FinanceLooker

Excrept from filing document 2025-01-31

The aggregate market value of the stock of the Registrant as of July 31 2024 based on a closing price of 93 94 per share held by non affiliates was approximately 15 2 billion As of February 27 2025 there were 165 819 291 shares of the Registrant s Class A Common Stock and 7 783 873 shares of the Registrant s Class B Common Stock outstanding
Portions of the registrant s definitive Proxy Statement relating to the 2025 Annual Meeting of Stockholders are incorporated herein by reference in Part III of this Annual Report on Form 10 K to the extent stated herein Such Proxy Statement will be filed with the Securities and Exchange Commission within 120 days of the registrant s fiscal year ended January 31 2025
This Annual Report on Form 10 K contains forward looking statements within the meaning of the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 Words such as expect anticipate should believe hope target project goals estimate potential predict may will might could intend shall and similar expressions are intended to identify these forward looking statements although not all forward looking statements include these identifying words
the impact of general economic business and market conditions including geopolitical events economic downturns or recessions market volatility inflation and interest rates and foreign currency fluctuations
These forward looking statements are made as of the date they were first issued and are based on current expectations and assumptions that are subject to a number of risks and uncertainties which could cause our actual results to differ materially from those anticipated or implied by any forward looking statements Factors that could cause or contribute to such differences include but not limited to those discussed in Risk Factors and Management s Discussion and Analysis of Financial Condition and Result of Operations in this Annual Report on Form 10 K as well as other documents that may be filed by us from time to time with the Securities and Exchange Commission SEC We undertake no obligation to revise or publicly release the results of any revision to these forward looking statements except as required by law Given these risks and uncertainties readers are cautioned not to place undue reliance on such forward looking statements
Okta Inc is the leading independent identity partner Our vision is to free everyone to safely use any technology and we believe identity is the key to making that happen Our purpose is to bring simple and secure digital access to people and organizations everywhere Our Okta Platform and Auth0 Platform enable our customers to securely connect the right people to the right technologies and services at the right time
The acceleration of digital transformation cloud adoption and the evolving security threat landscape are driving a shift in how organizations securely manage the identity of their employees contractors and partners At the same time consumer expectations favoring simple secure digital experiences are driving the adoption of new consumer identity technologies Our platforms help organizations effectively harness the power of cloud mobile and web technologies by securing users and connecting them with the applications and technology they use Every day thousands of organizations and millions of people use our platforms to securely access a wide range of cloud mobile web and Software as a Service SaaS applications on premises servers application programming interfaces APIs IT infrastructure providers and services from a multitude of devices Employees and contractors sign into the Okta Platform to seamlessly and securely access the applications they need to do their most important work with more modern and secure experiences in the cloud and via mobile devices Developers leverage our Okta Platform and Auth0 Platform to securely and efficiently embed identity into the software they build allowing them to innovate and focus on their core mission Our approach to customer identity provides organizations with the scale interoperability extensibility and security they need to build applications with seamless and private experiences that serve a wide variety of users from customers to citizens As we add new customers users developers and integrations to our platforms our business customers partners and users benefit from powerful network effects that increase the value and security of our solutions
Given the growth trends in cloud adoption and the number of applications customers use and the movement to remote and hybrid workforces identity is becoming the most critical layer of an organization s security As organizations shift from network based security models to a Zero Trust security model focusing on adaptive and context aware controls identity has become the most reliable way to manage user access and protect digital assets Our approach to identity allows our customers to simplify and efficiently scale their security infrastructures across internal IT systems and external customer facing applications
As of January 31 2025 more than 19 650 customers across nearly every industry used our solutions to secure and manage identities around the world Our customers consist of leading global organizations ranging from the largest enterprises to small and medium sized businesses universities nonprofits and government agencies We partner with leading application infrastructure and security vendors such as Amazon Web Services AWS CrowdStrike Google LexisNexis Risk Solutions Microsoft Netskope Palo Alto Networks Plaid Proofpoint Salesforce ServiceNow VMware Workday Yubico and Zscaler We had over 7 000 integrations with cloud mobile and web applications and IT infrastructure providers as of January 31 2025 which while not directly correlated to revenue shows the breadth and acceptance of our platforms
We employ a SaaS business model and generate revenue primarily by selling multi year subscriptions to our cloud based offerings We focus on attracting and retaining our customers and increasing the value we provide to them over time By retaining customers and increasing value we increase their spending with us through expanding the number of users who access our Okta Platform and Auth0 Platform and by selling additional product offerings We sell our product offerings directly through our field and inside sales teams as well as indirectly through our network of channel partners including resellers system integrators and other distribution partners
We offer independent and neutral cloud based identity solutions that allow our customers to integrate with nearly any application service or cloud that they choose through our secure reliable and scalable platforms Our technological neutrality allows our customers to adopt the best technologies easily and our two platforms are designed to securely connect users to the technology that they choose Okta AI a suite of AI powered capabilities using our unique threat intelligence identity data to power real time identity actions is infused into several products available on our two platforms We prioritize the compatibility of our platforms with public clouds on premises infrastructures and hybrid clouds
Our platforms are used by organizations in two distinct and powerful ways Customers manage and secure their employees contractors and partners using what we call workforce identity as supported by our Okta Platform Customers can enable manage and secure their customers identities using what we call customer identity as supported by both our Okta Platform and Auth0 Platform
The Okta Platform simplifies the way an organization s employees contractors and partners connect to its applications and data from any device while increasing efficiency and keeping IT environments secure The Okta Platform can be used as the central system for an organization s connectivity access authentication and identity lifecycle management needs spanning all of its users technology and applications Our customers use the Okta Platform to secure their workforces to create solutions that make their partner networks more collaborative and to provide more seamless and secure experiences for their end users These features combined with our technological neutrality help our customers future proof their environments We enable our customers to easily deploy manage and secure applications and devices and to provision and support users across their IT environments with a simple intuitive consumer like user experience Once deployed we enable administrators to enforce contextual access management decisions based on conditions such as user identity device location application identity IP reputation and time of day and maintain secure access throughout the duration of users sessions
We enable organizations to provide their workforces with immediate and secure access to every application they need from any device they use without requiring multiple credentials which significantly enhances user productivity and IT efficiency We offer our customers an additional security layer through our Adaptive Multi Factor Authentication Adaptive MFA Device Access and Identity Threat Protection with Okta AI product offerings Our Universal Directory product offering also serves as a system of record to help our customers organize and manage their users Our Lifecycle Management product offering enables customers to manage users access privileges through their entire lifecycle with a no code approach that improves administrative efficiency and productivity Our Workflows product offering enables the building of identity related business processes with minimal or no code Okta Identity Governance our unified identity access management and identity governance product offering helps our customers improve their security and compliance posture while mitigating modern security risks and increasing efficiency Our Privileged Access Management product offering provides unified access and governance for privileged resources and increases visibility compliance and security without compromising user experience Our Access Gateway product offering enables our customers to extend the Okta Platform to their existing on premises applications Our Identity Security Posture Management product offering proactively identifies vulnerabilities and security gaps before they can be exploited by providing consolidated visibility into identity posture across the Okta Platform and third party solutions
The Auth0 Platform enables companies nonprofits and governmental agencies to transform their own customers or citizens experiences by empowering development teams to rapidly and securely build customer and citizen facing cloud mobile or web applications The Auth0 Platform primarily supports consumer and SaaS applications It empowers application builders to innovate faster by removing the complexity from identity and making it simple extensible and customizable We enable organizations to integrate our powerful identity platform into their cloud web and mobile applications This makes it easier for them to authenticate manage scale and secure their applications through comprehensive APIs software development kits and extensive developer tools enabling rapid time to market for the business Organizations are able to streamline user experience and improve security across all their applications leading to increased customer acquisition retention and loyalty
The Auth0 Platform provides multiple enhanced security capabilities including bot detection Adaptive MFA fraud prevention and account takeover attack protection while delivering a high level of security In addition to security and authentication Auth0 also supports authorization including fine grained authorization Our Auth for GenAI product offering enable developers to build chatbots and AI agents into their applications easily and securely
We strive to further increase revenue from our existing customers by cross selling and up selling additional and new product offerings We also believe we can expand our footprint by focusing on current customers that have deployed our Okta Platform and expanding those customers use of our Auth0 Platform or vice versa
To increase our market share we intend to focus on growing our base of large customers using a land and expand sales model with a focus on key markets by size of customers as well as key verticals including highly regulated sectors
We plan to further leverage the sales efforts of global system integrators managed service providers technology partners and other distribution partners for growth scale and specialized expertise Our Okta Elevate Partner Program is designed to incentivize partners to deliver and manage our solutions
With 21 of our revenue generated outside of the United States in fiscal 2025 and our international revenue growing 14 from fiscal 2024 to fiscal 2025 we believe there is a significant opportunity to continue to grow our international business We believe global demand for our product offerings will continue to be a long term opportunity as organizations outside the United States fully embrace the transition to cloud computing and larger international organizations take advantage of technology consolidation within their global locations
We intend to continue making significant investments in research and development hiring top technical talent and maintaining an agile organization By continuing to innovate introduce new product offerings and extend our platforms we believe that we can offer increasing value to our existing and potential customers For example investments in Okta AI led to newly launched products like Identity Threat Protection for the Okta Platform Guide for the Auth0 Platform and the industry s first real Universal Logout solution
We intend to further specialize the go to market organization to better meet the needs of the distinct buying centers Okta sellers will focus engagement on IT and security buyer needs including all workforce identity products as well as Okta customer identity Auth0 sellers will focus on meeting the unique needs of developers which include highly technical customer identity customizations and flexible development models
The Okta Integration Network is an extensive ecosystem which includes over 7 000 integrations with cloud mobile and web applications as well integrated solutions with IT infrastructure providers and security vendors We continue to add new integrations as we expand the surface area of our identity platform We view our investment in these partnerships as a force multiplier that enables us to build and promote complementary capabilities that benefit our customers
We want to empower every application developer to use our platforms to securely integrate identity into any application We believe that our platforms enable developers to focus their time and attention on innovating within their core application capabilities while relying on our platforms for their identity related requirements leading to more secure and convenient experiences for their own customers
Our position at the intersection of people devices applications and infrastructure gives us unique access to powerful threat intelligence identity data and the opportunity to provide differentiated insights based on that data as well as predictive capabilities
based on that data to help keep customers more secure We expect the value of our analytics to our customer base will increase as customers continue to connect more devices applications and users to their networks and as we add more customers We also expect that our analytics ability will enable our customers to use our data and third party data from our partners allowing customers to make more informed and secure access decisions We do not currently derive direct revenue from our unique data assets but we may explore opportunities for monetization in the future
From time to time we evaluate opportunities to acquire or invest in emerging and adjacent technologies to complement our organic investments and improve our product offerings services and customers experiences We will continue to use these types of strategic levers as opportunities arise
Our portfolio of product offerings and services is used to manage and secure identities Most of our product offerings can be used for both customer identity and workforce identity use cases and we are continuously enhancing our product offerings and services Our workforce identity product offerings are consumed through web and mobile interfaces and provide simple ways for IT organizations to manage identities for their employees contractors and business partners For customer identity our APIs are also used by developers to embed our identity functionality into their own customer facing mobile or web applications We continuously improve our Okta Platform and Auth0 Platform by releasing and developing additional product offerings features and services
When used to manage and secure identities for a customer s workforce Single Sign On enables users to access all of their applications whether in the cloud or on premises from any device with a single entry of their user credentials We combine secure access modern protocols flexible policies and a consumer like user experience to permit organizations to easily allow customers or partners to sign in to their applications with their existing identity information With Okta FastPass we enable our customers to provide their users with a passwordless experience across any device and every major operating system Single Sign On also enables built in reporting and analytics that provide real time search functionalities across users devices applications and the associated access and usage activity
Adaptive MFA is a comprehensive but simple to use product that provides an additional layer of security for an organization s cloud mobile and web applications and data We offer an intelligent approach to security built on contextual data Adaptive MFA includes a policy framework that is integrated with a broad set of cloud and on premises applications and network infrastructures It offers adaptive risk based authentication that leverages data intelligence from across the Okta Platform network of thousands of organizations as well as from our partner ecosystem
API Access Management enables organizations to secure APIs as systems connect to each other Access to these APIs is managed based on the user which enables organizations to centrally maintain one set of permissions for any employee partner or customer across every point of access API Access Management reduces development time boosts security helps in achieving compliance and enables seamless end user experiences by providing a unified portable service for authorizing secure and always available access to any API
Access Gateway enables organizations to extend Okta Platform which is a cloud native platform from the cloud to their existing on premises applications so that they can harness the benefits of the platform to manage all of their critical systems whether in the cloud on premises or hybrid Extending the benefits of the Okta Platform to hybrid IT environments delivers a single point of management for our customers administrators and a single location from which end users can access their critical applications
Okta Device Access extends the Okta Platform s secure access management to the device login experience Okta Device Access enables end users to securely log in to their devices with their Okta Platform credentials and meet MFA challenges from a set of strong factors helping organizations to harden their security posture by protecting a user s device with the same experience that the Okta Platform provides for applications and resources
Universal Directory provides a centralized cloud based system of record to store and secure user application and device profiles for an organization Users and profiles stored in the directory can be used with our Single Sign On product to manage passwords and authentication or can be used by developers to store and authenticate the users of their applications When used for workforce identity Universal Directory becomes a customer s system of record for all of its employees contractors and partners
Identity Threat Protection helps safeguard organizations with native identity intelligence from the Okta Platform and signals from third party tools integrated into an organization s security stack The Okta Platform s AI driven continuous risk and policy evaluations deliver real time identity threat assessment and automated remediation
Identity Security Posture Management ISPM helps organizations fortify their security measures and safeguard their digital assets with greater efficiency ISPM highlights critical identity security issues like admin sprawl MFA bypass and local accounts and prioritizes them based on risk severity for effective remediation
Lifecycle Management enables IT organizations or developers to manage a user s identity throughout its lifecycle from onboarding to offboarding It automates IT processes and ensures user accounts are created and deactivated at the appropriate times including the workflow and policies needed to power those processes and helps ensure compliance requirements are met as user roles evolve and access levels change
Designed to enable IT and security teams to move faster more accurately and more cost effectively as they scale Okta Workflows enables the building of identity related business processes with minimal or no code such as automating user onboarding and provisioning creating just in time authorization for software development and IT processes automating identity centric security responses and orchestrating customer data across backend systems
Okta Identity Governance provides a unified identity access management and identity governance solution focused on improving an organization s security and compliance posture helping customers to mitigate everyday security risks and improve IT efficiency Okta Identity Governance includes governance capabilities relating to access requests access certifications and access reporting Through these capabilities Okta Identity Governance simplifies and automates the process of requesting and approving access to applications and resources
Advanced Server Access offers continuous contextual access management to secure cloud infrastructure Organizations can continuously manage and secure access to on premises Windows and Linux servers and across leading Infrastructure as a Service vendors including AWS Google Cloud Platform and Microsoft Azure Advanced Server Access enables our customers to centralize access controls in a seamless manner to better mitigate the risk of credential theft reuse sprawl and abandoned administrative accounts
Okta Privileged Access enables organizations to reduce risk with unified access and governance management for on premises and cloud privileged resources for better visibility compliance and security for critical applications resources and infrastructure requiring privileged access
Universal Login is a standards based login infrastructure with centralized feature management and configuration for websites and applications that can be integrated with a wide range of social media login credential providers enterprise login services and customer provided databases Universal Login enables our customers to provide a consistent login experience across many different applications and devices
Attack Protection is a suite of security capabilities that protect our customers from different types of malicious traffic including bots breached passwords suspicious IP addresses and brute force attacks Attack Protection enables our customers to minimize risks associated with the ever growing volume of identity targeted attacks
Simple to use and adaptable MFA that minimizes friction to end users When using Adaptive MFA our customers leverage risk assessment algorithms that present MFA challenges only to select authentication attempts that require additional validation
Actions and Extensibility allow our customers to create customized identity flows that address their unique requirements through a drag and drop interface to add pre built partner integrations and their own custom logic across an authentication flow
Through our broad and deep product offerings that support a wide range of workforce and customer identity use cases we deliver multiple critical business outcomes for our customers These include boosting their cybersecurity posture reducing IT spending addressing regulations reducing fraud increasing new customer conversions creating frictionless customer experiences and helping technical teams deliver products to market faster
We focus on engineering an intuitive and comprehensive platform to solve complex identity management and security challenges Our cloud architecture is multi tenant encrypted and third party validated Our service also allows us to integrate into our customers on premises components and hybrid configurations
