By Zach DeMeyer Posted July 31, 2019
We’ve been keeping tabs on common faceoffs in the identity management space, and one that has some folks curious is Okta® vs. AWS® Directory Service. In reality, the two solutions themselves aren’t really positioned head-to-head in the bigger picture, but when you zoom in, Okta and the AWS SSO solution are competing. For the purposes of this blog, we’ll discuss how Okta and AWS Directory Service exist in their respective spaces, as well as how they overlap.
Two Spaces, Two Solutions
First things first. Let’s talk about what each solution actually is.
What is Okta?
Okta is the premier web application single sign-on (SSO) solution in the Identity-as-a-Service (IDaaS) space. As such, Okta is most often leveraged on top of a core identity provider (IdP) like Microsoft® Active Directory® for its identity source of truth. Okta then takes those identities and propagates them to the various web applications and other SAML-enabled cloud solutions.
Although they have dominated the SSO space for some time, Okta also is foraying into other facets of identity management, including multi-factor authentication (MFA) and privileged access management (PAM). It seems like their ultimate goal might be to culminate their product into the number one complement to Active Directory.
What is AWS Directory Service?
AWS Directory Service, on the other hand, was created as a cloud-offered version of an IdP, like Active Directory (AD), within the AWS ecosystem. Usually included in the offering are hosted Microsoft Windows® servers, that incorporate Amazon’s Windows/Linux® desktop client service, called WorkSpaces.
AWS Directory Service comes in a number of flavors, including a partially managed AD instance as well as an open source Samba-based version. Generally, AWS customers that have AWS Directory Service are using AD on-prem and leveraging an instance of the solution to manage their AWS environment / users.
Obviously, there are places where the lines between Okta and AWS Directory Service blur together. In some environments, Okta could even potentially be used on top of AWS Directory Service, since it functions similarly to AD. As both AWS and Okta continues to grow, it’s easy to imagine that the lines between the two will continue to blur further. Case in point, AWS SSO is a direct competitive threat to Okta in the web application space.
For many IT and DevOps organizations, using these platforms can be helpful, but ultimately can still leave some of the core problems they are facing with an on-prem identity management infrastructure. Ideally, IT admins and DevOps engineers would find a single solution that can serve as an IdP, SSO, and PAM all in one across their on-prem, cloud, and legacy environments.
The Single Solution
Thankfully, there is such a solution, combining what have recently been disparate parts of identity management into a single, comprehensive cloud identity provider. This reimagination of AD for the modern IT organization provides user and system management, as well as SSO access to cloud and on-prem applications and other infrastructure resources through SAML and cloud LDAP and RADIUS services.
This cloud directory service can also tightly control access to system functions, SSH keys, applications, and networks in a similar fashion to a PAM solution. All of this and more is available from JumpCloud® Directory-as-a-Service®.
Try Directory-as-a-Service Today
Instead of debating Okta vs. AWS Directory Service, your organization can centralize your identity management with JumpCloud. JumpCloud Directory-as-a-Service is available for free for your first ten users in the platform. All you need to do is sign up for JumpCloud and you are on your way towards simpler, secure identity management.
If you would like to learn more about Directory-as-a-Service, why not drop us a line? We’d be happy to help you get started on your JumpCloud journey. You can also check out our YouTube channel for content on all of our recent product updates.