Federated Enterprise Agents with Transmute and Okta
Transmute’s products bridge the gap between established identity providers (IDPs) and decentralized identity technology. In this first of a series of posts we share details of how we work with IDPs like Okta.
The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. Transmute provides a configurable Enterprise Agent enabling Decentralized Identity and Verifiable Credential capabilities for OAuth / OIDC users. Read on to learn about some of the ways Transmute and Okta enable enterprises to rapidly unlock the security benefits of decentralized identities.
Configuring SSO
You can read more about the basics of configuring Single Sign On (SSO) with Okta here. Once the Transmute API has been configured to support SSO with Okta, users can leverage their existing directory accounts to sign in to Transmute. A Decentralized Identity along with a set of managed keys is automatically created for users. These identities and keys are what enable interoperability and audit-ability with the decentralized identity and verifiable credentials ecosystems.
Creating a Verifiable Credential
Transmute makes creating verifiable credentials and business to business workflows built on these credentials easy. After the user has completed the SSO process, they can use the Transmute Workflow engine (part of our paid product offerings) to create or participate in workflows.
At each step of a workflow, the Okta provided id_token is leveraged to protect the use of signing keys linked for the DID. For example, when a user uploads a document the workflow activity is signed by their DID. This enables external systems which would like to verify the credential to do so without knowing any details of the Okta directory user, helping to protect against the mingling of personal identifying information with credential and authorization material.
Anchoring a VC to a Ledger
Transmute enables workflows to be anchored to a ledger such that any Okta user can verify the workflow has not been tampered with since the anchor event. We do this by leveraging the same DID infrastructure we use for managing decentralized identities. The processing of anchoring a VC to ledger can be automatic or at the discretion of an authorized Okta user.
Conclusion
Identity providers like Okta enable SSO within enterprises and help secure products and applications widely in use today. Transmute integrates with IDPs like Okta to provide a seamless interface for existing enterprise users to unlock the security and traceability benefits of decentralized identifiers, verifiable credentials, and distributed ledgers.