The Okta Platform and Auth0 Platform offer administrators and users a consistent easy to use consumer like experience across our product offerings Our technology integrates with industry leading browsers and mobile applications to provide seamless access to nearly any web or native mobile application We also heavily leverage operating system management and security technologies across desktops laptops and mobile devices to provide a transparent but secure experience for users across a range of devices These integrations allow us to seamlessly deliver identity access security and management use cases that previously required significant custom development to achieve
Security is essential for us and for our customers Our approach to security spans day to day operational practices from the design and development of our software to how customer data is segmented and secured within our multi tenant platform The Okta Platform and its features are updated regularly and along with continuous security testing there are periodic security reviews that provide audited and verifiable security checkpoints to ensure the quality of our source code A number of our Okta Platform product offerings have attained multiple
certifications including SOC 2 Type II Attestations CSA Star Level 2 Certification ISO IEC 27001 2022 ISO IEC 27017 2015 ISO IEC 27018 2019 and comply with many other international security frameworks Certain Okta Platform offerings maintain multiple agency Federal Risk and Authorization Management Program FedRAMP Authorities to Operate and are compliant to operate at Department of Defense Impact Level 4 Certain Okta Platform offerings maintain minimum security requirements in alignment with the Security Rule of the Health Insurance Portability and Accountability Act HIPAA The Okta Platform also supports FIPS 140 2 encryption requirements
Our technical operations and engineering models are designed around the concept of an always on highly redundant and available platform that we seek to upgrade without customer disruption Our product offerings and architecture were built entirely in and for the cloud with availability resiliency and scalability at the center of the design We have zero planned downtime including during our maintenance windows
Our proprietary architecture includes redundant active active active availability zones with cross continental disaster recovery regions real time database replication and geo distributed storage If one of our systems goes down another is quickly promoted Our architecture is designed to scale both vertically by increasing the size of the application tiers and horizontally by adding new geo distributed cells
The Okta Platform and Auth0 Platform are monitored not only at the infrastructure level but also at the application and third party integration level Synthetic transaction monitoring allows our technical operations team to detect and resolve issues proactively
The Okta Integration Network contains over 7 000 integrations with cloud mobile and web applications IoT devices and IT infrastructure providers including AWS Atlassian DocuSign Google Microsoft Office 365 NetSuite Oracle Palo Alto Networks Proofpoint Salesforce SAP ServiceNow Slack Splunk VMware Workday Zendesk and Zoom Our patented technology allows our customers to seamlessly connect to any application or type of device that is already integrated into our network In addition customers can extend the benefits of the Okta Integration Network by creating their own integrations to both cloud and on premises proprietary applications
Similarly the Auth0 Marketplace is a trusted catalog of integrations that enables application teams to easily assemble complete identity solutions The Auth0 Marketplace connects customers with service providers and builders who solve integration use cases and implement integrations with the Auth0 Platform
As of January 31 2025 we had more than 19 650 customers including more than 4 800 customers with an annual contract value greater than 100 000 Our customers span nearly all industry verticals and range from small organizations with fewer than 100 employees to companies in the Fortune 50 with up to hundreds of thousands of employees some of which use our platforms to manage millions of their customers identities
We sell directly to customers through our direct inside and field sales force and also indirectly through our extensive ecosystem of channel partners We also offer a self service approach for developers to sign up for free trials of our Auth0 Platform which may transition to paid offerings We often leverage our expansion sales model to generate incremental revenue often within the term of the initial agreement through the addition of new users and the sale of additional product offerings In many instances we find that initial customer success with our platforms results in key internal decision makers expanding their deployments for example from initial use for workforce identity to expanded use for their customer identity needs Furthermore as our customers are successful in their businesses and increase headcount the number of their customers or their monthly active users we have the opportunity to share in their growth as the number of identities that we manage increases Conversely if our customers reduce the size of their workforce then the number of identities that we manage and therefore our revenue may potentially decrease
Our sales organization is structured to address the specific needs of our target markets and is divided by geography and customer size and in some cases by industry vertical We also employ specialization in our sales team when appropriate such as our hunter farmer sales model for the Americas small and medium sized business market and our newly announced global go to market specialization strategy which is intended to better align our sales team with the distinct needs of IT security buyers and application developers Our direct sales force is supported by our sales engineers security team cloud architects professional services team and other technical resources
We benefit from an expansive partner ecosystem that helps drive additional sales Nearly all of the leading cloud application providers are our partners and many of them drive further customer acquisition for us through co selling arrangements building our offerings directly into their products and product demonstrations running on our technology We also partner with several of the large technology companies that are driving the movement to the cloud In addition to these technology partners we leverage our channel partners including system integrators traditional value added resellers VARs and Government VARs to broaden the range of customers we reach
Our most valuable marketing features our customers and their successes and is informed by a deeply data driven approach giving us insights into the efficacy of our efforts Our marketing efforts focus on promoting our industry leading product lines establishing our brand generating awareness creating sales leads and cultivating the Okta Communities
A centerpiece of our marketing strategy is our annual customer conference Oktane which features customers sharing their success stories new product and feature announcements and hands on product labs We also host a number of other events where we engage with both existing customers and new prospects as well as deliver product training
Our research and development organization is responsible for the design architecture creation and quality of our platforms The research and development organization also works closely with our technical operations team to ensure the successful deployment and monitoring of our platforms We use test automation and application monitoring to ensure our services are always on
Our product offerings are designed for ease of use and fast deployments As part of our customer first strategy we are focused on customer success and offer several programs to help our customers maximize their success with our product offerings These programs leverage the expertise and best practices that we have built while helping thousands of customers adopt and deploy our product offerings
We offer three tiers of support each of which builds upon the previous tier We provide 24 7 support for the highest support tiers as well as access to Customer Success and Technical Account Managers We also provide on
demand access to a robust online digital community and customer success hub where our customers can find answers to common use cases information about product features and interact with our experts and industry peers
Our professional services team provides assistance to customers in the deployment of our Okta Platform and Auth0 Platform and includes identity and security experts customized deployment plans SmartStart which provides a quick path to implementation and Okta Expert Assist in which we provide our customers with recommendations and best practices designed to improve their security posture
We protect our intellectual property through a combination of trademarks domain names copyrights trade secrets and patents as well as contractual provisions and restrictions on access to our proprietary technology
As of January 31 2025 we had 74 issued patents in the United States and 81 issued patents granted outside of the United States that expire between 2030 and 2044 and cover various aspects of our product offerings
We have registered Okta and Auth0 as trademarks in many jurisdictions throughout the world to protect our brands We also have filed other trademark applications pending in various jurisdictions throughout the world We also have registered other trademarks in the United States including The World s Identity Company and Oktane
In addition to the protection provided by our intellectual property rights we enter into confidentiality and proprietary rights or similar agreements with our employees consultants and contractors Our employees consultants and contractors are also subject to invention assignment agreements We further control the use of our proprietary technology and intellectual property through provisions in both general and product specific terms of use
The markets for our product offerings are rapidly evolving highly competitive and subject to shifting customer needs and frequent introductions of new competing technologies As the markets in which we operate continue to mature and new technologies and competitors enter those markets we expect competition to intensify Our competitor categories include
We compete with both cloud based and on premises enterprise application software providers We also compete against open source technologies that customers can use to build their own identity solutions Our competitors vary in size and in the breadth and scope of the products and services offered However certain of our
competitors have substantial competitive advantages such as significantly greater financial technical sales and marketing distribution customer support or other resources longer operating histories greater resources to make strategic acquisitions and greater name recognition than we have Our principal competitor is Microsoft
Principal competitive factors in our markets include flexibility independence product capabilities total cost of ownership time to value scalability user experience number of pre built integrations customer satisfaction global reach and ease of integration management and use We believe our product strategy platform architecture technology and independence as well as our company culture allow us to compete favorably on each of these factors
We expect competition to increase as other established and emerging companies enter our markets as customer requirements evolve and as new products and technologies are introduced We expect this to be particularly true as we are a cloud based offering and our competitors may also seek to acquire new offerings or repurpose their existing offerings to provide identity management solutions with subscription models With the continuing merger and acquisition activity in the technology industry particularly transactions involving security or identity and access management technologies there is a greater likelihood that we will compete with other large technology companies in the future in both the workforce identity and customer identity markets
Our core values love our customers always secure and always on build and own it and drive what s next inform and guide our human capital initiatives and objectives In order to continue to innovate and drive customer success it is crucial that we continue to attract develop and retain exceptional talent To that end we strive to make our workplace one in which employees feel like they have opportunities to grow and develop in their careers We support our employees with fair and competitive compensation benefits and wellness programs and initiatives that foster connections between and among our employees and their communities
As of January 31 2025 we had 5 914 employees of which approximately 62 were in the United States and 38 were in our international locations We have not experienced any work stoppages and we consider our relations with our employees to be good Our employee engagement program helps us understand employee sentiment on a wide range of topics throughout the employee lifecycle providing insights that inform our decisions about company initiatives employee programs talent risks management opportunities and more In fiscal 2025 86 of our eligible employees participated in our annual employee engagement survey
Build and own it is one of our core values Our goal is to create a shared sense of ownership in achieving our company vision where career growth competitive rewards and purpose empower our employees to do great work We want every employee to feel ownership of Okta
We invest significant resources to develop talent and actively foster a learning culture where employees are empowered to drive their personal and professional growth We provide our employees with a wide range of learning and development opportunities including in person virtual social and self directed learning mentoring coaching and external development Our extensive onboarding and training programs prepare our employees at all levels for career progression and individual development Our employee onboarding program helps our new hires get off to the right start our manager development program helps to build a solid foundation for our people managers and our technical training program brings our new technical employees up to speed on our product offerings
We provide robust compensation benefits and wellness programs that help support the varying needs of our employees In addition to market competitive base pay short term bonus incentives and long term equity
incentives our total rewards program offers comprehensive employee benefits that may vary by country or region including an employee stock purchase plan a 401 k plan in the United States with company matching contributions comprehensive medical dental and vision insurance life and disability insurance health savings accounts charitable donation matching flexible time off volunteer time off gender neutral paid parental leave fertility and adoption support family care resources mobile and internet reimbursement mental health and lifestyle support programs and a variety of other health and wellness resources
We help our employees succeed by providing flexibility in where and how they work We embrace a hybrid working approach that permits employees to work remotely or from one of our offices We believe a hybrid approach can increase employee empowerment satisfaction and productivity drive efficiency and enable us to hire from a broader pool of talent
The mission of our social impact arm Okta for Good is to build a safely connected world where everyone can belong and thrive We mobilize our people products and financial resources in service of our communities
Our employees are passionate about many causes and Okta for Good connects them with numerous giving and volunteering opportunities in service of our communities We believe this fosters a more meaningful fulfilling and enjoyable workplace In addition through Okta for Good we donate and discount access to our service for non profit organizations These organizations use Okta to make their teams more efficient and secure allowing them to focus on their important missions We also engage in philanthropic grantmaking via the Okta for Good Fund a donor advised fund held at Tides Foundation Grantmaking focus areas include
Prior to our initial public offering IPO in April 2017 we reserved 300 000 shares of our common stock to fund and support the operations of Okta for Good all of which have been issued as of January 31 2025 Ongoing philanthropic activities will be funded via cash contributions from Okta Inc Okta for Good is a part of our company and not a separate legal entity Additional information can be found on the Okta for Good page of our website at www okta com
We have an established sustainability program that aligns with our interest to have a positive impact on society and the environment We believe we have a long term responsibility to meaningfully participate in our society for the benefit of the environment and all of our stakeholders including our stockholders customers employees partners and communities Our executive leadership team oversees the strategic direction of our sustainability strategy while the nominating and corporate governance committee of our board of directors reviews the status of our sustainability programs and public disclosures We have set public commitments related to certain environmental matters and implemented a renewable energy program to track our energy consumption and reduction efforts Additional information on these and other sustainability initiatives as well our public targets and goals can be found on the Responsibility page of our website at www okta com
We incorporated in 2009 as Saasure Inc a California corporation In 2010 we reincorporated as Okta Inc a Delaware corporation Our principal executive offices are located at 100 First Street Suite 600 San Francisco California 94105 and our telephone number is 888 722 7871 Our website address is www okta com
Our investor relations website address is investor okta com Our Annual Reports on Form 10 K Quarterly Reports on Form 10 Q Current Reports on Form 8 K and Proxy Statements for our annual meetings of stockholders including any exhibits and amendments to these filings are available free of charge on our investor relations website after we file or furnish them with the SEC and they are available on the SEC s website at www sec gov
We webcast our earnings calls and certain events we participate in or host with members of the investment community on our investor relations website Supplemental financial and other information can be accessed through the Company s investor relations website We also use our investor okta com website and okta com blog websites including the Security Blog Okta Developer Blog and Auth0 Developer Blog as a means of disclosing material non public information announcing upcoming investor conferences and for complying with our disclosure obligations under Regulation FD Accordingly you should monitor our investor relations and okta com blog websites in addition to following our press releases SEC filings and public conference calls and webcasts Further corporate governance information including our corporate governance guidelines and code of conduct is also available on our investor relations website under the heading Responsibility and Governance Information contained on or that can be accessed through our websites is not incorporated by reference into this Annual Report on Form 10 K or in any other report or document we file with the SEC and any references to our websites are intended to be inactive textual references only
A description of the risks and uncertainties associated with our business is set forth below You should carefully consider the risks and uncertainties described below as well as the other information in this Annual Report on Form 10 K including our consolidated financial statements and the related notes and Management s Discussion and Analysis of Financial Condition and Results of Operations The occurrence of any of the events or developments described below or of additional risks and uncertainties not presently known to us or that we currently deem immaterial could materially and adversely affect our business results of operations financial condition and growth prospects In such an event the market price of our Class A common stock could decline and you could lose all or part of your investment
This risk factor summary contains a high level summary of risks associated with our business It does not contain all of the information that may be important to you and you should read this risk factor summary together with the more detailed discussion of risks and uncertainties set forth following this summary A summary of our risks includes but is not limited to the following
Adverse general economic market and industry conditions and reductions in workforce identity and customer identity spending have in the past and may in the future reduce demand for our solutions which could harm our revenue results of operations and cash flows
If we fail to manage our growth effectively or fail to execute our business plan we may not be able to maintain high levels of service and customer satisfaction or adequately address competitive challenges
Our business depends on our ability to retain existing customers and our revenues and results of operations could be adversely impacted if they do not renew their subscriptions or purchase additional licenses or subscriptions with us
We may experience quarterly fluctuations in our results of operations due to a number of factors that make our future results difficult to predict and could cause our results of operations to fall below analyst or investor expectations
In the past we have experienced cybersecurity incidents that allowed unauthorized access to our systems or data or our customers data harmed our reputation created additional liability and adversely impacted our financial results We and our third party service providers may experience similar incidents in the future which may also include disabling access to our service
We and our third party service providers have in the past failed or been perceived to have failed to fully comply with the privacy or security provisions of our privacy policy our contracts and or legal or regulatory requirements which could result in proceedings actions or penalties against us We may experience similar incidents in the future
If we are unable to ensure that our solutions integrate or interoperate with a variety of operating systems platforms services software applications devices mobile phones and other hardware form factors that are developed by others our platforms may become less competitive and our results of operations may be harmed
Because we generally recognize revenue from our subscriptions and support services over the term of the relevant service period a decrease in sales during a reporting period may not be immediately reflected in our results of operations for that period
The dual class structure of our common stock has the effect of concentrating voting control with those stockholders who held our capital stock prior to the completion of our IPO including our directors executive officers and their affiliates who held in the aggregate 35 3 of the voting power of our capital stock as of January 31 2025 This will limit or preclude your ability to influence corporate matters including the election of directors amendments of our organizational documents and any merger consolidation sale of all or substantially all of our assets or other major corporate transaction requiring stockholder approval
Adverse general economic market and industry conditions and reductions in workforce identity and customer identity spending have in the past and may in the future reduce demand for our solutions which could harm our revenue results of operations and cash flows
