Identity Engine offers registration, sign-in, and account recovery integration of the two market-leading CAPTCHA services: hCAPTCHA (opens new window) and reCAPTCHA (opens new window). CAPTCHAĬAPTCHA is a well-known strategy for mitigating attacks by bots. This grant type allows apps using an embedded Okta Sign-In Widget and/or SDK to manage user interactions with the authorization server directly, rather than relying on a browser-based redirect to an authentication component (such as the Sign-In Widget).
To enable a more customized user authentication experience, Okta introduces an extension to the OAuth 2.0 and OpenID Connect standard called the Interaction Code grant type. Interaction code grant type for embedded authentication Authentication policies (opens new window).Configure a global session policy and authentication policies.Additionally, Identity Engine allows you to create flexible apps that can change their authentication methods without having to alter a line of code. For example, you can automatically step up authentication to a strong non-phishable factor when elevated risk is detected. These policies are shareable across applications. Authentication policiesĪuthentication policies are security policy frameworks (opens new window) that allow organizations to model security outcomes for an app. Identity Engine unlocks many new capabilities.
Note: If you are an admin, or are looking for product docs related to Identity Engine, see the Identity Engine Get started page (opens new window) over in the Okta Help Center. This article provides a high-level introduction.īelow we explain what new features Identity Engine brings to the table, we discuss the deployment models that make use of these features and show how our documentation experience is changing to support it. Okta Identity Engine is Okta's new authentication pipeline that provides valuable new features and a more flexible approach to your auth needs.