Okta, a cloud security company known for making it easier for business customers to sign onto corporate apps securely, wants to go bigger. The company hopes to extend its purview to retail and banking web sites and mobile apps that serve millions of consumers.
While demand for single-sign on and identity management for corporate customers is huge—Okta (okta) CEO Todd McKinnon estimates it to be about $5 billion a year— the market for providing similar functions to consumers wanting to log into their bank accounts, for example, is much bigger. Generally, this type of technology is known as identity and access management (IAM.)
Thus, Okta’s interest and why the San Francisco-based company on Tuesday will unveil guidelines and application programming interfaces (APIs) that banks, stores, and other consumer-facing businesses can use to integrate Okta’s identity management into their existing systems.
Get Data Sheet, Fortune’s technology newsletter
These tools would enable an automaker, for example, to build a secure log-on system (using Okta’s technology) that looks like the rest of the company’s web site. Given that every company these days from banks to appliance makers to e-commerce sites and stores now build and run their own web sites and mobile apps, the ability to offer secure customer access to service portals and payment pages is essential.
“This is a huge thing for Okta. We’re attacking all these customers,” McKinnon told Fortune in advance of the company’s Oktane tech conference in Las Vegas. The news will be announced at the event later on Tuesday. Okta’s back-end software stores user information, logs in users, and provides security.
Dignity Health, a San Francisco-based healthcare provider that serves 22 states, has been working with the Okta tools for about eight months and chief digital officer Dr. Shez Partovi is impressed. Dignity needs to know who its patients and customers are or it can’t serve them well, he says.
“We need to know who your physician is, your preferences, your history,” he tells Fortune.
The dilemma for such companies is how to combine an “OpenTable-like” easy consumer experience with the security and compliance with regulations that apply to healthcare or medical applications.
Okta, which went public in April, isn’t alone in this arena. Microsoft (msft), which offers Active Directory identity management for corporate applications, is also pushing a cloud version of that product called Azure Active Directory. IBM (ibm) and Oracle (orcl) also have a stake here as do Okta’s cloud-oriented rivals Ping Identity and OneLogIn, according to Holger Mueller, an analyst with Constellation Research.
And, he added, many companies now use open-source technology to build their own secure access capabilities. Presumably, Okta is banking that its new APIs will be an easier option for them.
In a recent report, Gregg Keizmann, research vice president at Gartner (it), said most work-oriented IAM products can suit consumer needs, but may also offer functions that are not required in this market. The key issue for consumer IAM is it must be extremely easy to use but also scale up to handle millions—as opposed to hundreds or thousands—of users.
Note: (August 29, 2017, 9:05 a.m. EDT) This story was updated to add comments from Gartner.
Note: (August 31, 2017 6:58 a.m. EDT) This story was updated again with comments from Dignity Health.