Integrate Beyond Identity with Okta

Discover how to integrate Beyond Identity into your Okta single sign-on.

Beyond Identity is a passwordless identity platform that's cloud-native and utilizes standard integration protocols like SAML2, OIDC, and SCIM, so companies can roll out passwordless in days, not months. 

The integration is quite simple. There’s three major steps. The first step is to add Beyond identity as an identity provider in Okta. You log into the Beyond Identity Console and create a new OIDC integration. You log into the Okta admin portal, and create a new identity provider. Simply copy and paste the Beyond Identity Admin Portal client ID and client secret into Okta.

The second step is to route Okta users to Beyond Identity. You do this using a custom attribute and an Okta routing rule. So you'll add a user attribute named “Beyond Identity Registration Status.” To automatically add this attribute to new users in Okta, you create an Okta API key and add that token value to the Beyond Identity API extension.

Next, you'll use this new attribute to create a routing rule to delegate authentication to Beyond Identity. The final step is to automatically provision users from Okta to Beyond Identity. First, go to Okta Apps, and add the Beyond Identity User Portal app. Next, go to provisioning and integrations and put in the Beyond Identity user portal API key to create a SCIM integration.

So whenever users are added to Okta and are assigned to the Beyond Identity User Portal App, they’ll automatically get added to Beyond Identity’s Directory and provisioned.

That’s it — you’ve integrated Beyond Identity’s passwordless identity platform with your Okta single sign-on.