Okta, Inc., the leading independent provider of identity for the enterprise, today announced its continued expansion in the API gateway ecosystem, adding NGINX to the Okta Integration Network along with other industry leaders Amazon Web Services (AWS), Google Cloud (Apigee), Kong, MuleSoft, Software AG and Tyk. With these partnerships, Okta can provide API Access Management for many of the API industry’s leading gateways, helping organizations secure enterprise data while also enabling developers to focus on building incredible user experiences.
“APIs open new business opportunities and revenue streams as organizations transform their infrastructure and connect services, but we’ve also seen the dangers of poorly managed access controls play out in headlines,” said Chuck Fontana, Vice President, Okta Integrations and Strategic Partnerships, Okta. “While APIs offer even more opportunities to get important work done faster, it's not just employees who have access to sensitive company and customer information via these new services: it’s also partners and customers. By integrating to and working closely with industry-leading API gateways, we can bolster security for organizations through access controls, ultimately enabling them to tackle the new business and development challenges and opportunities brought on by opening these APIs.”
Organizations are building and opening APIs to deploy new services and applications. As the API economy continues to gain momentum, business leaders need a way to control access to those open gateways to ensure only the right people and services are able to consume them – from internal infrastructure, to partner services, to customer-facing applications. APIs are in the blindspot of most security and compliance teams, particularly as developers move fast to deployment. According to global research and advisory firm Gartner: “The full life cycle API management space is rapidly evolving to include support for managing microservices, as well as support for hybrid models that link on-premises to cloud (and multicloud). At the same time, security remains a key concern, with our customer survey showing that API access control is seen as the top requirement, with API protection also important.”*
Okta API Access Management helps organizations lock down their APIs across multiple gateway instances and control user access to APIs with the full context of the identity and security profile. By partnering with leading API gateway providers, Okta can help developers control who is accessing their data-as-a-service APIs, especially since many API security incidents have taken the form of data breaches.
NGINX, the latest gateway provider to join the Okta Integration Network, powers half of the world’s busiest sites and applications. Its all-in-one NGINX Plus load balancer, content cache, web server, and API gateway includes features designed to reduce complexity in architecting modern applications. When combined with Okta API Access Management, developers can simply configure and scale fast, without worrying about compromising security.
“As companies modernize application architectures, APIs become a critical way of connecting, scaling, and monetizing new digital services. NGINX helps deliver these modern apps and APIs. In fact, more than 40% of the tens of millions of NGINX Plus instances deployed function as an API gateway,” said Sidney Rabsatt, VP of Product Management, NGINX. “Although API gateways are a critical element of API management, additional security, authentication, and access controls are needed. We’re excited to partner with Okta to extend those capabilities to NGINX Plus and help ensure our joint customers aren’t affected by API blindspots.”