Our revenue results of operations and cash flows depend on the overall demand for our solutions Concerns about the inflation and interest rate environment the instability of financial institutions health epidemics the systemic impact of a widespread recession in the United States or internationally energy costs geopolitical issues such as Russia s invasion of Ukraine or the availability and cost of credit have and could continue to lead to increased market volatility decreased consumer confidence and diminished growth expectations in the U S economy and abroad which in turn could result in reductions in spending on our platforms by our existing and prospective customers These economic conditions can occur abruptly Prolonged economic slowdowns may result in customers requesting us to renegotiate existing contracts on less advantageous terms to us than those currently in place or defaulting on payments due on existing contracts or not renewing at the end of the contract term For example rising interest rates in the United States have affected businesses across many industries including ours by increasing the costs of labor employee healthcare and other components which may further constrain our our customers and prospective customers budgets To the extent there is a sustained general economic downturn and our platforms and services are perceived by customers or potential customers as costly or too difficult to deploy or migrate to our revenue may be disproportionately affected by delays or reductions in spending
Our prior revenue growth rates may not be indicative of our future growth or performance We have experienced revenue growth rates of 43 22 and 15 during fiscal 2023 2024 and 2025 respectively Our revenue for any quarterly or annual period should not be relied upon as an indication of our future revenue or revenue growth for any future period as we may not be able to sustain revenue growth consistent with recent history or at all Revenue growth depends on several factors including pricing our platforms to attract new and retain existing customers managing demand for our solutions competing against larger companies and new market entrants capitalizing on new acquisitions technologies or growth opportunities and other conditions described in these risk factors If we are unable to grow our revenue it will be difficult to maintain our profitability or maintain or increase our cash flow on a consistent basis We expect our operating expenses to increase in future periods as we continue to expand our business If our revenue growth does not increase to offset these anticipated increases in our operating expenses our business financial position and results of operations will be harmed and we may not be able to achieve or consistently maintain profitability Additionally the sales cycle for the evaluation and implementation of our platforms which typically extends for multiple months for enterprise deals may also cause us to experience a delay between increasing operating expenses and generating corresponding revenue if any We may not be able to prepare accurate internal financial forecasts or replace anticipated revenue that we lost as a result of such delays and our results of operations in future reporting periods could differ materially from our
If we fail to manage our growth effectively or fail to execute our business plan we may not be able to maintain high levels of service and customer satisfaction or adequately address competitive challenges
We have experienced rapid growth and organizational change which has placed and may continue to place significant demands on our management and our operational and financial resources In order to manage future growth and better align our organizational structure and resources with our business priorities we may undertake restructuring plans from time to time For example in recent years we have announced restructuring plans intended to reduce operating expenses and improve profitability that involved reductions of our workforce We have in the past encountered and may in the future encounter challenges in the execution of these restructuring efforts such as adverse impacts on employee morale or attrition beyond the intended reductions and these challenges could impact our ability to execute on our business initiatives which could cause our restructuring efforts to not be as effective as anticipated and harm our financial results
In addition as we expand our business it is important that we continue to maintain a high level of customer service and satisfaction As our customer base continues to grow we will need to expand our account management customer service and other personnel and our network of independent software vendors ISVs system integrators and other channel partners to provide personalized account management and customer service If we are not able to continue to provide high levels of customer service our reputation as well as our business results of operations and financial condition could be harmed
The markets for our solutions are rapidly evolving highly competitive and subject to shifting customer needs and frequent introductions of new technologies As the markets in which we operate continue to mature and new technologies and competitors enter such markets we expect competition to intensify We compete with both cloud based and on premise enterprise application software providers including but not limited to authentication providers access and lifecycle management providers multi factor authentication providers infrastructure as a service providers other customer identity and access management providers and solutions developed in house by our potential customers Our principal competitor is Microsoft
Many of our competitors have significantly greater financial technical sales and marketing distribution customer support or other resources larger intellectual property portfolios longer operating histories greater resources to make strategic acquisitions more established relationships with third party service providers and greater name recognition than we do They may also have a larger customer base many of which may prefer to purchase from the same competitor rather than replace their existing infrastructure with our solutions
Some of our larger competitors have substantially broader product offerings or greater resources to acquire new offerings or repurpose existing offerings to provide identity solutions with subscription models As a result they can leverage their relationships based on other solutions or incorporate functionality into existing solutions to gain business in a manner that discourages users from purchasing our solutions including selling at zero or negative margins bundling products or maintaining closed technology platforms In addition larger competitors as well as new start up companies that innovate make significant investments in research and development and may invent similar or superior solutions that compete with our solutions These competitive pressures or our failure to compete effectively may result in price reductions fewer orders reduced revenue and gross margins increased net losses and loss of market share which could harm our business results of operations and financial condition
While we achieved profitability in fiscal 2025 we have incurred net losses of 355 million and 815 million in fiscal 2024 and 2023 respectively We will need to generate and sustain increased revenue levels in future periods in order to become consistently profitable and even if we do we may not be able to maintain or increase our level of profitability We may incur losses in the future for a number of reasons including the risks described in these risk factors an increase in operating expense and other unknown risks Any failure by us to sustain profitability on a consistent basis could cause the value of our common stock to decline
Our business depends on our ability to retain existing customers and our revenues and results of operations could be adversely impacted if they do not renew their subscriptions or purchase additional licenses or subscriptions with us
Our ability to increase and maintain revenue growth depends in part on our ability to retain and expand our commercial relationships with our existing customers This requires that our existing customers continue to use our platforms either by purchasing additional subscriptions or by renewing their subscriptions when existing contract terms expire Our customers have no obligation to renew their subscriptions after the expiration of their subscription period They may decide not to renew their subscriptions with a similar contract period at the same prices and terms or with the same or a greater number of users In the past some of our customers have elected not to renew their agreements with us and it is difficult to accurately predict long term customer retention and expansion rates Customer retention and expansion has in the past and may in the future decline or fluctuate as a result of a number of factors such as customers satisfaction with our solutions our prices and pricing plans including as compared to those of competing software solutions unfavorable macroeconomic conditions reductions in customer spending levels negative sentiment stemming from cybersecurity incidents customer utilization rates new offerings and changes to the packaging of our product offerings If existing customers do not purchase additional subscriptions or renew their subscriptions renew on less favorable terms or fail to add more users our revenue may decline or grow less quickly than anticipated which would harm our future results of operations
We aim to increase our revenue and achieve and maintain profitability by growing our customer base particularly through sales to larger organizations As our market matures and product offerings evolve we believe that competitors will introduce lower cost or differentiated solutions that compete or are perceived to compete with our solutions If prospective customers view the cost or features of competitors solutions as preferable to ours or do not perceive our solutions to be of sufficiently high value and quality we could fail to attract the number and types of new customers we are seeking Prospective customers decisions to purchase our solutions depends on a variety of other factors including those specified under the risk factor titled
Our business depends on our ability to retain existing customers and our revenues and results of operations could be adversely impacted if they do not renew their subscriptions or purchase additional licenses or subscriptions with us
and described elsewhere in these risk factors Any failure to attract new customers could impede our success in selling new subscriptions and adversely impact our business financial condition and results of operations
We may experience quarterly fluctuations in our results of operations due to a number of factors that make our future results difficult to predict and could cause our results of operations to fall below analyst or investor expectations
security breaches of technical difficulties with or interruptions to the delivery and use of our solutions and any negative market perception or customer reactions related to or arising from the disclosure of such breaches difficulties or interruptions
changes in remaining performance obligations RPO due to seasonality the timing of and compounding effects of renewals invoice duration size and timing new business linearity between quarters and within a quarter average contract term or fluctuations due to foreign currency movements all of which may impact implied growth rates
The variability and unpredictability of our quarterly results of operations or other operating metrics could result in our failure to meet our expectations or those of analysts that cover us or investors with respect to revenue or other metrics for a particular period If we fail to meet or exceed such expectations for these or any other reasons the market price of our Class A common stock could fall substantially and we could face costly lawsuits including securities class action suits
Our ability to introduce new solutions is dependent on adequate research and development resources and in part on our ability to successfully complete acquisitions If we do not adequately fund our research and development efforts or complete acquisitions successfully we may not be able to compete effectively and our business and results of operations may be harmed
To remain competitive we must continue to develop new solutions applications and enhancements to our existing portfolio This is particularly true as we further expand and diversify our capabilities Maintaining adequate research and development resources such as the appropriate personnel and development technology to meet the demands of the market is essential If we elect not to or are unable to develop solutions internally we may choose to expand into a certain market or strategy via an acquisition for which we could potentially pay too much or fail to successfully integrate into our operations Further many of our competitors expend a considerably greater amount of funds on their respective research and development programs and those that do not have in some cases been acquired by larger companies that allocate greater resources to our competitors research and development programs Our failure to maintain adequate research and development resources or to compete effectively with the research and development programs of our competitors would give an advantage to such competitors and may harm our business results of operations and financial condition
Even if we maintain adequate research and development resources we may be unable to monetize newly developed solutions or features such that we can recoup our research and development expenditures For example if we develop a new feature but our competitors give an equivalent feature away for free we may need to also include our newly developed feature for free as part of an existing product offering to remain competitive in the marketplace Such a loss of anticipated revenue to offset our research and development expenditures may harm our business results of operations and financial condition
Future acquisitions investments partnerships or alliances could be difficult to identify and integrate divert the attention of management personnel disrupt our business dilute stockholder value and harm our results of operations and financial condition
We have in the past acquired and we may in the future seek to acquire or invest in businesses products teams or technologies that we believe could complement or expand our current platforms enhance our technical capabilities or otherwise offer growth opportunities The pursuit of potential acquisitions may divert the attention of management and cause us to incur various expenses in identifying investigating and pursuing suitable acquisitions whether or not they are consummated If we acquire additional businesses we may not be able to successfully integrate and retain the acquired personnel integrate the acquired operations and technologies adequately test and assimilate the internal control processes of the acquired business in accordance with the requirements of Section 404 of the Sarbanes Oxley Act of 2002 Sarbanes Oxley Act or effectively manage the combined business We may also be required to assume liabilities or incur unforeseen costs such as those arising from the acquired company s failure to comply with legal or regulatory requirements and litigation matters
Any acquisition or strategic transaction we do consummate could fail to produce the benefits we hope to achieve which could disrupt our own business or those of our partners and customers or result in future impairment charges In particular from time to time we invest in private growth stage companies for strategic reasons and to support key business initiatives All of our venture investments are subject to a risk of partial or total loss of investment capital and we may not realize a return on these investments
In addition we have limited experience in acquiring other businesses We may not be able to identify desirable acquisition targets or we may not be successful in entering into an agreement with any particular target Acquisitions could also result in dilutive issuances of equity securities use of our available cash or the incurrence of debt or in adverse tax consequences or unfavorable accounting treatment If an acquired business fails to meet our expectations our business results of operations and financial condition could suffer
Because our long term success depends in part on our ability to expand the sales of our solutions to customers located outside of the United States our business will be susceptible to risks associated with international operations
We currently have sales personnel outside the United States and maintain offices outside the United States in the Americas Asia Pacific and Europe and our international revenue was 21 of our total revenue in fiscal 2024 and fiscal 2025 Any international expansion efforts that we may undertake may not be successful We may face challenges including those not generally faced in the United States such as managing and staffing international operations and becoming familiar with varying technology standards local laws and business practices Conducting international operations also subjects us to among other risks described in these risk factors
unexpected changes in or costs and liabilities related to compliance with foreign legal and regulatory requirements such as data privacy and cybersecurity regimes intellectual property rights protections and requirements relating to the localization of our solutions
restrictive governmental actions focusing on cross border trade including taxes trade laws tariffs import and export restrictions or quotas barriers sanctions custom duties or other trade restrictions and
Establishing operations in international markets also requires significant management attention and financial resources and we cannot guarantee that these investments will produce desired levels of revenue or profitability If we fail to expand our operations successfully and in a timely manner our business and results of operations will suffer
The industry in which we compete is characterized by rapid technological change frequent introductions of new solutions and evolving industry standards Our ability to attract new customers and increase revenue from existing customers will depend in significant part on our ability to anticipate industry standards and trends We must continue to enhance existing solutions or introduce or acquire new solutions on a timely basis to keep pace with technological developments The success of any enhancement or new solution depends on several factors including the timely completion and market acceptance of the enhancement or new solution Any new solution we develop or acquire might not be introduced in a timely or cost effective manner and might not achieve the broad market acceptance necessary to generate significant revenue If any of our competitors implements new technologies before we are able to implement them those competitors may be able to provide more effective
solutions than ours at lower prices Any delay or failure in the introduction of new or enhanced solutions that gain market acceptance and meet customer requirements could harm our business results of operations and financial condition
We plan our expenses based on certain assumptions about the length and variability of our sales cycle These assumptions are based upon historical trends for sales cycles and conversion rates associated with our existing customers We are increasingly focused on sales to larger organizations which often involve lengthy purchasing approval processes and less predictable sales cycles The length of sales cycles may be further impacted by the current macroeconomic environment and by the discretionary nature of customer spending Customers may also take prolonged evaluation periods of our platforms or their features or functionality and those of our competitors As a result it is difficult to predict exactly when or even if we will make a sale If we are unable to close one or more of expected significant transactions in a particular period or if such an expected transaction is delayed until a subsequent period our results of operations for that period and for any future periods in which revenue from such transaction would otherwise have been recognized may be harmed
To grow our business we expect to continue to depend on relationships with third parties such as channel partners Identifying partners negotiating and maintaining relationships with them requires significant time and resources
Our ability to compete in the marketplace depends in part on whether third parties successfully market resell implement or support our solutions for their customers For example some of our channel partners sell or provide integration and administration services for our competitors solutions They may choose to devote greater resources to our competitors that are more effective in incentivizing them to favor their solutions over ours In addition acquisitions of such partners by our competitors could result in a decrease in the number of our current and potential customers as these partners may no longer facilitate the adoption of our applications by potential customers Some of our partners compete with certain of our solutions and may elect to no longer integrate with our platforms or sell our solutions
Our growth also depends on our ability to incentivize third party developers to adopt and build their applications using our APIs and solutions We believe that these applications facilitate greater usage and customization of our solutions If these third party developers stop developing on or supporting our platforms we will lose the benefit of network effects that have contributed to the growth in our number of customers
If we are unsuccessful in establishing or maintaining our relationships with third parties our ability to grow our revenue could be impaired and our results of operations may suffer Even if we are successful we cannot ensure that these relationships will result in increased customer usage of our applications or increased revenue
Our business depends upon the successful implementation of our solutions by our customers Increasingly we as well as our customers rely on our network of partners to deliver implementation services and there may not be enough qualified implementation partners available to meet customer demand Various other factors may cause implementations to be delayed inefficient or otherwise unsuccessful including significant costs to purchase implement and enable our solutions changes in our customers functional requirements timeline delays or deviation from recommended best practices These and other circumstances may delay our ability to sell additional solutions or result in customers canceling or failing to renew their subscriptions before our solutions have been fully implemented Unsuccessful lengthy or costly customer implementation and integration projects could result in claims from customers harm to our reputation and opportunities for competitors to displace our solutions each of which could have an adverse effect on our business and results of operations
We rely on partners to resell our services to public sector entities and we have made and plan to continue to make investments to support future sales opportunities in the public sector The sale of our services to public sector entities is tied to budget cycles and there are government requirements and authorizations that we may be required
to meet Further we may be subject to audits and investigations regarding our role as a subcontractor in government contracts and violations could result in penalties and sanctions including contract termination refunding or forfeiting payments fines and suspension or debarment from future government business Selling to these entities can be highly competitive expensive and time consuming often requiring significant upfront time and expense Public sector entities often require contract terms that differ from our standard arrangements and impose additional compliance requirements require increased attention to pricing practices or are otherwise time consuming and expensive to satisfy For example some of our public sector customers contract with us on the basis of our authorization under FedRAMP which requires us to undertake additional actions and expenses to ensure compliance Public sector entities may also have statutory contractual or other legal rights to terminate contracts with our partners for convenience for lack of funding or due to a default and any such termination may adversely impact our future results of operations If we represent that we meet certain standards authorizations such as FedRAMP or requirements and do not meet them or if such authorizations are suspended or revoked we could be subject to increased liability from our customers investigation by regulators or termination rights Even if we do meet them the additional costs associated with providing our service to public sector entities could harm our margins Moreover changes in underlying regulatory requirements could be an impediment to our ability to efficiently provide our service to government customers and to grow or maintain our customer base Any of these risks related to contracting with or as a subcontractor supporting public sector entities could adversely impact our future sales and results of operations or make them more difficult to predict
