[Azeralthefallen]

I hate this. We moved from Okta a few years ago after we were basically received almost no actual real support for a bunch of issues, even though we were paying a premium cost. Nobody cares about issues on their Github, the kicker was a when we received a support response as suddenly something was no longer working after an update, we got help in the form of "We have no plans to address this anytime soon." when asking for an ETA.

We ended up switching to Auth0, after we had a few calls with them. We shaved a decent amount off our costs with Auth0's Enterprise plan, and their webtask based rules worked. While the migration sucked for a bit, in the end we were much happier.

[theptip]

Can second this, Okta requires you to "contact support" to turn on basic features like email customization, and even though I'm a paying customer, I was given a multi-week estimate (after waiting a week or two) for how long it would take to enable this feature.

It's a flag in the web UI in Auth0.

This did not fill me with confidence.

[davewritescode]

I will 3rd this, this is my major issue with Okta in general. Other than that it's been pretty good for us.

[hangonhn]

Yeah current Okta customer and same experience as you. I was thinking of maybe going to Auth0 but well at least this news came out before we put any serious work into planning.

sigh

Auth0 at least has much better docs and libraries. It feels like Auth0 at least cared more.

[throwbacktictac]

I've never dealt with Okta support but my support issue with Auth0 was top notch.

However, their 'Rules' system for hooking into the Auth request is abstracted at the Auth0 account level rather than the individual app level. That makes it too easy to accidentally screw up all of the apps on an account.

[kall]

I like the product but the extension points confuse me. Rules, Hooks and Actions are all more or less the same thing? I never know which one I want. What's difference between a flow and a pipeline? You definitely can't guess from the terms.

[nijave]

Sounds right. We use Okta for multiple AWS accounts and they "ran a bad migration" that deleted half our permissions and took a month to resolve. On top of that, nothing appeared in the audit logs.

To make matters worse, they have 3 APIs. Two are internal with 1 html and 1 json-based. The external one is the least feature rich and is missing configuration items that make IaC a challenge (you get about 80% configured then have to make changes in the gui)

[mc32]

I’ve heard good things about Onelogin. I think Duo also seems to be another option.