Okta(OKTA)

The Breakthrough Moment

The founding of Okta in 2009 emerged from a perfect intersection of technological shift (the mass enterprise migration to cloud computing), personal frustration with existing solutions, and entrepreneurial ambition at a moment when two successful executives were willing to trade security for the opportunity to build something transformative. Todd McKinnon and Frederic Kerrest were both working at Salesforce in 2009, during a period when cloud computing was transitioning from novelty to mainstream enterprise adoption. Salesforce itself was the poster child for this transformation—the company had proven that enterprise software could be delivered through web browsers rather than installed on corporate servers, that subscriptions could replace perpetual licenses, and that cloud software could be reliable, secure, and feature-rich enough for demanding enterprise customers. McKinnon, as Senior Vice President of Engineering, was responsible for building and operating the technical platform that served millions of users globally, while Kerrest focused on business development and partnerships that expanded Salesforce's ecosystem. Both had front-row seats to observe how enterprises were struggling with a profound change in their IT architecture: instead of running a handful of applications on internal networks behind corporate firewalls, businesses were adopting dozens or hundreds of cloud applications—SaaS tools for CRM (Salesforce), collaboration (Google Apps), expense management (Concur), HR (Workday), and countless other functions—each with its own authentication system, user management interface, and security model. The traditional approach to identity and access management (IAM) simply didn't work in this new world. Legacy IAM vendors like Microsoft Active Directory, Oracle Identity Manager, and IBM Tivoli were built for on-premises environments where enterprises controlled the entire infrastructure stack. These systems assumed that applications lived inside corporate data centers, that users connected from managed devices on corporate networks, and that IT departments could enforce security through network perimeters and VPNs. But cloud computing shattered these assumptions—applications now lived in vendors' data centers outside corporate control, users accessed them from anywhere on any device, and the traditional network perimeter no longer existed. McKinnon and Kerrest watched Salesforce customers struggle with basic identity challenges: How do we give employees single sign-on access to all their cloud applications? How do we automatically provision and deprovision user accounts when people join or leave the company? How do we enforce multi-factor authentication consistently across different applications? How do we integrate cloud apps with our on-premises Active Directory? Existing IAM vendors had attempted to adapt their on-premises products for cloud, but their solutions were complex, expensive, required significant professional services to implement, and never worked as well as purpose-built cloud solutions. For McKinnon, the frustration became personal—even within Salesforce, managing authentication and integration with partner applications and third-party services was unnecessarily difficult, and he believed there had to be a better approach. The insight that crystallized for McKinnon in 2008-2009 was that identity and access management needed to be rebuilt from scratch as a cloud-native service, designed specifically for the multi-cloud world enterprises were moving toward. Rather than trying to adapt on-premises IAM systems for cloud, someone needed to build an IAM platform that lived entirely in the cloud, provided APIs for integration, supported all the major SaaS applications out of the box, and scaled effortlessly without hardware or software installations. McKinnon became convinced this was not only technically feasible but would become a massive market opportunity—potentially every enterprise in the world would need cloud identity management as they adopted SaaS applications, creating a multi-billion dollar market that didn't exist yet. Discussing the opportunity with Kerrest, who shared the frustration from a business and customer perspective, the two began seriously considering whether to leave Salesforce and start a company to address this problem. The decision was extraordinarily difficult for both founders. McKinnon was 39 years old with a senior executive position at a successful, fast-growing company where he was well-compensated and held equity that was becoming increasingly valuable. Walking away meant giving up a comfortable salary, unvested stock options, and career progression at a company where he'd already proven himself and built strong relationships with Marc Benioff and other executives. Kerrest faced similar considerations—a promising career trajectory, financial security, and the credibility of working at one of Silicon Valley's hottest companies. Both had families and financial obligations; this wasn't the typical twenty-something founder story where the downside risk is limited. McKinnon and Kerrest spent months discussing the opportunity, stress-testing their conviction, analyzing the market, and evaluating their own risk tolerance. They spoke