We believe that developing and maintaining awareness of our brand in a cost effective manner is critical to achieving widespread acceptance of our existing and future solutions and is an important element in attracting new customers and retaining existing customers Furthermore we believe that the importance of brand recognition is likely to increase as competition in our market increases Successful promotion of our brand will depend largely on the effectiveness of our marketing and sales efforts and on our ability to provide reliable and useful solutions at competitive prices and that align with our customers needs In the past our efforts to build our brand have involved significant expenses and have not always attracted a sufficient number of new customers to be cost effective
As of fiscal 2026 we are further specializing our sales force to better align with our customers and evolving market demands which will require us to invest significant financial and other resources We may not achieve anticipated revenue growth if we are unable to hire and develop talented sales personnel if our new sales personnel are unable to achieve desired productivity levels in a reasonable period of time or if we are unable to retain our existing sales personnel If our marketing and sales efforts are unsuccessful and we fail to enhance our brand we may fail to attract new customers or retain our existing customers to the extent necessary to realize a sufficient return on our brand building efforts and our business results of operations and financial condition could suffer
In the past we have at times adjusted our prices either for individual customers in connection with long term agreements or for a particular solution We expect that we may need to change our pricing in future periods and potentially in response to the inflation and interest rate environment and increased costs Further as competitors introduce new solutions that compete with ours or reduce their prices we may be unable to attract new customers or retain existing customers based on our historical pricing As we expand internationally we also must determine the appropriate price to enable us to compete effectively internationally In addition if our mix of solutions sold changes then we may need to or choose to revise our pricing As a result we may be required or choose to reduce our prices or change our pricing model which could harm our business results of operations and financial condition
If we are not able to consistently generate cash flows or raise additional capital necessary to expand our operations and invest in new technologies in the future could reduce our ability to compete successfully and harm our results of operations
We may need to raise additional funds and we may not be able to obtain additional debt or equity financing on favorable terms if at all If we raise additional equity or convertible debt financing our security holders may experience significant dilution of their ownership interests If we engage in additional debt financing we may be required to accept terms that restrict our ability to incur additional indebtedness force us to maintain specified liquidity or other ratios or restrict our ability to pay dividends or make acquisitions If we need additional capital and
cannot raise it on acceptable terms or at all we may not be able to effectively grow our business or respond to competitive pressures which could harm our business results of operations and financial condition
We are subject to numerous obligations in our contracts with our customers and partners Despite the procedures systems and internal controls we have implemented to comply with our contracts we may breach these commitments whether through a weakness in these procedures systems and internal controls negligence or the willful act of an employee or contractor Our insurance policies including our errors and omissions insurance may be inadequate to compensate us for the potentially significant losses that may result from claims arising from breaches of our contracts disruptions in our service including those caused by cybersecurity incidents failures or disruptions to our infrastructure catastrophic events and disasters or otherwise In addition such insurance may not be available to us in the future on economically reasonable terms or at all Further our insurance may not cover all claims made against us and defending a suit regardless of its merit could be costly and divert management s attention
Increased attention to environmental sustainability and social issues as well as societal expectations regarding voluntary sustainability initiatives and disclosures may result in increased costs including but not limited to increased costs related to compliance stakeholder engagement and contracting impact our reputation or otherwise affect our business performance We have undertaken certain sustainability related initiatives goals and commitments which we have communicated on our website in our SEC filings and elsewhere We may undertake additional actions including establishing certain sustainability goals or targets to improve our sustainability profile and or respond to demand from investors regulators customers and other stakeholders both U S based and internationally However such actions may be costly or subject to numerous conditions that are outside our control and we cannot guarantee that such actions will have the desired effect Our actual or perceived failure to achieve such goals or targets could negatively impact our reputation and impact our ability to compete as effectively to recruit or retain employees
Our continued growth depends in part on the ability of our existing and potential customers to access our platforms 24 hours a day seven days a week without interruption or degradation of performance System interruption and a lack of integration and redundancy in our information systems and infrastructure may adversely affect our ability to operate websites process and fulfill transactions respond to customer inquiries and generally maintain cost efficient operations We have experienced in the past and may experience in the future disruptions data loss or corruption outages and other performance problems with our infrastructure or service due to a variety of factors These factors include for example infrastructure and functionality changes human or software errors capacity constraints ransomware attacks that encrypt our data and render it inaccessible or security related incidents In some instances we may not be able to identify the cause or causes of these performance problems immediately and it could take months or even years for such problems to become pronounced enough for us to detect or for our customers to detect and inform us We may not be able to maintain the level of service uptime and performance required by our customers especially during peak usage times and as
our solutions become more complex and our user traffic increases If our platforms are unavailable or if our customers are unable to access our solutions or deploy them within a reasonable amount of time or at all our business would be harmed Since our customers rely on our service to access and complete their work any outage on our platforms would impair the ability of our customers to perform their work which would negatively impact our brand reputation and customer satisfaction
Our platforms are accessed by a large number of customers often at the same time and we continue to expand the number of our customers and solutions available to our customers While we rely on third party information technology systems broadband and other communications systems and service providers to assist in providing access to our platforms maintaining our infrastructure and distributing our solutions via the internet we may not
interruptions or delays in service If a service provider fails to provide sufficient capacity to support our platforms or otherwise experiences service outages including intentionally blocking our internet traffic or all internet traffic for example at the request of a national government intending to isolate its country s network such failure could interrupt our customers access to our service which could adversely affect their perception of our platforms reliability and our revenues Any disruptions in these services including as a result of actions outside of our control would significantly impact the continued performance of our solutions In the future these services may not be available to us on commercially reasonable terms or at all Any loss of the right to use any of these services could result in decreased functionality of our solutions until equivalent technology is either developed by us or if available from another provider is identified obtained and integrated into our infrastructure If we do not accurately predict our infrastructure capacity requirements our customers could experience service shortfalls We may also be unable to effectively address capacity constraints upgrade our systems as needed and continually develop our technology and network architecture to accommodate actual and anticipated changes in technology
Any of the above circumstances or events may harm our reputation cause customers to terminate their agreements with us impair our ability to obtain subscription renewals from existing customers impair our ability to grow our customer base result in the expenditure of significant financial technical and engineering resources subject us to financial penalties and liabilities under our service level agreements and otherwise harm our business results of operations and financial condition
In the past we have experienced cybersecurity incidents that allowed unauthorized access to our systems or data or our customers data harmed our reputation created additional liability and adversely impacted our financial results We and our third party service providers may experience similar incidents in the future which may also include disabling access to our service
Increasingly companies including Okta Inc are subject to a wide variety of attacks on their systems and networks on an ongoing basis In addition to threats from traditional computer hackers malicious code such as malware viruses worms and ransomware employee or contractor theft or misuse password spraying phishing and denial of service attacks we and our third party service providers now also face threats from sophisticated nation state actors and organized crime groups who engage in attacks including advanced persistent threat intrusions that add to the risks to our systems including those hosted on AWS or other cloud services providers systems internal networks our customers systems and the information that we and they store and process For example like other companies we have experienced an increase in cybersecurity attacks and have had to expend increasing amounts of human and financial capital to respond We expect that these cybersecurity attacks will continue and that the scope and sophistication of these efforts will increase in future periods Despite significant efforts to create security barriers to such threats it is virtually impossible for us to entirely mitigate these risks As a provider of independent and neutral cloud based identity solutions that form a part of our customers security software supply chain we pose an attractive target for such attacks The security measures we have integrated into our internal systems and platforms which are designed to detect unauthorized activity and prevent or minimize security breaches may not function as expected and have not in the past been and may not in the future be sufficient to protect our internal networks and platforms against certain attacks In addition techniques used to sabotage or to obtain unauthorized access to networks in which data is stored or through which data is transmitted change frequently become more complex over time As a result we and our third party service providers have in the past been and may in the future be unable to anticipate these techniques or implement adequate preventative measures quickly enough to prevent either an electronic intrusion into our systems or services or a compromise of customer data employee data or other protected information
Our customers use of our technology to access business systems and store data concerning among others their employees contractors partners and customers is essential to their use of our platforms which stores transmits and processes customers proprietary information and users personal data experienced and likely will in the future experience attacks targeting such customer data When such breaches occur as a result of third party action technology limitations employee or contractor error malfeasance or otherwise and if the confidentiality integrity or availability of our customers data or systems is disrupted we could incur significant liability to our customers and to individuals or businesses whose information was being stored by our customers and our platforms may be perceived as less desirable which could negatively affect our business and damage our reputation Techniques used to obtain unauthorized access to or to sabotage systems change frequently and generally are not recognized until launched against a target As a result we our third party service providers and our customers have not in the past been and may not in the future be able to anticipate these techniques or to implement adequate preventive measures Further because we do not control our third party service providers or the processing of data by our third party service providers we cannot ensure the integrity or security of measures they take to protect customer information and prevent data loss
In addition security breaches impacting our platforms have in certain cases resulted in and could in the future result in a risk of loss or unauthorized disclosure or theft of this information or the denial of access to this information which in turn could lead to enforcement actions litigation regulatory or governmental audits investigations and possible liability and increased requests by individuals regarding their personal data Security breaches could also damage our relationships with and ability to attract customers and partners and trigger service availability indemnification and other contractual obligations For example our customers have in the past published public criticisms of our security practices in connection with security incidents and these postings harm our reputation and brand Security incidents may also cause us to incur significant investigation mitigation remediation notification and other expenses Furthermore as a well known provider of identity and security solutions that form a part of our customers security software supply chain any such breach including a breach of our customers systems could compromise systems secured by our solutions creating system disruptions or slowdowns and exploiting security vulnerabilities of our or our customers systems and the information stored on our or our customers systems could be accessed publicly disclosed altered lost or stolen which could subject us to liability and cause us financial harm Our disclosures concerning security incidents also may become the subject of litigation and our disclosures concerning the January 2022 compromise for example have become the subject of lawsuits as discussed in Item 3
below While we have taken a number of remediation steps there is no guarantee that our preventative and mitigation actions with respect to this incident and others like it will fully eliminate the risk of a malicious compromise of our or our customers systems
We have experienced cybersecurity incidents resulting from our use of and oversight over third party service providers and could experience such incidents in the future These incidents have in the past and may in the future result from our configuration of such providers products or from cybersecurity attacks on such providers of the same type that could affect our own systems While we have implemented security measures and configuration policies that seek to protect data stored with our third party service providers such measures and policies have not in the past been and may not in the future be sufficient to protect our data or our customers data For example the January 2022 compromise of one of our third party service providers by a threat actor even though not material and not a breach of our platforms nonetheless was widely publicized and focused attention on the security of our systems and the systems of our third party service providers In addition in October 2023 a threat actor gained unauthorized access to and stole information from inside our customer support system which was hosted by a third party service provider
While we maintain cybersecurity insurance our insurance may be insufficient to cover all liabilities incurred in these incidents and any incidents may result in loss of or increased costs of our cybersecurity insurance
These breaches or any perceived breach of our systems our customers systems our service providers systems or other systems or networks secured by our platforms whether or not any such breach is due to a vulnerability in our platforms may also undermine confidence in our platforms or our industry and result in damage to our reputation and brand negative publicity loss of ISVs and other channel partners customers and sales increased costs to remedy any problem costly litigation and other liability In addition a breach of the security measures of one of our key ISVs or other channel partners or a security software supply chain attack even many levels removed could result in the exfiltration of confidential corporate information or other data that may provide additional avenues of attack For example an exploitation in an open source library that is imported and used in another framework that is used by a software product used by Okta Inc could introduce an avenue of attack into our platforms If a high profile security breach occurs with respect to a comparable cloud technology provider our customers and potential customers may lose trust in the security of the cloud business model generally which could adversely impact our ability to retain existing customers or attract new ones potentially causing a negative impact on our business Any of these negative outcomes could adversely impact market acceptance of our solutions and could harm our business results of operations and financial condition
Third parties have induced and may continue to fraudulently induce employees contractors customers or our customers users into disclosing sensitive information such as user names passwords or other information or otherwise compromise the security of our applications internal networks electronic systems and or physical facilities in order to gain access to our data or our customers data which could result in significant legal and financial exposure a loss of confidence in the security of our platforms interruptions or malfunctions in our operations account lockouts and ultimately harm to our future business prospects and revenue We may be required to expend significant capital and financial resources to protect against such threats or to alleviate problems caused by breaches in security
Our customers storage and use of data concerning among others their employees contractors partners and customers is essential to their use of our platforms We have implemented various features intended to enable our customers to better comply with applicable privacy and security requirements in their collection and use of data within our online service but these features have in the past not ensured and may in the future not ensure our customers compliance and may not be effective against all potential privacy or related regulatory concerns
Many jurisdictions have enacted or are considering enacting or revising privacy and or data security legislation including laws and regulations applying to the collection use storage transfer disclosure and or processing of personal data The costs of compliance with and other burdens imposed by such laws and regulations that are applicable to the operations of our customers may limit the use and adoption of our service and reduce overall demand for it These privacy and data security related laws and regulations are evolving and may result in increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions In addition we are subject to certain contractual obligations regarding the collection use storage transfer disclosure and or processing of personal data Although we are working to comply with those federal state and foreign laws and regulations industry standards contractual obligations and other legal obligations that apply to us those laws regulations standards and obligations are evolving and may be modified interpreted and applied in an inconsistent manner from one jurisdiction to another and may conflict with one another other requirements or legal obligations our practices or the features of our platforms
We also expect that there will continue to be new proposed laws regulations self regulatory and industry standards concerning privacy data protection digital services and information security in the United States China the European Union India and other jurisdictions and we cannot yet determine the impact such future laws regulations and standards may have on our business In the United States the Federal Trade Commission and state regulators enforce a variety of data privacy issues such as promises made in privacy policies or failures to appropriately protect information about individuals as unfair or deceptive acts or practices in or affecting commerce in violation of the Federal Trade Commission Act or similar state laws On the U S state level over a dozen states have adopted new or modified privacy and security laws These laws create a patchwork of legislation and regulation that impose heightened transparency obligations about data collection use and sharing practices add restrictions on the sale or sharing or transfer of personal information to third parties for purposes such as advertising or analytics create new data privacy rights for consumers including the ability to limit the use of personal information for advertising and carry significant enforcement penalties for non compliance including monetary and injunctive relief This patchwork may also give rise to conflicts or differing views of personal privacy rights For example certain state laws may be more stringent or broader in scope or offer greater individual rights with respect to personal data than federal international or other state laws and such laws may differ from each other all of which may complicate compliance efforts We may expend significant resources attempting to comply with conflicting and overlapping state privacy regulations and the cost and complexity of complying with such regulations could adversely affect our business or increase our potential liability if we fail to comply This influx of state privacy regimes indicates a trend toward more stringent privacy legislation in the United States including a potential federal privacy law which could also increase our potential liability and adversely affect our business In Europe the General Data Protection Regulation 2016 679 the GDPR imposes a strict data protection compliance regime in relation to the collection and processing of personal data and various European and other foreign laws also restrict the use of cookies tracking technologies and certain marketing activities
Future laws regulations standards and other obligations and changes in the interpretation of existing laws regulations standards and other obligations could impair our or our customers ability to collect use or disclose information relating to consumers which could decrease demand for our applications restrict our business operations or increase our costs and impair our ability to maintain and grow our customer base and increase our revenue Such laws and regulations may require companies to implement privacy and security policies permit users to exercise various data rights inform individuals of security breaches that affect their personal data and in some cases obtain individuals consent to use personal data for certain purposes If we or the third parties on which we rely fail to comply with federal state and international data privacy laws and regulations our ability to successfully operate our business and pursue our business goals could be harmed Additionally plaintiffs have become increasingly more active in bringing privacy related claims against companies Some of these claims allow for the recovery of statutory damages on a per violation basis and if viable carry the potential for significant statutory damages depending on the volume of data and the number of violations
