Skip to content

SYSTEM Cited by 1 source

Okta

What it is

Okta is an enterprise identity provider (IdP) — external SaaS directory + SSO + MFA + lifecycle management, commonly federated to via SAML or OIDC from applications and AWS accounts.

Why it's on this wiki

Okta appears as the upstream IdP in federated architectures where Amazon Cognito handles the AWS-application-side token issuance but employees authenticate against a centralized enterprise directory. Convera's internal customer-service apps use this shape:

User → Convera Connect App → Okta (SAML/OIDC auth)
                           → Cognito (federated identity, issues JWT)
                           → Cognito pre-token-generation Lambda
                             (enriches access token from DynamoDB)
                           → App uses enriched JWT against API Gateway

This is a canonical instance of patterns/centralized-identity-federation — identity lives in a single IdP, per-application authorization grants flow through application-specific token issuers (Cognito). (Source: sources/2026-02-05-aws-convera-verified-permissions-fine-grained-authorization)

Seen in

Last updated · 200 distilled / 1,178 read