with potential investors to gauge whether VCs would fund the concept, talked to enterprise IT leaders to validate the pain point, and researched competitive landscape to understand what incumbents and startups were doing. The conclusion they reached was that the opportunity was real, the timing was right (cloud adoption was accelerating), and they had unique credibility and expertise from their Salesforce experience that would help them succeed where others might fail. In late 2009, McKinnon and Kerrest made the leap—they gave notice at Salesforce, secured initial seed funding from venture capital firm Andreessen Horowitz (a16z), and founded Okta with the mission of building cloud-native identity and access management for the cloud era. The name "Okta" was essentially invented—McKinnon and Kerrest wanted something short, memorable, and available as a .com domain (increasingly difficult in 2009), and they landed on Okta which vaguely suggested vision or observation without being a real word that carried existing associations. The company was incorporated in California in January 2010, and the two founders rented small office space in San Francisco to begin building the product and recruiting the initial engineering team. The early days were challenging in ways both expected and unexpected. Building a cloud identity platform was technically complex—Okta needed to support dozens of different authentication protocols (SAML, OAuth, OpenID Connect, LDAP), integrate with hundreds of applications, handle enterprise-scale security requirements, and deliver the reliability expected of critical infrastructure (if Okta went down, customers couldn't access any of their applications). McKinnon led the technical architecture and recruited engineers from Salesforce and other top technology companies who believed in the vision. Kerrest meanwhile built the business side—selling to early customers, raising additional funding, establishing partnerships with application vendors, and handling all the operational details of running a startup. The go-to-market strategy focused initially on technology companies and digital natives who were already cloud-first and understood the problem intuitively, companies like Adobe, Dropbox, and LinkedIn became early customers, providing case studies and references that helped Okta expand into more traditional enterprises. The fundraising journey was remarkably successful—Okta raised Series A funding from Andreessen Horowitz and Sequoia Capital, two of the most prestigious VC firms in Silicon Valley, based on McKinnon and Kerrest's credibility and the clear market need. Subsequent funding rounds attracted additional top-tier investors including Greylock Partners and Khosla Ventures, ultimately raising over $229 million in private funding before going public. The product strategy evolved significantly from initial concept to mature platform. Okta initially focused on workforce identity—authenticating employees and managing their access to work applications—since this was the most urgent pain point for IT departments. The core features included single sign-on (allowing employees to log in once and access all their applications), user lifecycle management (automatically creating and deleting accounts as people joined or left), multi-factor authentication (adding security beyond passwords), and the Okta Integration Network (pre-built connectors for popular applications). Over time, Okta expanded into adjacent areas including API access management, adaptive authentication using risk-based policies, and privileged access for securing administrative accounts. The 2021 acquisition of Auth0 for $6.5 billion marked a major strategic expansion into customer identity and access management (CIAM), complementing workforce identity with capabilities for securing consumer-facing applications. The decision to go public came in 2017, when Okta had reached approximately $160 million in annual revenue, over 3,000 customers, and was on a clear path to profitability, though still operating at a loss as the company invested heavily in growth. The IPO in April 2017 priced at $17 per share, raised $187 million, and valued Okta at approximately $1.2 billion, a successful outcome that vindicated McKinnon and Kerrest's decision to leave Salesforce eight years earlier. The company has since grown to over $2.3 billion in revenue and at its peak reached a market capitalization above $40 billion (though it has declined amid market volatility), creating substantial wealth for the founders and employees. The founding story of Okta exemplifies several themes common to successful enterprise software startups: founders with deep domain expertise from previous roles, identification of a major pain point created by technological transition (cloud computing), willingness to take career and financial risk to pursue entrepreneurial opportunity, strategic fundraising from top-tier investors who add credibility and support, and execution over many years to build a complex product and scale go-to-market operations. McKinnon and Kerrest's partnership—combining technical product leadership with business development and operational excellence—has proven remarkably durable and effective, making Okta one of the notable success stories in enterprise SaaS.