By Zach DeMeyer Posted August 13, 2019
We are now around halfway between the announcement of macOS® 10.15, Catalina™, and its upcoming release in the fall. IT admins everywhere have been experimenting with the beta version of Catalina, but until the OS actually ships, it’s hard to be exactly sure what to expect from the new offering from Apple®. What we can be fairly certain of, however, is the probability of SAML authentication in Catalina. Thus, IT admins are curious about macOS Catalina Okta® integration.
Why Okta Integration?
Okta is one of the top web application single sign-on (SSO) solutions on the market today. Like most other SSO tools, Okta relies on the SAML (Security Assertion Markup Language) protocol for authenticating user access to said web apps. Often, IT admins use Okta on top of on-prem identity providers (IdPs), such as Microsoft® Active Directory® or an LDAP server, in order to connect their on-prem identities to the cloud.
For the most part, Okta has stayed solely within the SSO space. While they’ve tried their hand at multi-factor authentication (MFA) and privileged access management (PAM), it seems they’re not straying into other identity management fields like system management (and deep system level user management). With that in mind, it’s curious to wonder how Okta and macOS Catalina will integrate.
macOS Catalina Okta Integration
Given the addition of SAML authentication with macOS Catalina, will Okta be able to serve as the source of authentication for macOS machines? While no official announcements have been made, it would seem that Okta will be able to do the narrow function of authentication. Apple has also announced that mobile device management (MDM) tools may also be granted the ability to manage some identity-related functions.
Unfortunately, at the current moment, it is just too unclear to make any hard and fast judgements on the matter. What is clear, however, is that the challenge of identity management for IT admins goes far beyond just authenticating access.
The Identity Management Problem
IT admins need to have the ability to provision, deprovision, and manage permissions for access across a wide range of solutions including systems from macOS to Windows® and Linux®, as well as AWS®, G Suite™, Office 365™, web and legacy applications, file servers, WiFi and VPN networks, and much more. This list of IT resources being leveraged by organizations is one that is constantly growing as more innovations hit the space.
Traditionally, controlling access to this wide variety of resources has involved an on-prem identity provider like we mentioned before. But, as we also stated, IT admins have had to rely on tools like Okta and others in order to extend their on-prem identities to cloud resources.
An Answer from the Cloud
Now, with more infrastructure shifting to the cloud, many are looking at the problem of identity management more holistically. Some, in fact, are searching for a reimagination of Active Directory and LDAP, a cloud directory service that would include the ability to manage user access to macOS systems, as well as the many other resources listed above.
The good news is that there is a single, unified platform that goes beyond simply SAML-based web application SSO or even SAML-based auth for macOS. Called Directory-as-a-Service®, this modern approach to identity and access management is not only centralizing control over user access and management, but is also shifting the management of this infrastructure to a cloud solution, which greatly reduces the amount of work for IT admins.
Directory-as-a-Service for macOS Catalina Integration
If your organization is concerned about macOS Catalina Okta Integration, JumpCloud® Directory-as-a-Service might be the solution for you. With JumpCloud, you can manage all of your users and their access to systems (macOS, Windows, Linux), applications through LDAP and SAML, networks with RADIUS, and so much more. Additionally, you can apply a wide range of security measures such as MFA in order to make sure your users’ access is secure as possible. All of this functionality and more is available from JumpCloud’s browser-based admin console.
If you would like to see JumpCloud in action, why not schedule a free, personalized demo? One of our product experts can take you through all of Directory-as-a-Service based on your needs, or you can watch a video version of the demo if your time is tight.
Want to learn more about Directory-as-a-Service? Drop us a line! We’d be happy to help you. And, if that hasn’t sated your curiosity, you can dive right in and get your hands dirty. The JumpCloud product is available for free for your first ten users, so all you have to do is sign up and get started!