With respect to cybersecurity in the United States the development of rules and guidance pursuant to various executive orders may apply to us including for example pursuant to Executive Order 14028 for critical software While the rules and guidance coming from the Order are still being developed we are likely to be categorized as a provider of critical software which may increase our compliance costs and delay or prevent our ability to execute contracts with customers including in particular with government entities
Any failure or perceived failure by us or our third party service providers to comply with federal state or foreign laws or regulations industry standards contractual obligations or other legal obligations compliance frameworks with which Okta Inc has contractually committed to comply or any actual or suspected privacy or security incident even if unfounded whether or not resulting in unauthorized access to or acquisition release or transfer of personal data or other data may result in investigations and enforcement actions and prosecutions private litigation including class action lawsuits fines penalties and censure claims for damages by customers and other affected individuals or adverse publicity and could cause our customers to lose trust in us which could have an adverse effect on our reputation and business
We publicly post our privacy policies and practices concerning our processing use and disclosure of the personal data provided to us by our website visitors and by our customers and other individuals with whom we interact Our publication of our privacy policies and other statements we publish that provide promises and assurances about privacy and security can subject us to potential state and federal action if they are found to be unfair deceptive or misrepresentative of our practices
If our platforms are perceived to cause or are otherwise unfavorably associated with violations of privacy or data security requirements it may subject us or our customers to public criticism and potential legal liability Existing and potential privacy laws and regulations concerning privacy and data security and increasing sensitivity of consumers to unauthorized processing of personal data may create negative public reactions to technologies solutions and services such as ours Public concerns regarding personal data processing privacy and security may cause some of our customers end users to be less likely to visit their websites or otherwise interact with them If enough end users choose not to visit our customers websites or otherwise interact with them our customers could stop using our platforms This in turn may reduce the value of our service and slow or eliminate the growth of our business or cause our business to contract
Privacy is a key issue for Okta Inc and for our customers We have attained multiple privacy certifications such as the Privacy Recognition for Processors and the European Union Cloud Code of Conduct Level 2 If we fail to maintain our privacy certifications or if we fail to seek expansion of their applicability to acquired and or newly developed solutions we may fail to meet our contractual commitments and we may fail to retain our existing customers or attract new customers and our business results of operations and financial condition could suffer
We are subject to global data protection laws and regulations Data Protection Laws that may impact how we do business with customers Data Protection Laws such as those applicable in the European Union Canada and certain of its provinces United Kingdom Asia and certain states in the United States have enhanced data protection obligations for companies that handle personal data Obligations include for example expanded disclosures about how personal data is to be used individual rights in relation to personal data limitations on retention of personal data mandatory data breach notification requirements and strict obligations on service providers and restrictions on online marketing and the use of cookies and tracking technologies
In addition increasing numbers of Data Protection Laws restrict transfers of personal data outside of their country of origin to countries deemed to lack adequate privacy protections These types of transfers must be supported by a transfer mechanism that we may be required to implement and in many jurisdictions there is significant legal uncertainty around the validity and sufficiency of data transfer mechanisms and evolving legal and regulatory expectations could impose additional obligations or require expenditure of additional resources to comply with the Data Protection Laws
Data Protection Laws are rapidly expanding and evolving and many have extraterritorial effect which may increase our compliance costs and expose us to greater enforcement risk In addition we may be or become subject to data localization laws which require personal data or certain subcategories of personal data to be stored in the jurisdiction of origin These regulations may deter customers from using cloud based services such as ours and may inhibit our ability to expand into those markets or prohibit us from continuing to offer services in those markets without significant additional costs
This regulatory environment applicable to the handling of personal data and our actions taken in response may cause us to assume additional liabilities or incur additional costs and could result in our business results of operations and financial condition being harmed We and our customers may face a risk of enforcement actions by an increasing number of global data protection authorities in countries where data protection laws apply to us and with which we may not be able to comply Any such enforcement actions could result in substantial costs and diversion of resources distract management and technical personnel and negatively affect our business results of operations and financial condition
Non compliance with these obligations can trigger significant fines and other penalties Regulatory bodies can also issue orders to cease or change data processing enforcement notices and or assessment notices for a compulsory audit and civil claims including class actions for compensation or damages In addition to fines some U S states allow a private right of action Given the breadth and depth of changes in data protection obligations complying with these requirements has caused us to expend significant resources which is likely to continue into the near future as we respond to new interpretations and enforcement actions
In addition new laws are continually being passed and new case law and regulatory guidance means Data Protection Laws are constantly evolving For example India recently passed a comprehensive data protection law that will apply new privacy rules for the first time in that country In addition the number of U S states with comprehensive Data Protection Laws significantly increased in 2024 We cannot yet determine the impact that such future laws regulations and standards may have on our business Such laws and regulations are often subject to differing interpretations and may be inconsistent among jurisdictions We could incur substantial expense in complying with any new obligations be required to make significant changes to our business operations or to the development of new or existing solutions and we may not be able to comply with some of these regulatory developments all of which may adversely affect our revenues and our business overall
Security is essential for us and for our customers A number of our Okta Platform product offerings have attained multiple certifications including SOC 2 Type II Attestations CSA Star Level 2 Certification ISO IEC 27001 2022 ISO IEC 27017 2015 ISO IEC 27018 2019 and comply with many other international frameworks Certain Okta Platform offerings maintain multiple agency FedRAMP Authorities to Operate and are compliant to operate at Department of Defense Impact Level 4 Certain Okta Platform offerings maintain minimum security requirements in alignment with the Security Rule of HIPAA The Okta Platform also supports FIPS 140 2 encryption requirements If we fail to maintain our security attestations and certifications or if we fail to seek expansion of their applicability to acquired and or newly developed products we may fail to meet our contractual commitments and we may fail to retain our existing customers or attract new customers and our business results of operations and financial condition could suffer
We provide service level commitments under our customer contracts If we fail to meet these contractual commitments we could be obligated to provide credits for future service which could harm our business results of operations and financial condition
Our customer agreements contain service level commitments under which we guarantee specified availability of our platforms Any failure of or disruption to our infrastructure could make our platforms unavailable to our customers If we are unable to meet the stated service level commitments to our customers or suffer extended periods of unavailability of our platforms we have been and could in the future be contractually obligated to provide affected customers with service credits for future subscriptions Our revenue other results of operations and financial condition could be harmed if we suffer unscheduled downtime that exceeds the service level commitments under our agreements with our customers and any extended service outages could adversely affect our business and reputation as customers may elect not to renew and we could lose future sales
If we are unable to ensure that our solutions integrate or interoperate with a variety of operating systems platforms services software applications devices mobile phones and other hardware form factors that are developed by others our platforms may become less competitive and our results of operations may be harmed
The number of people who access the internet through mobile devices and access cloud based software applications through mobile devices including smartphones and handheld tablets or laptop computers has increased significantly in the past several years and is expected to continue to increase While we have created mobile applications and mobile versions of our solutions that are accessible on third party application stores if
these mobile applications and solutions do not perform well our business may suffer Third party application stores may also impose new requirements including for example updates to their terms of access or policies on how we or our channel partners must collect use and share data Compliance with any such requirements could be costly or burdensome and could prevent us from timely updating our current mobile applications or distributing new mobile applications If we fail to comply with these requirements we could lose access to or be required to remove our mobile applications from third party application stores
In addition our solutions interoperate with servers mobile devices and software applications predominantly through the use of protocols many of which are created and maintained by third parties As a result we depend on the interoperability of our solutions with such third party services mobile devices and mobile operating systems as well as cloud enabled hardware software networking browsers database technologies and protocols that we do not control Past and future changes in such technologies that degrade the functionality of our solutions or give preferential treatment to competitive services have in the past and could in the future adversely affect adoption and usage of our platforms Any change in our customers preference for cloud based identity management or any shift towards on premises systems could also adversely affect adoption and usage of our platforms Also we may not be successful in developing or maintaining relationships with key participants in the mobile industry or in developing solutions that operate effectively with a range of operating systems networks devices browsers protocols and standards In addition we may face different fraud security and regulatory risks from transactions sent from mobile devices than we do from personal computers If we are unable to effectively anticipate and manage these risks or if it is difficult for our customers to access and use our platforms our business results of operations and financial condition may be harmed
Our success also depends on the willingness of third party developers and technology providers to build applications and provide integrations that are complementary to our service Without the development of these applications and integrations both current and potential customers may not find our service sufficiently attractive and our business results of operations and financial condition could suffer
Interruptions or delays in the services provided by third party data centers or internet service providers have in the past and could in the future impair the delivery of our platforms and our business could suffer
We rely on a number of third party service providers to operate our services For example we host our platforms using AWS data centers and other third party cloud infrastructure services Our operations depend on protecting the virtual cloud infrastructure hosted in AWS or other cloud services by maintaining its configuration architecture and interconnection specifications as well as the information stored in these virtual data centers and which third party internet service providers transmit Service interruptions from such infrastructure providers have caused and could in the future cause outages on our platforms Our solutions use resources operated by us in these locations Although we have disaster recovery plans that use multiple virtual data center locations any incident affecting their infrastructure including events beyond our control could negatively affect our platforms harm our reputation and expose us to liability We may also incur significant costs for using alternative equipment or taking other actions in preparation for or in reaction to events that damage the third party services we use
We rely on software and services from other parties Defects in or the loss of access to software or services from third parties could increase our costs and adversely affect the quality of our solutions
We rely on technologies from third parties to operate critical functions of our business including cloud infrastructure services and customer relationship management services Our business would be disrupted if any of the third party software or services we use or functional equivalents were unavailable due to defects in the software or services from those third parties or because they are no longer available on commercially reasonable terms or prices In each case we would be required to either seek licenses to software or services from other parties and redesign our solutions to function with such software or services or develop substitutes ourselves which would result in increased costs and could result in delays in launches or releases of new solutions until equivalent technology can be identified licensed or developed and integrated into our solutions Furthermore we might be forced to limit the features available in our current or future solutions These delays and feature limitations if they occur could harm our business results of operations and financial condition
Errors failures vulnerabilities or bugs have in the past and may in the future occur in our solutions especially when updates are deployed or new solutions are rolled out maintenance patches are applied or
computing environments with different operating systems system management software equipment and networking configurations which may cause errors or failures of our solutions or other aspects of the computing environment into which our solutions are deployed In addition deployment of our solutions into complicated large scale computing environments may expose errors failures vulnerabilities or bugs in our solutions Any such errors failures vulnerabilities or bugs may not be found until after they are deployed to our customers
We are committed to increasing our transparency with our customers and the public about our solutions and technology This transparency which may be more than is expected of companies in our industry could lead to us publicly disclosing information that we would not otherwise be legally required to disclose such as errors failures vulnerabilities or bugs in our solutions and technology As a result we could experience negative publicity that could harm our business Any real or perceived errors failures vulnerabilities or bugs in our solutions or delays in or difficulties implementing our solutions could also result in loss compromise corruption or other unavailability of customer data disruptions to our solutions or our customers products systems networks and operations loss of business and new customers loss of or delay in market acceptance of our solutions a decrease in customer satisfaction or adoption rates loss of competitive position or claims by customers for losses sustained by them all of which could harm our business results of operations and financial condition
Issues in the development and use of artificial intelligence AI combined with an uncertain regulatory environment may result in reputational harm liability or other adverse consequences to our business operations
We use internally developed and third party developed machine learning and AI technologies in our offerings and business and we are making investments in expanding our AI capabilities in our portfolio including ongoing deployment and improvement of existing machine learning and AI technologies as well as developing new product features using AI technologies including for example generative AI AI technologies are complex and rapidly evolving and we face significant competition from other companies as well as an evolving regulatory landscape For example in the European Union the Artificial Intelligence Act establishes obligations on the use of AI based on the type of AI and its potential risks to society Additionally in the United States federal and state legislatures and agencies are introducing legal frameworks and rules governing AI The introduction of AI technologies into new or existing solutions may result in new or enhanced governmental or regulatory scrutiny litigation confidentiality or security risks ethical concerns or other complications that could adversely affect our business reputation or financial results For example even if permitted by our privacy policy and contractual rights our use of data in novel AI applications may in time expand beyond customer expectations The intellectual property ownership and license rights including copyright surrounding AI technologies has not been fully addressed by courts or national or local laws or regulations and the use or adoption of third party AI technologies into our solutions may result in exposure to claims of copyright infringement or other intellectual property misappropriation Uncertainty around new and emerging AI technologies such as generative AI may require additional investment in the development and maintenance of proprietary datasets and machine learning models development of new approaches and processes to provide attribution or remuneration to creators of training data and development of appropriate protections and safeguards for handling the use of customer data with AI technologies which may be costly and could impact our expenses as we continue to expand generative AI into our product offerings AI technologies including generative AI may create content that appears correct but is factually inaccurate or flawed Our customers or others may rely on or use this flawed content to their detriment which may expose us to brand or reputational harm competitive harm and or legal liability The use of AI technologies presents emerging ethical and social issues and if we enable or offer solutions that draw scrutiny or controversy due to their perceived or actual impact on customers or on society as a whole we may experience brand or reputational harm competitive harm and or legal liability
If we fail to adequately protect our proprietary rights our competitive position could be impaired and we may lose valuable assets generate less revenue and incur costly litigation to protect our rights
Our success is dependent in part upon protecting our proprietary information and technology We rely on a combination of patents copyrights trademarks service marks trade secret laws and contractual restrictions to establish and protect our proprietary rights However the steps we take to protect our intellectual property may be inadequate We will not be able to protect our intellectual property if we are unable to enforce our rights or if we do not detect unauthorized use of our intellectual property Despite our precautions it may be possible for unauthorized third parties to copy our solutions and use information that we regard as proprietary to create solutions that compete with ours Some contract provisions protecting against unauthorized use copying transfer and disclosure of our solutions may be unenforceable under the laws of certain jurisdictions and foreign countries Further the laws of
some countries do not protect proprietary rights to the same extent as the laws of the United States and mechanisms for enforcement of intellectual property rights in some foreign countries may be inadequate To the extent we expand our international activities our exposure to unauthorized copying and use of our solutions and proprietary information may increase Accordingly despite our efforts we may be unable to prevent third parties from infringing upon or misappropriating our technology and intellectual property
We rely in part on trade secrets proprietary know how and other confidential information to maintain our competitive position Although we enter into confidentiality and invention assignment agreements with our employees and consultants and enter into confidentiality agreements with the parties with whom we have strategic relationships and business alliances no assurance can be given that these agreements will be effective in controlling access to and distribution of our solutions and proprietary information Further these agreements do not prevent our competitors from independently developing technologies that are substantially equivalent or superior to our solutions
To protect our intellectual property rights we may be required to spend significant resources to monitor and protect these rights Litigation may be necessary in the future to enforce our intellectual property rights and to protect our trade secrets Such litigation could be costly time consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property Furthermore our efforts to enforce our intellectual property rights may be met with defenses counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights Our inability to protect our proprietary technology against unauthorized copying or use as well as any costly litigation or diversion of our management s attention and resources could delay further sales or the implementation of our solutions impair the functionality of our solutions delay introductions of new solutions result in our substituting inferior or more costly technologies into our solutions or injure our reputation In addition we may be required to license additional technology from third parties to develop and market new solutions and we cannot ensure that we can license that technology on commercially reasonable terms or at all and our inability to license this technology could harm our ability to compete
There is considerable patent and other intellectual property development activity in our industry and we expect that software companies will increasingly be subject to infringement claims as the number of solutions and competitors grows and the functionality of solutions in different industry segments overlaps In addition the patent portfolios of many of our competitors are larger than ours and this disparity may increase the risk that our competitors may sue us for patent infringement and may limit our ability to counterclaim for patent infringement or settle through patent cross licenses Other companies have claimed in the past and may claim in the future that we infringe upon their intellectual property rights A claim may also be made relating to technology that we acquire or license from third parties Further we may be unaware of the intellectual property rights of others that may cover some or all of our technology
If we fail to adequately protect our proprietary rights our competitive position could be impaired and we may lose valuable assets generate less revenue and incur costly litigation to protect our rights
