Okta has announced the planned end of life for the Okta Mobile application on May 31, 2026. For organizations that rely on Secure Web Authentication to access credential based, non federated applications on mobile, this creates an immediate challenge: how to maintain seamless access while ensuring credentials remain secure, centrally managed, and auditable.
Many business-critical applications still do not support federation standards such as SAML or OIDC. These disconnected apps often depend on credentials created and managed by end users, which can lead to weak passwords or insecure sharing practices. In some cases, credentials are partially configured by administrators (Okta calls these admin-managed credentials), such as a predefined username with a user set password, creating additional complexity and oversight requirements. As Okta Mobile is retired, identity teams need a scalable approach to manage these applications consistently without increasing risk or operational burden.
The Cerby approach
Okta has outlined migration options for customers and recommends Cerby, an approved Okta partner, for organizations with complex mobile SWA access needs. Cerby is purpose built to secure and automate access to disconnected applications, which includes credential based ones, while integrating directly with Okta.
With Cerby, users can continue to launch applications from Okta. Cerby-protected apps show up as tiles on the Okta dashboard. Similar to SWA, Cerby securely vaults credentials and replays them to create an SSO like experience for applications that do not support federation. Users click their app tile and are signed in automatically, without ever needing to handle or see the underlying password.
This model works across desktop and mobile environments, preserving the simplicity users expect while adding stronger controls for security teams.
Core capabilities to address SWA on mobile devices
Centralized management of credential based apps
All personal, shared, and admin managed credentials are stored in a secure vault and managed in Cerby. Cerby even provides personal vaults for flexibility. This unified approach eliminates fragmented password storage (e.g. spreadsheets, unauthorized password managers, etc.) and restores visibility to identity teams.
Secure SSO-like experience
Cerby securely autofills credentials to browser-based apps or native mobile apps, creating a seamless SSO-like experience. Cerby-protected apps can be displayed as tiles in the Okta dashboard that users are familiar with. If desired, organizations can restrict or fully hide credential visibility.
Additional capabilities for strengthened SWA security
By moving affected SWA applications into Cerby, organizations can introduce consistent, policy driven controls across every credential based app:
Automated password rotation and policy enforcement
Organizations can choose to enable automatic credential rotation on a defined schedule. Cerby can also enforce password strength and complexity requirements aligned to internal policies. This helps reduce the risk of weak, reused, or stale passwords while removing manual rotation tasks from end users and administrators.
Secure sharing with controlled visibility
For shared accounts, access can be granted without exposing the underlying credentials. Teams can control whether users ever see the secret, and when access is revoked, optional automated rotation can immediately invalidate prior credentials to prevent continued access.
MFA enrollment and autofill
Cerby can automatically enable MFA directly in disconnected applications to strengthen security. For accounts that should be owned by the organization, such as shared or service accounts, Cerby can create and manage the associated MFA factors. During authentication flows, Cerby can autofill the MFA codes to maintain a seamless user experience.
Full audit visibility
Every login and credential change is logged, providing a clear audit trail for compliance, investigations, and reporting.
Beyond credential management and SSO like access, Cerby can also automate provisioning and deprovisioning to disconnected applications, triggered directly by Okta lifecycle events. This extends Okta’s joiner, mover, and leaver workflows to apps that do not support identity standards such as SCIM or user management APIs.
The value for Okta customers
As Okta Mobile reaches the end of life, this transition is not only about preserving access. It is an opportunity to bring credential based applications under the same level of control as federated apps.
With Cerby, Okta customers can centralize management of disconnected apps, automate security controls, reduce operational overhead, and gain complete audit visibility. The result is a more secure, scalable approach to managing SWA applications, without compromising user experience.
If you are preparing for May 31, 2026, now is the time to evaluate your SWA strategy and explore how Cerby can support a secure and seamless transition. Book time with our team to learn more and discuss your SWA migration plan.