December 3, 2025

Nametag as a Custom Identity Verification (IDV) Provider for Okta

by
Nametag Team
North Korea Blog Post Header
press@nametag.co

Get in touch with our PR team.

Download media kit

Logos and graphics to help you cover Nametag.

Nametag console showing a successful verification result

Workforce Identity Verification

Prevent breaches and reduce IT support costs with ready-to-use solutions built on Deepfake Defense™ identity verification and turnkey IAM integrations.

Five stars in a line
Learn how

Key Takeaways

  • Nametag is now generally available as a custom identity verification (custom IDV) provider in Okta.
  • Use Nametag’s Custom IDV integration to protect certain account enrollment and recovery actions against North Korean IT workers and account takeovers.
  • Nametag is the first to apply workforce-grade identity verification to the full range of Okta user account management actions.

Today, we’re proud to announce Nametag's general availability as a custom identity verification (IDV) provider in Okta (also known as bring-your-own IDV, or BYO IDV). For the first time, Okta admins can embed workforce-grade identity verification directly inside of Okta authentication flows. This also makes Nametag the first identity verification provider to protect and streamline the full spectrum of Okta user account management actions by supporting all possible Okta-IDV integration types, giving IT and security teams flexibility needed to meet any deployment requirement or policy.

What is Okta’s Custom Identity Verification Feature?

Custom identity verification (custom IDV) is a new capability from Okta, initially announced in October 2024 and now released in Early Access. It allows organizations to embed their preferred identity verification provider into Okta authentication flows, protecting user accounts against impersonation and takeover. 

Currently, Okta’s custom IDV capacity covers the following policy triggers

  • User enrolls or unlocks an authenticator
  • User recovers their password
  • User unlocks their account

Nametag’s Custom IDV Integration brings Deepfake Defense™ identity verification into this program. Organizations using Okta for workforce Identity & Access Management and Nametag for workforce identity verification can now reduce user friction by enabling users to initiate the verification process from within Okta flows.

Some Okta user actions, such as setting a password for the first time or performing step-up authentication as part of an App Sign-in policy or Access Request policy, are not currently included within the scope of Okta’s custom IDV feature (but are covered by Nametag’s Standard Okta Integration and Okta MFA Integration –– see below).

What is the User Experience of Nametag as Custom IDV in Okta?

Nametag’s Custom IDV Integration for Okta uses our Deepfake Defense™ identity verification engine to protect certain high-risk, user-triggered account management actions. For end-users, the verification experience is fast, easy, and privacy-preserving.

  1. Trigger: A user attempts an action which triggers an account management policy: enroll or unlock an authenticator, recover a password, unlock an account.
  2. Verify: Okta redirects the user into the Nametag flow. The user is prompted to scan their government-issued photo ID and take a quick selfie using their phone. If they’ve verified before, they can simply take a new selfie to re-verify.
  3. Compare: Our Deepfake Defense™ identity verification engine validates both captures and compares the selfie to the ID photo. Then, our patented technology compares the user’s verified information to their Okta account. This combined process ensures that they’re not just a real person, but the right person. 
  4. Complete: If everything matches up, the user is verified and can complete the action they initiated. If our IDV engine detects anomalous or suspicious signals, the verification is rejected. They can choose to submit an appeal, if they desire.

Importantly, whenever a user triggers an Okta policy from within a web browser, Nametag redirects them onto their phone to complete identity verification. This is a deliberate and necessary security measure. Web browsers (mobile and desktop) and webcams are inherently vulnerable to injection attacks which insert false media, including deepfake IDs and selfies, directly into the data flow. By navigating users onto their phone, Nametag can perform cryptographic data integrity validation which blocks these attacks proactively, rather than relying solely on detecting them after the fact.

How Do I Configure Nametag as a Custom IDV Provider in Okta?

Integrating Nametag as a custom IDV provider in Okta can be easily done in a few hours or less, including testing.

Get started using our dev docs to set up Nametag as a custom IDV provider for Okta. Then, configure your Okta Account Management Policy to add a rule for identity verification for account actions. The next time a user in a specified group tries to enroll or recover an authenticator, Okta will automatically prompt them to verify their identity via Nametag. Note that you will need to add a separate rule for password recovery and account unlock in order to protect these actions with identity verification.

If you would like more information, guidance or best practices, feel free to contact us.

Nametag + Okta: A History of Innovation

Nametag is a proud partner with Okta, ever since we pioneered the use of identity verification for workforce account protection with our industry-first Directory Integration for secure self-service Okta onboarding and account recovery.

We introduced our Deepfake Defense™ engine and partnership with Okta at last year’s Oktane conference, then unveiled our Signa™ AI security solution at this year’s Oktane. 

The release of our Okta MFA Integration marked the first time IT and security teams could use identity verification as an authentication factor for Okta. Then, our Okta Directory Agent further expanded how organizations can integrate Okta and Nametag by allowing enterprises to maintain full control over all directory operations.

Now, our "bring-your-own IDV" integration represents a natural evolution of our ongoing commitment to support all organizations using Okta for workforce identity.

How Does Nametag Integrate with Okta?

With the launch of custom IDV, there are now four ways to integrate Nametag with Okta. While all four methods enhance account security, the integrations differ in how verification is initiated, where it occurs, and the breadth of user scenarios protected.

Together, Nametag’s four Okta integrations give organizations unmatched flexibility to balance security, experience, workflow design, and enterprise privacy requirements.

Standard Integration: Nametag’s classic, out-of-the-box Okta integration is the most widely used configuration and provides full-lifecycle identity assurance across enrollment, account recovery, and step-up authentication actions for Okta workforce users.

Directory Agent Integration: Nametag’s Directory Agent Integration for Okta provides the same high level of security, assurance and coverage as the Standard Okta Integration, but eliminates the need to share directory credentials with us by running through a customer-hosted agent.

MFA Integration: Nametag’s Okta MFA Integration enables you to set Nametag as the required factor in Okta authentication policies, then assign those policies to other policy-controlled actions, like Access Requests, App Sign-in, and more.

Custom IDV Integration: Nametag’s Okta Custom IDV Integration allows organizations to trigger identity verification directly inside of Okta authentication flows. This can deliver a more seamless experience for end-users by keeping more operations within Okta.

Contact us to learn more and get started with workforce-grade IDV protection for Okta.

Secure your helpdesk against social engineering and impersonators.
Learn more about Nametag
Right Arrow Blue
We use cookies to provide, improve, and promote our services. By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. Visit our Privacy Policy to learn more.
Decline
Accept All Cookies