We use open source software in our solutions and expect to use more open source software in the future From time to time there have been claims challenging the ownership of open source software against companies that incorporate open source software into their products However the terms of many open source licenses have not been interpreted by U S courts and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our solutions As a result we could be subject to lawsuits by parties claiming ownership of what we believe to be open source software Litigation could be costly for us to defend have a negative effect on our results of operations and financial condition or require us to devote additional research and development resources to change our solutions In addition if we were to combine our proprietary software with open source software in a certain manner we could under certain of the open source licenses be required to release the source code of our proprietary software to the public which could open security risks as well as risks to exposing some of our trade secrets This would allow our competitors to create similar solutions with less development effort and time If we inappropriately use open source software or if the license
terms for open source software that we use change we may be required to re engineer our solutions incur additional costs discontinue the sale of some or all of our solutions or take other remedial actions Some open source software may include generative AI software or other software that incorporates or relies on generative AI or other AI technologies The use of such software may expose us to risks as the intellectual property ownership and license rights including copyright of generative AI software and tools has not been fully interpreted by U S courts or been fully addressed by federal or state regulation
In addition to risks related to license requirements usage of open source software can lead to greater risks than use of third party commercial software as open source licensors generally do not provide warranties or assurance of title or controls on origin of the software In addition many of the risks associated with usage of open source software such as security issues potential loss of trade secret protection and the lack of warranties or assurances of title cannot be eliminated and could if not properly addressed negatively affect our business We have established processes to help alleviate these risks including a review process for screening requests from our development organizations for the use of open source software but we cannot be sure that all of our use of open source software is in a manner that is consistent with our current policies and procedures or will not subject us to liability
Our agreements with customers and other third parties include provisions under which we agree to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims of intellectual property infringement damages caused by us to property
or persons or other liabilities relating to or arising from the use of our platforms or other acts or omissions From time to time customers also require us to indemnify or otherwise be liable to them for breach of confidentiality violation of applicable law or failure to implement adequate security measures with respect to their data stored transmitted or accessed using our platforms The term of these contractual provisions often survives termination or expiration of the applicable agreement Although we normally contractually limit our liability with respect to such obligations the existence of such a dispute may have adverse effects on our customer relationship and reputation and we may still incur substantial liability or large indemnity payments This could significantly increase our operating expenses require us to restrict our business activities and limit our ability to deliver certain solutions all of which could require significant time effort and expense harm our reputation and customer relationships and negatively affect our business
Because we generally recognize revenue from our subscriptions and support services over the term of the relevant service period a decrease in sales during a reporting period may not be immediately reflected in our results of operations for that period
We generally recognize revenue from subscriptions and related support services revenue ratably over the relevant service period Net new revenue from new subscriptions upsells and renewals entered into during a period can generally be expected to generate revenue for the duration of the service period As a result most of the revenue we report in each period is derived from the recognition of deferred revenue relating to subscriptions and support services contracts entered into during previous periods Consequently a decrease in new or renewed subscriptions in any single reporting period will have a limited impact on our revenue for that period but will negatively affect our revenue in future periods In addition our ability to adjust our cost structure in the event of a decrease in new or renewed subscriptions may be limited
Our subscription model also makes it difficult for us to rapidly increase our revenue through additional sales in any period as revenue from customers is generally recognized over the applicable service period Additionally due to the complexity of certain of our customer contracts the actual revenue recognition treatment required under relevant accounting principles generally accepted in the United States GAAP will depend on contract specific terms and may result in greater variability in revenue from period to period
Today a vast majority of our customer contracts are denominated in U S dollars Over time however an increasing portion of our international customer contracts may be denominated in local currencies In addition the majority of our international costs are denominated in local currencies As a result fluctuations in the value of the U S dollar and foreign currencies may affect our results of operations when translated into U S dollars We do not currently engage in currency hedging activities to limit the risk of exchange rate fluctuations However in the future we may use derivative instruments such as foreign currency forward and option contracts to hedge certain exposures to fluctuations in foreign currency exchange rates The use of such hedging activities may not offset any or more than a portion of the adverse financial effects of unfavorable movements in foreign exchange rates over the limited time the hedges are in place Moreover the use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments
We are subject to anti corruption and anti bribery and similar laws such as the U S Foreign Corrupt Practices Act of 1977 as amended the FCPA the U S domestic bribery statute contained in 18 U S C 201 U S Travel Act the USA PATRIOT Act the U K Bribery Act 2010 and other anti corruption anti bribery and anti money laundering laws in countries in which we conduct activities Anti corruption and anti bribery laws have been enforced aggressively in recent years and are interpreted broadly and prohibit companies and their employees and agents from promising authorizing making or offering improper payments or other benefits to government officials and others in the private sector As we increase our international sales and business our risks under these laws may increase
In addition we use channel partners to sell our solutions and conduct business on our behalf We or such partners may have direct or indirect interactions with officials and employees of government agencies or state owned or affiliated entities and under certain circumstances we could be held liable for the corrupt or other illegal activities of such partners and our employees representatives contractors partners and agents even if we do not explicitly authorize such activities
Noncompliance with the FCPA other applicable anti corruption laws or anti money laundering laws could subject us to investigations whistleblower complaints sanctions settlements prosecution and other enforcement actions within the U S and internationally which could have a material adverse effect on our reputation business results of operations and financial condition
We are subject to governmental export controls and economic sanctions laws that could impair our ability to compete in international markets and subject us to liability if we are not in full compliance with applicable laws
Our business activities are subject to various restrictions under U S export controls and trade and economic sanctions laws which include prohibitions on the sale or supply of certain products and services to U S embargoed or sanctioned countries governments persons and entities and also require authorization for the export of encryption items In addition various countries regulate the import of certain encryption technology including through import and licensing requirements and have enacted laws that could limit our ability to distribute our service or could limit our customers ability to implement our service in those countries If we fail to comply with these laws and regulations we and certain of our employees could be subject to civil or criminal penalties including the possible loss of export privileges and monetary penalties Obtaining the necessary authorizations including any required license for a particular transaction may be time consuming is not guaranteed and may result in the delay or loss of sales opportunities Although we take precautions to prevent our solutions from being provided in violation of such laws our solutions may have been in the past and could in the future be provided inadvertently in violation of such laws despite the precautions we take This could result in negative consequences to us including government investigations penalties and harm to our reputation
We are expanding our international operations and staff to better support our growth into certain international markets Our corporate structure and associated transfer pricing policies anticipate future growth into certain international markets The amount of taxes we pay in different jurisdictions may depend on the application of the tax laws of the various jurisdictions including the United States to our international business activities changes in tax rates new or revised tax laws or interpretations of existing tax laws and policies and our ability to operate our
business in a manner consistent with our corporate structure and intercompany arrangements The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for pricing intercompany transactions which are generally required to be computed on an arm s length basis pursuant to intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions If such a challenge or disagreement were to occur and our position was not sustained we could be required to pay additional taxes interest and penalties which could result in one time tax charges higher effective tax rates reduced net cash flows and lower overall profitability of our operations Our financial statements could fail to reflect adequate reserves to cover such a contingency
New income sales use value added or other transaction level taxes tax laws statutes rules regulations or ordinances could be enacted at any time Those enactments could adversely impact our domestic and international business operations and our business and financial performance Further existing tax laws statutes rules regulations or ordinances could be interpreted changed modified or applied adversely to us These events could require us or our customers to pay additional tax amounts on a prospective or retroactive basis as well as require us or our customers to pay fines and or penalties and interest for past amounts deemed to be due If we raise our prices to offset the costs of these additional taxes existing and potential future customers may elect not to purchase our solutions in the future Additionally new changed modified or newly interpreted or applied tax laws could increase our compliance operating and other costs as well as the costs of our solutions to our customers Further these events could decrease the capital we have available to operate our business Any or all of these events could harm our business and financial performance For example various legislative and regulatory actions and proposals such as in the United States the Organisation for Economic Co operation and Development and the EU have increasingly focused on future tax reform and contemplate changes to long standing tax principles which could adversely affect our liquidity and results of operations
As a multinational organization we may be subject to taxation in certain jurisdictions around the world with increasingly complex tax laws the application of which can be uncertain The amount of taxes we pay in these jurisdictions could increase substantially as a result of changes in the applicable tax principles including increased tax rates new tax laws or revised interpretations of existing tax laws and precedents which could harm our liquidity and results of operations In addition the authorities in these jurisdictions could review our tax returns and impose additional tax interest and penalties and the authorities could claim that various withholding requirements apply to us or our subsidiaries or assert that benefits of tax treaties are not available to us or our subsidiaries any of which could harm us and our results of operations
Our business may be subject to additional obligations to collect and remit sales tax and other taxes and we may be subject to tax liability for past sales Any successful action by state foreign or other authorities to collect additional or past sales tax could harm our business
State foreign and local taxing jurisdictions have differing rules and regulations governing sales use and other indirect taxes including digital services taxes and these rules and regulations are subject to varying interpretations that may change over time In particular the applicability of certain sales value added and digital services taxes to our platforms in various jurisdictions is unclear It is possible that we could face tax audits and that our liability for these taxes could exceed our estimates as tax authorities could still assert that we are obligated to collect additional amounts as taxes from our customers and remit those taxes to those authorities We could also be subject to audits in states and international jurisdictions for which we have not accrued tax liabilities A successful assertion that we should be collecting additional sales or other taxes on our solutions and services in jurisdictions where we have not historically done so and do not accrue for such taxes could result in substantial tax liabilities for past sales discourage customers from purchasing our solutions or otherwise harm our business results of operations and financial condition
We file sales tax returns in certain states within the United States as required by law and certain customer contracts for a portion of the solutions that we provide We do not collect sales or other similar taxes in other states and many of such states do not apply sales or similar taxes to the vast majority of the solutions that we provide However one or more states or foreign authorities could seek to impose additional sales use or other tax collection and record keeping obligations on us or may determine that such taxes should have but have not been paid by us Liability for past taxes may also include substantial interest and penalty charges Any successful action by state foreign or other authorities to compel us to collect and remit sales tax use tax or other taxes either retroactively prospectively or both could harm our business results of operations and financial condition
Under Section 382 of the Internal Revenue Code of 1986 as amended if a corporation undergoes an ownership change generally defined as a greater than 50 change by value in its equity ownership over a three year period the corporation s ability to use its pre change net operating loss carry forwards and other pre change tax attributes such as research tax credits and distributed interest deduction carryover to offset its post change income may be limited We have experienced ownership changes in the past and any such ownership change in the future could result in increased future tax liability In addition we may experience ownership changes in the future as a result of subsequent shifts in our stock ownership As a result if we earn net taxable income our ability to use our pre change net operating loss carry forwards to offset U S federal taxable income may be subject to limitations which could potentially result in increased future tax liability to us
If we fail to maintain an effective system of disclosure controls and internal control over financial reporting our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired
The Sarbanes Oxley Act requires among other things that we maintain effective disclosure controls and procedures and internal control over financial reporting To satisfy this obligation we expend significant resources including accounting related costs and significant management oversight If any of these new or improved controls and systems do not perform as expected we may experience material weaknesses or significant deficiencies in our controls Our controls may also become inadequate because of changes in conditions in our business We may discover any such weaknesses or deficiencies in the future
Ineffective internal controls over financial reporting could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in our periodic reports that are filed with the SEC For example investors could lose confidence in our reported financial and other information we could fail to satisfy our SEC Nasdaq other reporting obligations or become subject to sanctions or investigations by regulators and our the price of our Class A common stock could decline
Changes in existing accounting or taxation rules or practices new accounting pronouncements or taxation rules or varying interpretations of current accounting pronouncements or taxation practice could harm our results of operations or the manner in which we conduct our business Further such changes could potentially affect our reporting of transactions completed before such changes are effective
GAAP are subject to interpretation by the Financial Accounting Standards Board FASB the SEC and various bodies formed to promulgate and interpret appropriate accounting principles A change in these principles or interpretations could have a significant effect on our reported financial results and could affect the reporting of transactions completed before the announcement of a change Adoption of such new standards and any difficulties in implementation of changes in accounting principles including the ability to modify our accounting systems could cause us to fail to meet our financial reporting obligations which could result in regulatory discipline and harm investors confidence in us
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances as provided in the section titled Management s Discussion and Analysis of Financial Condition and Results of Operations The results of these estimates form the basis for making judgments about the carrying values of assets liabilities and equity and the amount of revenue and expenses that are not readily apparent from other sources Significant assumptions and estimates used in preparing our consolidated financial statements include but are not limited to those referenced in the section titled Management s Discussion and Analysis of Financial Condition and Results of Operations Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions which could cause our
The trading price of our Class A common stock has been and in the future may be subject to substantial volatility and wide fluctuations For example from February 1 2024 through January 31 2025 the trading price of our Class A common stock has ranged from 70 56 per share to 114 50 per share The market price of our Class A common stock fluctuates significantly in response to numerous factors many of which are beyond our control including but not limited to the factors described elsewhere in these risk factors as well as
our ability to meet or exceed forward looking guidance we have given our ability to give forward looking guidance consistent with past practices and changes to or withdrawal of previous guidance or long range targets
In addition stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies Stock prices of many companies including technology companies and high growth unprofitable companies in particular have fluctuated in a manner unrelated or disproportionate to the operating performance of those companies In the past stockholders have instituted securities class action litigation following periods of market volatility Our involvement in securities litigation has in the past and could in the future subject us to substantial costs divert resources and the attention of management from our business and harm our business
The dual class structure of our common stock has the effect of concentrating voting control with those stockholders who held our capital stock prior to the completion of our IPO including our directors executive officers and their affiliates who held in the aggregate 35 3 of the voting power of our capital stock as of January 31 2025 This will limit or preclude your ability to influence corporate matters including the election of directors amendments of our organizational documents and any merger consolidation sale of all or substantially all of our assets or other major corporate transaction requiring stockholder approval
Our Class B common stock has ten votes per share and our Class A common stock has one vote per share As of January 31 2025 our directors executive officers and their affiliates held in the aggregate 35 3 of the voting power of our capital stock taking into account shares of our common stock subject to options that are currently exercisable or exercisable within 60 days of January 31 2025 and RSUs that are releasable within 60 days of January 31 2025 Because of the ten to one voting ratio between our Class B and Class A common stock the
holders of our Class B common stock collectively could continue to control nearly a majority of the combined voting power of our common stock and be able to effectively control all matters submitted to our stockholders for approval until April 12 2027 the date that is the ten year anniversary of the closing of our IPO This concentrated control may limit or preclude your ability to influence corporate matters for the foreseeable future including the election of directors amendments of our organizational documents
and any merger consolidation sale of all or substantially all of our assets or other major corporate transaction requiring stockholder approval In addition this may prevent or discourage unsolicited acquisition proposals or offers for our capital stock that you may feel are in your best interest as one of our stockholders
Future transfers by holders of Class B common stock will generally result in those shares converting to Class A common stock subject to limited exceptions such as certain transfers effected for estate planning purposes The conversion of Class B common stock to Class A common stock will have the effect over time of increasing the relative voting power of those holders of Class B common stock who have retained their shares
Sales of a substantial number of shares of our Class A common stock into the public market particularly sales by our directors executive officers and principal stockholders or the perception that these sales might occur could cause the market price of our Class A common stock to decline
In addition we have options outstanding that if fully exercised would result in the issuance of shares of our Class A and Class B common stock We also have restricted stock units RSUs outstanding that if vested and settled would result in the issuance of shares of Class A common stock All of the shares of Class A and Class B common stock issuable upon the exercise of stock options and vesting of RSUs and the shares reserved for future issuance under our equity incentive plans are registered for public resale under the Securities Act of 1933 as amended Securities Act Accordingly these shares will be able to be freely sold in the public market upon issuance subject to applicable vesting requirements
Furthermore a substantial number of shares of our Class A common stock is reserved for issuance upon the exercise of the Notes as defined below If we elect to satisfy our conversion obligation on the Notes solely in shares of our Class A common stock upon conversion of the Notes we will be required to deliver the shares of our Class A common stock together with cash for any fractional share on the second business day following the relevant conversion date
If securities or industry analysts do not publish or cease publishing research or publish inaccurate or unfavorable research about our business the price of our Class A common stock and trading volume could decline
