
Office 365,
Wordpress (CMS)
Content management systems (CMS)
Amazon Web Service AWS
Active Directory
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
No standard requirements, although you can install the browser plugins to enhance the user SSO experience. Other Okta features have their own specific requirements.
System requirements
  • User licences
  • Device level browser compatibility
  • No server-side system requirements

User support

Email or online ticketing support
Yes, at extra cost
Support response times
3rd line support and will engage Okta on your behalf for application level support (4th line).
08:30-17:30 Mon-Fri (ex. UK holidays)

P1 & P2:
Response time: 1 working hour
Resolution Goal: 1 working day

Response time: 4 working hours
Resolution Goal: 3 working days

4th Line support provided by Okta:
Premier Success, Premier Access Success, and
Premier Plus Success
Response Time for the Service during 24x7 Support hours
As published here:
User can manage status and priority of support tickets
Phone support
Web chat support
Onsite support
Yes, at extra cost
Support levels
Basic Support Package:
3rd/4th line incident response and resolution,
Monthly health checks,
1 working hour incident response,
Web or email incident logging,
Escalation and management of incidents with Okta (4th line),
Monthly service reporting,
New feature recommendations.

Automated monitoring and alerting,
Bespoke reporting,
ITSM integration for incident management.

Every customer will be given a technical account manager who will assess the technical requirement and assign the relevant resource on and individual basis.
Support available to third parties

Onboarding and offboarding

Getting started
We provide a complete Okta integration and migration service to get you up and running. We can design, plan and manage the project as well as provide the licences. We provide onsite training, online training and user documentation.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Audits can be exported in .CSV format
User identities from the universal directory can be synchronised with other compatible directories.
End-of-contract process
Included: Service documentation will be handed to the customer. If no longer required by the customer, all data will be securely erased and the SaaS tenant deleted.
Additional charges: Data migration services are chargeable.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
None. Full featured mobile service.
Service interface
User support accessibility
None or don’t know
Description of service interface
The interface is accessed through a web browser.
Accessibility standards
WCAG 2.1 A
Accessibility testing
We have implemented with yubikeys multi-factor, telephone multi-factor and the interface is customisable to meet specific needs.
What users can and can't do using the API
The APIs can be used for integration into monitoring and other third party services, strictly controlled by Okta administrators, with no user access. The APIs are strictly server-side. Okta uses REST APIs.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The customer can customise the available features for their needs.
The dashboard and branding can be altered to meet organisational standards.
Users are able to add their own applications and SSO links to the dashboard.


Independence of resources
As a SaaS product, Okta is delivered over a CDN with services multiple zones around the world.


Service usage metrics
Metrics types
Number of users.
Number of integrated applications.
Authentication audits.
Service use audits.
System level audit.
Application level audit.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Okta Inc

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
We provide a service to export the universal directory, or the user can do it and export it as a .csv file.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • JSON
  • LDAP

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
HTTPS to internet hosted SaaS product dashboard and between agents and SaaS service.
Internet connectivity is under the customers control.
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Please se the Okta site for details
Approach to resilience
Okta a have a 99.9% uptime guarantee, and zero planned downtime. For the latest information on Okta's approach to resilience, please see the Okta website.
Outage reporting
Designated support mailbox will receive email alert with estimated outage time and a further email once fully restored.
Users can visit for live information on service.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
API token
OAuth 2.0
Access restrictions in management interfaces and support channels
Access to support channels is only granted to administrative users and security check is carried out when a user raises a support ticket. Management interfaces is also locked down to administrative users.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Description of management access authentication
API token
OAuth 2.0

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
The Certification Body of Schellman & Company, Inc.
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The scope of the ISO/IEC 27001:2013 certificate is limited to the information security management system (ISMS) supporting
Okta’s cloud-based Identity-as-a-Service (IDaaS) platform and aligned with ISO/IEC 27018:2014 in accordance with the
Statement of Applicability version 3.2, dated March 28, 2016.
ISO 28000:2007 certification
CSA STAR certification
CSA STAR accreditation date
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
Schellman & Company, LLC examined the description of Okta, Inc.’s (“Okta” or the “service organization”) OnDemand
Identity-as-a-Service (“IDaaS”) system for the period May 1, 2015, to May 31, 2016, (the “description”)
based on the criteria set forth in paragraph 1.26 of the AICPA Guide Reporting on Controls at a Service
Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2®)
(“description criteria”) and the suitability of the design and operating effectiveness of controls described therein to
meet the criteria for the security, availability, and confidentiality principles set forth in TSP section 100, Trust
Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA,
Trust Services Principles and Criteria) (“applicable trust services criteria”), throughout the period May 1, 2015, to
May 31, 2016. We have also examined the suitability of design and operating effectiveness of controls to meet the
requirements set forth in the Cloud Security Alliance's Cloud Controls Matrix Version 3.0.1 control specifications.
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
  • SOC2
  • FedRAMP
  • FIPS 140-2
  • GDPR
  • PCI-DSS 3.2

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Okta’s data protection meets the highest industry standards, complying with FedRAMP and NIST 800-53, HIPAA, and ISO 27001 requirements. Our state-of-the-art encryption technology protects customer data both at rest and in transit to the user’s browser, leaving no weak spots for attackers.
Information security policies and processes
For information on Okta security policies and processes, please visit

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Please see the Okta link for information on SOC 2 Type II Reporting
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Okta aggressively hunt for bugs in our software using four concurrent security programs. Our internal tests work in conjunction with third-party security audits, a public bug bounty program, and a highly-responsive customer bug reporting program. We also believe in the customer’s right to conduct a penetration test on Okta, and so we provide them with test environments to do that.
Please see for further context.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Okta utilizes a number of monitoring tools with centralized logging and SIEM using our own correlation rules for security monitoring, analysis, and alerting
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Okta has formally documented incident response & disaster recovery standard operating procedures (SOPs) that describe discovery, investigation, escalation, containment, notification, and documentation processes. Customers are provided this SOP document upon request and under NDA

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

This services enables secure remote working for customers' employees, which is a large factor in reducing travel-related emissions. Having a zero-trust approach to identity and a strong security foundation enables home and hybrid working.
Covid-19 recovery

Covid-19 recovery

This product support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services through improving remote working capability for the customer.

This service improves workplace conditions that support the COVID-19 recovery effort through aiding remote working.
Tackling economic inequality

Tackling economic inequality

This service supports the development of scalable and future-proofed new methods to modernise delivery and increase productivity through automated workflows and reducing customer service desk calls.

This service supports the development of scalable and future-proofed new methods to modernise delivery and increase productivity, through integrating directories with the identity platform for greater flexibility and faster software migration and integration.

This service helps to identify and manage cyber security risks in the delivery of the contract including in the supply chain.
Equal opportunity

Equal opportunity

This service seeks to influence staff, suppliers, customers and communities through the delivery of the contract to support disabled people through offering accessibility options for workforce users and citizens.


This service supports the health and wellbeing, including physical and mental health, in the contract workforce through reducing IT friction, for example removing the need to remember passwords or to use the helpdesk for password resets. This service empowers the user.


£1,800 a unit
Discount for educational organisations
Free trial available
Description of free trial
A full featured trial can be obtained by contacting

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Hello@Innovate.Cloud. Tell them what format you need. It will help if you say what assistive technology you use.