Hi… To deploy camunda 8 on prem, is it possible to replace Keycloak with Okta ? I guess it might be 2 paths: The first option is to fully replace keycloak with Okta. The potential issue is that the identity webapp may call keycloak specific api. Not sure though. The second option is to use keycloak as passthrough layer and use okta as the IdP behind keycloak. It seems can be done, but it add another layer of the complexity. So the option 1 is much desirable.
Thought?
I think it was built with the idea to replace or swap it, but I never tried it. I’m not sure whether anyone has, so you could be the first one and write a nice article about it 
Greets
Chris
I’m writing an academic paper on the topic right now because I was interested in the same thing - although I was interested in dex not okta. I haven’t finished my conclusion yet, but it any case it would be a very complex task, and I’d stick to option 2 for now unless you have a very good reason why you would not do it this way.
Kind regards
Jano