The trading market for our Class A common stock will depend in part on the research and reports that securities or industry analysts publish about us or our business If industry analysts do not publish or cease publishing research on our company the trading price for our Class A common stock would be negatively affected If one or more of the analysts who cover us downgrade our Class A common stock or publish inaccurate or unfavorable research about our business our Class A common stock price would likely decline If one or more of these analysts cease coverage of us or fail to publish reports on us on a regular basis demand for our Class A common stock could decrease which might cause our Class A common stock price and trading volume to decline
We have never declared or paid any cash dividends on our common stock and do not intend to pay any cash dividends in the foreseeable future We anticipate that we will retain all of our future earnings for use in the operation of our business and for general corporate purposes Any determination to pay dividends in the future will be at the discretion of our board of directors Accordingly investors must rely on sales of their Class A common
Provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult limit attempts by our stockholders to replace or remove our current board of directors and limit the market price of our Class A common stock
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that
provide for a dual class common stock structure in which holders of our Class B common stock have the ability to effectively control the outcome of matters requiring stockholder approval even if they own significantly less than a majority of the outstanding shares of our Class A and Class B common stock including the election of directors and significant corporate transactions such as a merger or other sale of our company or its assets
Moreover Section 203 of the Delaware General Corporation Law may discourage delay or prevent a change in control of our company Section 203 imposes certain restrictions on mergers business combinations and other transactions between us and holders of 15 or more of our common stock
Our amended and restated bylaws designate a state or federal court located within the State of Delaware as the exclusive forum for certain litigation that may be initiated by our stockholders which could limit stockholders ability to obtain a favorable judicial forum for disputes with us
This choice of forum provision may limit a stockholder s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors officers or other employees which may discourage lawsuits with respect to such claims Alternatively if a court were to find the choice of forum provision contained in our amended and restated certificate of incorporation to be inapplicable or unenforceable in an action we may incur
We have issued convertible notes due in 2025 2025 Notes and 2026 2026 Notes and together with the 2025 Notes the Notes Our ability to make scheduled payments of the principal of to pay interest on or to refinance our indebtedness including the Notes depends on our future performance which is subject to economic financial competitive and other factors beyond our control Our business may not generate cash flow from operations in the future sufficient to service our debt and make necessary capital expenditures If we are unable to generate such cash flow we may be required to adopt one or more alternatives such as selling assets restructuring debt or obtaining additional debt financing or equity capital on terms that may be onerous or highly dilutive Our ability to refinance or raise any future indebtedness will depend on the capital markets and our financial condition at such time We may not be able to engage in any of these activities or engage in these activities on desirable terms which could result in a default on our debt obligations In addition any of our future debt agreements may contain restrictive covenants that may prohibit us from adopting any of these alternatives Our failure to comply with these covenants could result in an event of default which if not cured or waived could result in the acceleration of our debt
We may not have the ability to raise the funds necessary for cash settlement upon conversion of the Notes or to repurchase the Notes for cash upon a fundamental change and our future debt may contain limitations on our ability to pay cash upon conversion of the Notes or to repurchase the Notes
Holders of the Notes have the right to require us to repurchase their Notes upon the occurrence of a fundamental change as defined in the indentures governing their respective Notes at a repurchase price equal to 100 of the principal amount of the Notes to be repurchased plus accrued and unpaid interest if any Upon conversion of the Notes unless we elect to deliver solely shares of our Class A common stock to settle such conversion other than paying cash in lieu of delivering any fractional share we will be required to make cash payments in respect of the Notes being converted We may not have enough available cash or be able to obtain financing at the time we are required to make repurchases of Notes surrendered or Notes being converted In addition our ability to repurchase the Notes or to pay cash upon conversions of the Notes may be limited by law by regulatory authority or by agreements governing our future indebtedness Our failure to repurchase Notes at a time when the repurchase is required by the indenture governing such notes or to pay any cash payable on future conversions of the Notes as required by such indenture would constitute a default under such indenture A default under the indenture governing the Notes or the fundamental change itself could also lead to a default under agreements governing our future indebtedness If the repayment of the related indebtedness were to be accelerated after any applicable notice or grace periods we may not have sufficient funds to repay the indebtedness and repurchase the Notes or make cash payments upon conversions
Any of these factors could harm our business results of operations and financial condition In addition if we incur additional indebtedness the risks related to our business and our ability to service or repay our indebtedness would increase
In the event the conditional conversion features of the 2025 Notes and the 2026 Notes are triggered holders of the Notes will be entitled to convert the Notes as applicable at any time during specified periods at their option If one or more holders elect to convert their Notes unless we elect to satisfy our conversion obligation by delivering solely shares of our Class A common stock other than paying cash in lieu of delivering any fractional share we would be required to settle a portion or all of our conversion obligation through the payment of cash which could adversely affect our liquidity The conditional conversion features of the 2025 Notes were triggered as of January 31 2021 and the 2025 Notes were convertible at the option of the holders between February 1 2021 and April 30 2021 however as of January 31 2025 the conditions allowing holders of the 2025 Notes to convert were not met From the date of issuance through January 31 2025 the conditions allowing holders of the 2026 Notes to convert were not met
In addition even if holders do not elect to convert their Notes we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of the Notes as a current rather than long term liability which would result in a material reduction of our net working capital and could limit our ability to raise future capital As of January 31 2025 the 2025 Notes have been classified as a current liability on our balance sheet due to their upcoming maturity on September 1 2025
The conversion of some or all of the Notes would dilute the ownership interests of existing stockholders to the extent we satisfy our conversion obligation by delivering shares of our Class A common stock upon any conversion of such Notes Our 2025 Notes and 2026 Notes may become in the future convertible at the option of their holders under certain circumstances If holders of our Notes elect to convert their notes we may settle our conversion obligation by delivering to them a significant number of shares of our Class A common stock which would cause dilution to our existing stockholders We have in the past and may in the future engage in exchanges repurchase or induce conversions of the Notes Holders of the Notes that participate in any of these exchanges repurchases or induced conversions may enter into or unwind various derivatives with respect to our Class A common stock or sell shares of our Class A common stock in the open market to hedge their exposure in connection with these transactions These activities could decrease or reduce the size of any increase in the market price of our Class A common stock or the Notes or dilute the ownership interests of our stockholders In addition the market price of our Class A common stock is likely to be affected by short sales of our Class A common stock or the entry into or unwind of economically equivalent derivative transactions with respect to our Class A common stock by investors that do not participate in the exchange transactions and by the hedging activity of the counterparties to our capped call transactions Capped Calls or their respective affiliates
In addition in connection with the issuance of the 2025 Notes and 2026 Notes we entered into Capped Calls with certain financial institutions the Option Counterparties The Capped Calls are generally expected to reduce potential dilution to our Class A common stock upon any conversion or settlement of the 2025 Notes and 2026 Notes and or offset any cash payments we are required to make in excess of the principal amount of converted 2025 Notes and 2026 Notes as the case may be with such reduction and or offset subject to a cap If we unwind the Capped Calls in connection with Note repurchases or otherwise we would lose the anti dilutive impact of any unwound Capped Calls
From time to time the Option Counterparties or their respective affiliates may modify their hedge positions by entering into or unwinding various derivative transactions with respect to our Class A common stock and or purchasing or selling our Class A common stock or other securities of ours in secondary market transactions prior to the maturity of the Notes This activity could cause a decrease in the market price of our Class A common stock
Our success depends largely upon the continued services of our executive officers and other key employees From time to time there may be changes in our executive management team resulting from the hiring or departure of executives We do not have employment agreements with our executive officers or other key personnel that require them to continue to work for us for any specified period and they could terminate their employment with us at any time The loss of one or more of our executive officers or key employees and any failure to have in place and
execute an effective succession plan for key executives could harm our business In addition to execute our growth plan we must attract and retain highly qualified personnel Competition for these personnel in the San Francisco Bay Area where our headquarters is located and in other locations where we maintain offices is intense especially for engineers experienced in designing and developing software and SaaS applications and experienced sales professionals We have from time to time experienced and we expect to continue to experience difficulty in hiring and retaining employees with appropriate qualifications and may not be able to fill positions in the desired regions or at all Our efforts to attract new personnel may be compounded by intensified restriction on travel changes to immigration policy or the availability of work visas If we fail to attract new personnel or fail to retain and motivate our current personnel our business and future growth prospects could be harmed
Natural disasters or other catastrophic events may cause damage or disruption to our operations international commerce and the global economy and thus could harm our business We have a large employee presence in San Francisco California and the west coast of the United States contains active earthquake and wildfire zones which have the potential to disrupt our business
Communications systems and infrastructure could be damaged or interrupted at any time due to a major catastrophic event such as an earthquake hurricane fire or flood power loss or a telecommunications failure an unauthorized or malicious act such as a cyber attack war or terrorist attack a health epidemic or similar events or disruptions Such events could result in reputational harm delays in our application development breaches of data security and loss of critical data While we have backup systems for certain aspects of our operations disaster recovery planning by its nature cannot be sufficient for all eventualities In addition the insurance we maintain may be insufficient to compensate for losses from a major interruption
Cybersecurity risk management is an important part of our overall risk management efforts Okta Inc like other companies is subject to a wide variety of cybersecurity attacks on its systems networks and data on an ongoing basis and with increasing sophistication Given the evolving cybersecurity threat landscape facing us and our third party service providers we remain committed to protecting our systems internal networks and our customers systems and the information that we and they store and process
We have an established cybersecurity risk management program intended to protect the confidentiality integrity and availability of Okta Inc s critical systems internal networks and information This program implements policies processes and controls to respond to cybersecurity threats and mitigate business impacts Our board of directors the board has delegated to the cybersecurity risk committee of the board the cybersecurity risk committee oversight responsibility of the cybersecurity risk management program which includes a cybersecurity incident response plan
We devote significant resources including human and financial capital to create security measures configuration policies and response plans to address cybersecurity threats However as a well known provider of identity and security solutions Okta Inc is a particularly attractive target to threat actors For additional information related to these risks see
included under Part I Item 1A of this Annual Report on Form 10 K In the past we have experienced cybersecurity incidents and cannot anticipate when or the extent to which cybersecurity incidents will materially affect us or our customers use of our platforms in the future To date we have not identified any prior cybersecurity incidents that have materially affected or are reasonably likely to materially affect us including our operations business strategy results of operations or financial condition Despite our efforts we cannot eliminate all risks related to cybersecurity threats or incidents There can be no assurance that Okta Inc s cybersecurity risk management program and processes will be fully implemented Even if implemented they may not be complied with or may not effectively protect our systems and information or those of our customers
Cybersecurity is a top priority for Okta Inc Our cybersecurity strategy is to develop a consistent framework of security controls that can apply to all business functions To execute on this strategy we integrate cybersecurity risk management into our broader enterprise risk management program We also take a cross functional approach to cybersecurity risk management by engaging teams across the business including security technical operations
We design and assess our cybersecurity risk management program against the National Institute of Standards and Technology Cybersecurity Framework the NIST Framework This does not imply that Okta Inc s cybersecurity risk management program satisfies any particular specifications or requirements only that we use the NIST Framework to guide our efforts to improve our security posture Certain of our Okta Platform product offerings have attained multiple security certifications the details of which are described in Our Technology under Part I Item I of this Annual Report on Form 10 K
Our cybersecurity risk management program consists of technical and organizational safeguards aimed at protecting the confidentiality of our systems and platforms From time to time management will engage external consultants and advisors to perform independent assessments and testing of the cybersecurity risk management program or otherwise assist with aspects of the program and security controls
Our security governance risk and compliance team is responsible for maintaining Okta Inc s cybersecurity risk management framework and risk assessments and for tracking risk mitigation efforts This team together with our enterprise risk management team monitors and regularly reports on our cybersecurity risk profile Our internal audit team partners with these teams to provide input on the overall effectiveness of Okta Inc s security risk governance and management processes
We periodically perform security risk assessments to stay informed about relevant security risks Functional teams across the business assess risks associated with their specific activities following an established framework with supervision by the security governance risk and compliance team Okta Inc has a management level risk oversight committee led by internal audit and security risk management personnel that meets quarterly with other internal business leaders to review the results of these security risk assessments and evaluate the adequacy of any proposed mitigation plans
Our cybersecurity incident response plan outlines the processes and procedures for responding to remediating and resolving a security incident and defines the roles and responsibilities of company personnel and third party service providers who may assist in responding to such incidents In fiscal 2025 we conducted tabletop exercises involving multiple operational teams as well as an executive preparedness simulation with members of our management team to educate personnel on their roles in response scenarios
We require our employees and contractors to complete general cybersecurity awareness training at least annually These training sessions advise on employee responsibilities and relevant policies designed to protect us our information systems and data as well as our customers systems and data From time to time we may also require supplemental cybersecurity training for certain members of our workforce depending on their job responsibilities
We require high risk third party vendors suppliers and service providers to undergo a cybersecurity risk assessment prior to contracting with Okta Inc Certain third parties are monitored and reassessed on an ongoing basis depending on their level of risk or in the event of changes to their products or services
Our board oversees Okta Inc s enterprise risk management program of which cybersecurity is an important component To facilitate the board s supervision of cybersecurity matters the board formed the cybersecurity risk committee Among other responsibilities the cybersecurity risk committee provides oversight over the effectiveness of Okta Inc s cybersecurity program
The cybersecurity risk committee receives regular updates on our cybersecurity program from our chief security officer the CSO In addition management updates the cybersecurity risk committee as appropriate regarding cybersecurity incidents Our cybersecurity risk committee reports to the board on its activities In addition to receiving reports from the cybersecurity risk committee our board periodically receives cyber risk management program briefings directly from the CSO Additionally the audit committee of the board the audit committee
Our management team including the CSO is responsible for assessing and managing our risks from cybersecurity threats The CSO partners with the security technical operations legal internal audit engineering and product development teams to supervise both our cybersecurity program and our retained third party cybersecurity consultants and to stay informed on security at Okta Inc and the overall security landscape Our current CSO brings over 20 years of cybersecurity and risk management experience to his work at Okta Inc having held numerous security leadership positions in highly regulated industries such as finance His experience delivering cybersecurity at scale extends internationally and includes security and risk management roles at companies in Australia the United Kingdom and the United States The Okta Inc security team includes individuals with experience across a broad range of cybersecurity areas including product security cloud security infrastructure security security monitoring and incident response identity and access management vulnerability management and governance risk and compliance
Okta Inc s management team supervises efforts to prevent detect mitigate and remediate cybersecurity risks and incidents through various means which may include briefings from internal security and technical personnel threat intelligence and other information obtained from governmental public or private sources including third party consultants engaged by us and alerts and reports produced by security tools deployed in our technical environment
Our corporate headquarters is located in San Francisco California where we currently lease approximately 285 996 square feet under a lease as amended that expires in October 2028 We are entitled to two five year options to extend this lease subject to certain requirements We sublease approximately 111 168 square feet of space under this lease to third parties
We believe that our facilities are suitable to meet our current needs We intend to add new facilities as necessary as we add employees and enter new geographic markets and we believe that suitable additional or alternative space will be available as needed to accommodate any such growth
Our Class A common stock has been listed on the Nasdaq Global Select Market under the symbol OKTA since April 7 2017 Prior to that date there was no public trading market for our Class A common stock Our Class B common stock is not listed or traded on any stock exchange
As of February 27 2025 we had 56 holders of record of our Class A common stock and 15 holders of record of our Class B common stock The actual number of Class A beneficial stockholders is substantially greater than the number of holders of record because a large portion of our Class A common stock is held in street name by brokers and other nominees
We have never declared or paid cash dividends on our capital stock We currently intend to retain any future earnings for use in the operation of our business and do not intend to declare or pay any cash dividends in the foreseeable future Any further determination to pay dividends on our capital stock will be at the discretion of our board of directors subject to applicable laws and will depend on our financial condition results of operations capital requirements general business conditions and other factors that our board of directors considers relevant
This performance graph shall not be deemed soliciting material or to be filed with the Securities and Exchange Commission SEC for purposes of Section 18 of the Securities Exchange Act of 1934 as amended the Exchange Act or otherwise subject to the liabilities under that Section and shall not be deemed to be incorporated by reference into any filing of Okta Inc under the Securities Act of 1933 as amended Securities Act
The following graph shows a five year comparison of cumulative total return equal to dividends plus stock appreciation for our Class A common stock the Standard Poor s 500 Index S P 500 Index and Standard Poor s Information Technology Index S P 500 Information Technology Index All values assume a 100 initial investment and data for the S P 500 Index and S P 500 Information Technology Index assume reinvestment of dividends The comparisons are based on historical data and are not indicative of nor intended to forecast the future performance of our Class A common stock
The information required by this item with respect to our equity compensation plans is incorporated by reference to our 2025 Annual Report to Stockholders which includes our Proxy Statement for the 2025 Annual Meeting of Stockholders to be filed with the SEC within 120 days of the fiscal year ended January 31 2025
