<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7UdCSAVOkta Classic EngineAdministrationAnswered2024-03-25T06:10:50.000Z2018-03-30T00:17:00.000Z2018-08-22T19:06:24.000Z

ovce0 (ovce0) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
On Premises Caching?
I am looking at recommending Okta for my company's on premises applications/services.  But I have a concern about repeat round trips to the cloud for authentication and authorization.

 

Here is a scenario to explain:

 

An internal user starts a web app.  Right now, we know who the user is because they use IE and we can get the user from windows.  We then make a call to an internal service to find out what the user can do (authorization).

 

The application then calls an on premises service.  The service knows who the user is via a similar method to what the web application used.  It then makes a call to the same on premesis service to find out what the user can do (authorization). 

 

This can repeat several times as the service may need to call another service to complete the logic required for the main call.

 

So for a normal, single action, I may need to verify the user and its permissions 5 or more times.

 

I am worried that when I replace those on premisis calls with calls to Okta (which cannot be on premisis), then I will add a lot of latency to my applications.

 

I have considered a home grown caching solution to limit the calls needed to Okta, but it seems kind of hacky.  

 

I have to think I am not the first one worried about a chatty interface to a cloud provider.  What does Okta do to deal with this kind of problem?
  • 2 answers
  • 735 views

  • mike.davie1.5312945692819849E12 (Customer First Programs)

    Thank you for reaching out the Okta Help Center. My name is Mike and I'll be handling your case. 

     

    A valid answer for the situation described may need a ticket to our support team because there are still multiple scenarios to take in consideration. 

     

    This authentication and authorization processes can be done throw SAML but we need to know if that app support SAML.

     

    Please feel free to contact our support team from your OKTA tenant.  

    Expand Post

  • ovce0 (ovce0)

    Mike,

    Thank you for your response. However, it has been 5 months since I posted this question. We have since started investigations into a competing product.

     

    If that investigation leads us to a dead end, I may try to circle back around to Okta.

    Expand Post
This question is closed.
Loading
On Premises Caching?