Using Login.gov as a Custom Identity Verification and Authentication Service in Okta

The impact of the pandemic continues to demonstrate the need to improve the security and user experience of public-facing government digital services. Beneficiaries demand and deserve both, and the US Government is responding with strategy and funding to improve fraud prevention and reduce identity theft. Part of that commitment involves simpler access that provides benefits to the intended beneficiary. Login.gov is expected to have a leading role as a whole-of-government modernization effort of identity verification systems to support stronger preventative steps.

Okta can accelerate and enable Login.gov adoption and also meet the agency where they are for any other Identity-proofing approaches they take.

If Login.gov is your preferred Identity Provider (IdP), Okta provides a streamlined, simple, and automated onboarding process for developers and a social sign-on option for government customers. In this post, you will learn how to create and set up Okta with Login.gov.

What is Login.gov?

Login.gov is a component of the U.S. General Services Administration’s (GSA) Technology Transformation Services (TTS) under the Federal Acquisition Service (FAS). A secure and trusted single sign-on service for U.S. government websites, Login.gov enables people to access public benefits programs with the same username and password for participating government agencies. As of September 2022, Login.gov is helping 41 million people keep their information safe when they access government services online.

How does Okta connect Login.gov to applications?

Okta enables Login.gov to be an IdP for government applications, similar to the private sector’s social logins (e.g. signing in with your Apple account). For inbound federation with Login.gov, Okta employs the OpenID Connect (OIDC) protocol. Users can integrate their public-facing apps using the Okta Integration Network (OIN). With Okta as a broker, users can add asynchronous workflows, access control policies, and additional authentication factors. The public can then authenticate with their Login.gov credentials and receive System for Cross-domain Identity Management (SCIM) or Just-In-Time (JIT) provisioning, linking the users’ Login.gov account to the applications.

If your goal is to adopt Login.gov as your preferred IdP and reduce sign-up friction and major security vulnerabilities, Okta makes it easy with our out-of-the-box integration, which can be set up and running in a few clicks. To get started with this tutorial or to learn more, check out okta.com/logindotgov