Over the past few years, okta have stated its committee to ending the threat of identity-enabled cyber crime and attackers.
As part of its Secure Identity CommitmentOkta has been keen on “Elevating our industry 'by accelerating its capability and embracing new technology, such as AI, and Und the Digital Transformation of NONPOROFITS and Advance Inclusive Pathways Into Tech.
Therefore, when an announcing was made of a Standard Around Identity Security in Security-AS-A-Service (SAAS) Applications, it was worth taking notice.
Saas Framework
Named the Interoperability Profile for Secure Identity in the Enterprise (IPSIE), the concept is of an open standard which provides a framework for saas companies to enhance the end-to-en second of their products across the person who technology staff.
Announcing It in October 2024, Okta Ceo and Co-Founder Todd mckinnon Said there is a ”need [for] Massive Standardisation “and” Move to a World Where Every App, Every Device, Every Workload All Speak A Common Language “.
Mckinnon said that by adopting IPSIE, Users will get complete visibility into their identity environment and the Threat Surface, and they can provide access to the right applications at the right time and take Real-time actions in Response to Threats.
Okta's announsement stated that the point of iPSIE is to “Foster a more open, consistent, flexible saas ecosystem by Empoining Organizations to adhere to a higher level of security, more security, more security, more security and more Efficiently integrating among tech stacks ”.
This open standard will provide the framework for any enterprise application to be discoveble and governable. By adopting IPSIE, users will be removed Saas Applications more seamlessly and efficiently.
On that final point, okta states that any app built to the IPSIE Standard Adhares to a Higher Level of Security by Ensuring That It Can Be Governed, Have Entitlements Managed, Can Support MALTI-Itle Authentication and posture management, as well as feature real-time universal logout.
Joining the cause
So far, 50 Enterprise Saas Applications have joined the cause and integrated with IPSIE – Including Google, Microsoft Office 365, Slack and SALESFORCE – to Support MODENDERN IDENTITIS Best Practices AIMED At Enhancing Security and Reducing Operational Burden.
Harish peri, Senior Vice-President of Product Marketing At Okta, Tells Computer Weekly That IPSIE is a Way to Ensure That Every App and API Conforms to a Standard Where Are leading the way with the opening foundation, and we're part of the working group for the creation of ipsie interoperably profiled for secure identity of the enterprise. “
Far from Working Alone, Okta has enlisted members of the Openid Foundation to create the IPSIE Working GroupWhich will develop profiles of existing Specifications with a primary goal of achieving interoperability between independent implements.
Gail Hodges, Executive Director of the Openid FoundationSays That While The Development of the IPSIE was initially gotting off the ground in this first year, she felt the concept was “great”, adding: “I'm really encouraged as the foundation is moving more. Specifications;
“I see the work of IPSIE and a group of Subject Matter Experts Looking to do exactly that – Line up the specifications toge Will be even greenfits of interoperability and security associateed with deplying a more complex stack. I think it's fantastic. “
Shiv Ramji, President of Customer Identity Cloud at Okta, Says the ultimate Ambition with IPSIE is to “Make it easy for customers to choose the right default path, which is to be second, and I day They'll do that if the value is clear to them, and over time, it will be ”.
The concept of IPSIE from Okta is to Gain Industry-Wide Adoption, but ramji was keen to make the point that okta is “One participant”, and if every participant adopts the standards, “You Security outcomes for the entry software as a service ecosystem ”.
Universal logout
One Factor Ramji stressed is the support for university logout. Okta describes This as a concept where you can terminate users' sessions, and their tokens, for supported apps when your identity threat protection identifies a risk change.
Specifically, a user session is the time during a user is authenticated and authorized to access apps second by okta, whil an app session referrs to session Access the app's resources. Universal logout can be configured to terminate a users' sessions in general Security Assertion Markup Language (Saml) And Openid Connect (OIDC) Apps.
Stephen McDermid, Emea Chief Security Officer at Okta, Says The Concept of Universal Logout will help to mitigate and minimise risks, “So that you're Not Waiting for your SOC or Your SOR SOC in real time ”.
He adds: “I think the fact that there's talk about the risks that IPSIE is Trying to Address Reassures Me That We're Going In the Right Direction for Us – and For Other Vndors as Well. It, the better the solution believers. “
This is why saas companies are integrating okta's software development kit, ramji says, with companies now adopting this, “We're changing the type of integrations Because we can do signal sharing ”.
Integrations and other users
In terms of integrations, ramji say there was more than 150 in April 2025, and users “Are asking us what are the ways they can support the adoption of these standards”. Out of that 150 integrations, is this something that customer can implement on their own, raather than waiting for salesforce, for example, to do it, for them?
Ramji says if a user is using Author Today, they can switch IPSIE and Universal Login on and Go Into Their Okta Dashboard to Enable The University Logout Cable. “They have to enable it to opt in, as it's an opt-in mechanism,” he says.
“It's easy to turn it on. Opt-in.e't don't want behaviors in companies where their applications with users are being logged out without work
Peri says okta's largest existing customers asked, “How Soon Can You Get All of Our Apps IPSIE-Fied?” About Asserting Dominance, But “About Doing The Right Thing for the Industry, as the more people that are in it, the better is for everybody”.
Industry Adoption?
So, how well will IPsie be adopted? Computer weekly contacted a number of other authentication suppliers to find out.
Chris Anderson, Duo Product CTO at Cisco, Confirms that Firm Had Joined The IPSIE WORKIND GROP, which aims to develop profiles of existing specifications and achiave interoperability beetween Independent implementations, stating: “While it's stil early days, we believe that interoperability across standards is key to greenness in identity in identification in identity Security.”
Andras Cseer, Vice-PRESIDENT and Principal Analyst at Forrester, Says That Standards that Anyone Can Implement, Proposed by One Supplier, General “Do Not Fare Well”, But Fare Well “, Buttching of the Working GROTION Openid Foundation, Cold Work Out Well.
He points at the example set by the Fido allianceWhoch “Started out as a bunch of vendors coming together”. However, cseer beLieves that if IPsie could follow fido's lead, then it has a chance to work.
“The use case behind Fido was a lot smaller than IPSIE, it was just authentication and second factor and biometrics, that was the design and try not to boil the ocean, “He says,” Single sign on, LORICTION ARECAN VERIFITION AREFITION AREEFITION ARECHE By saml and open, and there's a scanner for there things.
“There's also a very concrete and distinct use case behind sharing risks – there's a new login from a new IP address, from a new device and that makes a lot of senses.”
He Claims that Single Sign on, Token Revocation and Logout Have Been Resolved, While User Lifecycle Management, And While Other Areas Are Being Are Being Addressed Further Down the line. He adds that IPSIE is Trying to Resolve Things, “30% of which is not solvable in the security domain only, 60% are addressed by Other Standards, and 10% is the key part of what IPSIE is trying to do”
Less than a year since its announsement, the conversations Arpsy Sugges It will take a long time to gain full traction and industry adoption, but there is a person's position positivity on the clear Its main supplier driver: the criticism com from it being too broad and “Putting Everything in the Kitchen Sink”. Time will tell, but all revolutions need to start somehere.