[gtsteve]

My company has been an Okta customer for several years and I'm responsible for administering it. However I don't have experience with other SSO products, so would be interested to hear what the experience is like on the other side.

The key thing for me is SCIM provisioning support, but not just that. There are quite a few apps that don't support SCIM, but Okta has built integrations for them anyway using API keys, etc. I understand you can build your own via Okta workflows also but I haven't done this.

We have oversight of all accounts linked to a given user, even if SSO is not supported by the service. Deprovisioning a user creates a task list of what should be manually eliminated also, which is great for our admin staff.

It interacts with Intune via SCEP so we can know that logins are coming from a trusted corporate device. This is mandated by some of our larger clients.

<potential-naivety>The final thing I like is that a large part of Okta's business is their IDP software (vs their Auth0 competitor they don't use). I do like specialist businesses for something like this. The software is less likely to end up in maintenance mode if it's not one product line out of hundreds.</potential-naivety>

[tstrimple]

For personal projects I've been quite happy with Auth-0. I was initially worried when Okta purchased them, but not much has changed. The bar for entry and integration is one of the lowest out there but it's not what I would call the "enterprise" friendly choice from a capabilities standpoint. Large clients I work with are all Okta or Ping backed by AD. Literally none of them considered Google.