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this Annual Report on Form 10 K Amounts reported in millions are rounded based on the amounts in thousands As a result the sum of the components reported in millions may not equal the total amount reported in millions due to rounding In addition percentages presented may not add to their respective totals or recalculate due to rounding In addition to historical financial information the following discussion contains forward looking statements that are based upon current plans expectations and beliefs that involve risks and uncertainties Our actual results may differ materially from those anticipated in these forward looking statements as a result of various factors including those set forth under the section titled Risk Factors under Part I Item 1A of this Annual Report on Form 10 K Our fiscal year ends January 31 References to fiscal 2025 for example refer to the fiscal year ended January 31 2025
Okta Inc is the leading independent identity partner Our Okta Platform and Auth0 Platform enable our customers to securely connect the right people to the right technologies and services at the right time Every day thousands of organizations and millions of people use our platforms to securely access a wide range of cloud mobile web and Software as a Service SaaS applications on premises servers application programming interfaces IT infrastructure providers and services from a multitude of devices Employees and contractors sign into the Okta Platform to seamlessly and securely access the applications they need to do their most important work with more modern and secure experiences in the cloud and via mobile devices Developers leverage our Okta Platform and Auth0 Platform to securely and efficiently embed identity into the software they build allowing them to innovate and focus on their core mission
Given the growth trends in cloud adoption and the number of applications customers use and the movement to remote and hybrid workforces identity is becoming the most critical layer of an organization s security As organizations shift from network based security models to a Zero Trust security model focusing on adaptive and context aware controls identity has become the most reliable way to manage user access and protect digital assets Our approach to identity allows our customers to simplify and efficiently scale their security infrastructures across internal IT systems and external customer facing applications
As of January 31 2025 more than 19 650 customers across nearly every industry used our solutions to secure and manage identities around the world Our customers consist of leading global organizations ranging from the largest enterprises to small and medium sized businesses universities non profits and government agencies We also partner with leading application IT infrastructure and security vendors through our Okta Integration Network As of January 31 2025 we had over 7 000 integrations with these cloud mobile and web applications and IT infrastructure and security vendors
We employ a SaaS business model and generate revenue primarily by selling multi year subscriptions to our cloud based offerings We focus on attracting and retaining our customers and increasing the value we provide to them over time By retaining customers and increasing value we increase their spending with us through expanding the number of users who access our Okta Platform and Auth0 Platform and by selling additional product offerings We sell our product offerings directly through our field and inside sales teams as well as indirectly through our network of channel partners including resellers system integrators and other distribution partners Our subscription fees include the use of our service and our technical support and management of our platforms We base subscription fees primarily on the solutions used and the number of users on our platforms We typically invoice customers in advance in annual installments for subscriptions to our platforms
Our revenue is relatively predictable as a result of our subscription based business model which constituted approximately 98 of total revenue for fiscal 2025 Future growth may be impacted by longer sales cycles which we have experienced which in turn could result in delays in deals closing creating near term headwinds for cash flow remaining performance obligations RPO and billings growth as well as potential future impacts on revenue growth and other key metrics on a trailing basis
In the past we have experienced cybersecurity incidents such as the January 2022 incident involving one of our third party service providers and the October 2023 incident where a threat actor gained unauthorized access to and stole information from our third party customer support system that harmed our reputation and customer relations adversely impacted our financial results and may create additional liabilities While we expect the impact of these security incidents to adversely affect our future financial performance we cannot predict the extent of such impact with certainty Due to the nature of our business the announcement of any security incidents even if not significant could have these impacts
Worldwide economic and political uncertainties and negative trends including financial and credit market fluctuations tariffs and increasing trade protectionism changes in government spending levels uncertainty in the banking sector rising interest rates inflation and other impacts from the macroeconomic environment have and could continue to adversely affect our business operations or financial results As we continue to monitor the direct and indirect impacts of these circumstances the broader implications of these macroeconomic and political events on our business results of operations and overall financial position remain uncertain See the section titled
We operate our business as one reportable segment For fiscal 2025 2024 and 2023 our revenue was 2 610 million 2 263 million and 1 858 million respectively representing a growth rate of 15 and 22 in fiscal 2025 and 2024 respectively For fiscal 2025 we generated net income of 28 million and for fiscal 2024 and 2023 we generated net losses of 355 million and 815 million respectively Our accumulated deficit as of January 31 2025 was 2 802 million
We review a number of operating and financial metrics including the following key metrics to evaluate our business measure our performance identify trends affecting our business formulate business plans and make strategic decisions
As of January 31 2025 we had over 19 650 customers on our platforms Increasing awareness of our platforms and capabilities coupled with the mainstream adoption of cloud technology has expanded the diversity of our customer base to include organizations of all sizes across all industries Beginning in the first quarter of fiscal 2026 we will no longer provide the number of total customers as a business metric on which to evaluate the strength of our business
The number of customers who have greater than 100 000 in ACV with us was 4 800 4 485 and 3 930 as of January 31 2025 2024 and 2023 respectively We expect this trend to continue as larger enterprises recognize the value of our platforms and replace their legacy identity access management infrastructure We define a customer as a separate and distinct buying entity such as a company an educational or government institution or a distinct business unit of a large company that has an active contract with us or one of our partners to access our platforms
Part of our ability to generate revenue is dependent upon our ability to maintain our relationships with our customers and to increase their utilization of our platforms We believe we can achieve these goals by focusing on delivering value and functionality that enables us to both retain our existing customers and expand the number of users and solutions used within an existing customer One way that we assess our performance in this area by measuring our Dollar Based Net Retention Rate Our Dollar Based Net Retention Rate measures our ability to increase revenue across our existing customer base through expansion of users and solutions associated with a customer as offset by churn and contraction in the number of users and or solutions associated with a customer
Our Dollar Based Net Retention Rate is based upon our ACV which is calculated based on the terms of that customer s contract and represents the total contracted annual subscription amount as of that period end We calculate our Dollar Based Net Retention Rate as of a period end by starting with the ACV from all customers as of twelve months prior to such period end Prior Period ACV We then calculate the ACV from these same customers as of the current period end Current Period ACV Current Period ACV includes any upsells and is net of contraction or churn over the trailing twelve months but excludes ACV from new customers in the current period We then divide the Current Period ACV by the Prior Period ACV to arrive at our Dollar Based Net Retention Rate Our Dollar Based Net Retention Rate is inclusive of ACV from self service customers
Our Dollar Based Net Retention Rate is primarily attributable to our healthy gross retention an expansion of users and upselling additional solutions within our existing customers Larger enterprises often implement a limited initial deployment of our platforms before increasing their deployment on a broader scale The decrease in our Dollar Based Net Retention Rate as of January 31 2025 compared to January 31 2024 was primarily a result of the macroeconomic environment with overall ACV from existing customers increasing at a slower rate in the current period
RPO represent all future non cancelable contracted revenue under our subscription contracts with customers that has not yet been recognized inclusive of deferred revenue that has been invoiced and non cancelable amounts that will be invoiced and recognized as revenue in future periods Current RPO represents the portion of RPO expected to be recognized during the next 12 months RPO fluctuates due to a number of factors including the timing duration and dollar amount of customer contracts and fluctuations in foreign currency exchange rates
Subscription revenue primarily consists of fees for access to and usage of our cloud based platforms and related support Subscription revenue is driven primarily by the number of customers the number of users per customer and the solutions used We typically invoice customers in advance in annual installments for subscriptions to our platforms
Professional services revenue includes fees from assisting customers in implementing and optimizing the use of our solutions These services include application configuration system integration and training services
We generally invoice customers as the work is performed for time and materials arrangements and up front for fixed fee arrangements Professional services revenue is recognized as the services are performed
We allocate shared costs such as facilities costs including rent utilities and depreciation on assets shared by all departments certain information technology costs security costs and recruiting costs to all departments based on headcount As such allocated shared costs are reflected in each of the cost of revenue and operating
expense categories Employee compensation costs reflected in each of the cost of revenue and operating expense categories include salaries bonuses compensation related taxes benefits and stock based compensation Additionally included in the sales and marketing expense category are sales commissions and related taxes
Cost of subscription primarily consists of expenses related to hosting our services and providing support These expenses include employee related costs associated with our cloud based infrastructure our product security organization and our customer support organization third party hosting fees software and maintenance costs outside services associated with the delivery of our subscription services amortization expense associated with capitalized internal use software and acquired developed technology and allocated overhead
We intend to continue to invest additional resources in our platform infrastructure our platforms support organizations and security posture We will continue to invest in technology innovation and we anticipate that costs qualifying for capitalization of internal use software costs and related amortization may fluctuate over time We expect our investment in technology to expand the capability of our platform enabling us to improve our gross margin over time The level and timing of investment in these areas could affect our cost of subscription revenue in the future
Cost of professional services consists primarily of employee related costs for our professional services delivery team travel related costs allocated overhead and costs of outside services associated with supplementing our professional services delivery team The cost of providing professional services has historically been higher than the associated revenue we generate
Gross margin is gross profit expressed as a percentage of total revenue Our gross margin may fluctuate from period to period as a result of the timing and amount of investments to expand our hosting capacity and our continued efforts to build platform support and professional services teams
Sales and marketing expenses consist primarily of employee compensation costs costs of general marketing and promotional activities travel related expenses amortization expense associated with acquired customer relationships and trade names and allocated overhead Commissions earned by our sales force that are considered incremental and recoverable costs of obtaining a contract with a customer are deferred and then amortized on a straight line basis over a period of benefit that we have determined to be generally five years
General and administrative expenses consist primarily of employee compensation costs for finance accounting legal information technology and human resources personnel In addition general and administrative expenses include acquisition and integration related costs non personnel costs such as legal accounting and other professional fees charitable contributions and all other supporting corporate expenses such as information technology not allocated to other departments
Restructuring and other charges consist primarily of personnel costs such as notice period employee severance payments and termination benefits In addition restructuring and other charges include certain lease impairment charges
Interest and other net consists of interest expense which primarily includes amortization of debt issuance costs and contractual interest expense for our convertible senior notes interest income from our investment holdings gains on early extinguishment of debt and gains and losses from our strategic investments
A discussion regarding our financial condition and results of operations for fiscal 2025 compared to fiscal 2024 is presented below A discussion regarding our financial condition and results of operations for fiscal 2024 compared to fiscal 2023 can be found under Item 7 in our Annual Report on Form 10 K for fiscal 2024 filed with the SEC on March 1 2024 which is available free of charge on the SEC s website at www sec gov and our Investor Relations website at investor okta com
For fiscal 2025 the increase in subscription revenue was primarily due to an increase in users and sales of additional solutions to existing customers and the addition of new customers The increase in revenue was attributable to increased revenue from existing customers as reflected in our Dollar Based Net Retention Rate of 107 as of January 31 2025 and an increase in the number of customers as detailed in our Key Business Metrics
For fiscal 2025 cost of subscription revenue increased primarily due to an increase of 15 million in labor costs and an increase in stock based compensation of 7 million as we expanded our headcount Additionally third party hosting costs increased by 8 million as we expanded capacity to support our growth while software and consulting costs increased by 7 million and 4 million respectively
Our gross margin for subscription revenue improved from 77 to 79 during fiscal 2025 The increase was primarily driven by improved spend efficiency resulting in lower relative cost of subscription revenue
For fiscal 2025 cost of professional services and other revenue decreased due to a reduction in labor costs of 7 million and a decrease in stock based compensation of 3 million driven by lower headcount
Our gross margin for professional services and other revenue improved to 29 during fiscal 2025 from 36 during fiscal 2024 primarily due to improved spend efficiency resulting in lower relative cost of professional services and other
For fiscal 2025 research and development expenses decreased due to a reduction in stock based compensation expense of 61 million offset by increases in labor costs of 28 million hosting fees of 6 million and software costs of 2 million The decrease in research and development as a percentage of total revenue was primarily driven by improved spend efficiency
For fiscal 2025 sales and marketing expenses decreased primarily due to a reduction in labor costs of 34 million and a decrease in stock based compensation expense of 25 million driven by lower headcount The decrease in sales and marketing as a percentage of total revenue was primarily driven by improved spend efficiency We expect our sales and marketing expenses will continue to be our largest operating expense category for the foreseeable future We expect sales and marketing expenses as a percentage of total revenue to decrease as our total revenue grows
For fiscal 2025 general and administrative expenses decreased primarily due to a reduction in stock based compensation expense of 37 million offset by increases in consulting costs of 12 million labor costs of 9 million and software costs of 6 million The decrease in general and administrative as a percentage of total revenue was primarily driven by improved spend efficiency We expect general and administrative expenses as a percentage of total revenue to decrease as our total revenue grows
For fiscal 2025 restructuring and other charges decreased primarily due to the absence of lease impairments along with a smaller overall restructuring plan implemented in fiscal 2025 compared to fiscal 2024
For fiscal 2025 interest and other net decreased primarily due to a decrease in gains on early extinguishment of debt related to repurchases of the convertible senior notes offset by an increase in interest income from our short term investments
For fiscal 2025 income tax expense resulted primarily from income in profitable foreign jurisdictions federal and state taxes resulting from limitations on tax attribute utilization offset by the impact of tax windfalls from stock based compensation in the United States
For fiscal 2024 income tax expense resulted primarily from income in profitable foreign jurisdictions federal and state taxes resulting from tax attribution utilization limitations and the tax impact of shortfalls from stock based compensation in the United Kingdom
The Tax Cuts and Jobs Act of 2017 requires taxpayers to capitalize and amortize research and development expenses over five years for U S activities and 15 years for foreign activities per IRC Section 174 instead of deducting them in the year they were incurred Starting in fiscal 2023 this change has increased our U S federal and state cash taxes This impact is expected to continue in future years as our capitalized research and development expenses continue to increase
The Organization for Economic Cooperation and Development OECD and many countries have proposed to reallocate some portion of profits of large multinational companies with global revenues exceeding EUR 20 billion to markets where sales arise Pillar One as well as enacted a global minimum tax rate of at least 15 for multinationals with global revenues exceeding EUR 750 million Pillar Two with additional countries considering or intending to adopt these proposals In December 2022 the Council of the European Union EU formally adopted the EU Minimum Tax Directive which would require member states to adopt Pillar Two into their domestic law The directive requires the rules to initially become effective for fiscal years starting on or after December 31 2023 Certain jurisdictions in which we operate have enacted Pillar Two legislation with other countries considering changes to their tax laws to adopt the OECD s proposals The enactment of Pillar Two legislation is not expected to
have a material adverse effect on our effective tax rate financial position results of operations and cash flows We will continue to monitor and reflect the impact of such legislative changes in future financial statements as appropriate
We periodically evaluate the realizability of our deferred tax assets based on all available evidence both positive and negative The realization of the net deferred tax assets is dependent on our ability to generate sufficient future taxable income during the periods prior to the expiration of tax attributes to fully utilize these assets Given our current and anticipated future earnings we may release a significant portion of our valuation allowance if there is sufficient positive evidence that outweighs the negative evidence The release of the valuation allowance would result in the recognition of certain deferred tax assets and a corresponding decrease to income tax expense for the period the release is recorded However the exact timing and amount of any potential valuation allowance released is uncertain As of January 31 2025 we continue to maintain a full valuation allowance on our deferred tax assets in the United States
As of January 31 2025 our principal sources of liquidity were cash cash equivalents and short term investments totaling 2 523 million which were held for working capital and general corporate purposes including potential future acquisition activity Our cash equivalents and investments consisted primarily of U S treasury securities money market funds corporate debt securities and certificates of deposit Historically we have generated significant operating losses and both positive and negative cash flows from operations as reflected in our accumulated deficit and consolidated statements of cash flows
Recent macroeconomic events including rising interest rates global inflation and bank failures have led to further economic uncertainty in the global economy To mitigate risk our cash and cash equivalents are distributed across large financial institutions In addition we have policy restrictions in place on the types of securities that can be purchased as part of our available for sale securities portfolio These restrictions take credit quality liquidity and diversification into consideration among other criteria We continue to monitor the impacts of this situation however there can be no assurances that conditions in the banking sector and in global financial markets will not worsen and or adversely affect us
Effective the first quarter of fiscal 2025 we satisfy employee payroll tax withholding due upon the vesting of share based compensation awards with our own funds under the net share settlement approach Previously payroll tax withholding was satisfied via the sale of shares of our common stock in the open market The net share settlement approach reduces our equity dilution rate by covering such withholding tax obligations from existing cash reserves and impacts future liquidity The cash outflow to cover these tax obligations is classified as a financing activity in the statement of cash flows
In September 2019 we completed our private offering of the 2025 Notes due on September 1 2025 and received aggregate gross proceeds of 1 060 million The interest rate on the 2025 Notes is fixed at 0 125 per year and is payable semi annually in arrears on March 1 and September 1 of each year beginning on March 1 2020 In connection with the 2025 Notes we used a portion of the proceeds to enter into capped call transactions 2025 Capped Calls with respect to our Class A common stock As of January 31 2025 the 2025 Notes are classified as current liabilities due to their upcoming maturity on September 1 2025 and we currently intend to settle the principal amount of the 2025 Notes in cash
In June 2020 we completed our private offering of the 2026 Notes due on June 15 2026 and received aggregate gross proceeds of 1 150 million The interest rate on the 2026 Notes is fixed at 0 375 per year and is payable semi annually in arrears on June 15 and December 15 of each year beginning on December 15 2020 In connection with the 2026 Notes we used a portion of the proceeds to enter into capped call transactions 2026 Capped Calls with respect to our Class A common stock
In the ordinary course of our business we may at any time and from time to time seek to extinguish our outstanding Notes through cash purchases and or exchanges for equity in open market purchases privately negotiated transactions or otherwise Such extinguishments if any will be conducted on such terms and at such prices as we may determine and will depend on our evaluation of the prevailing market conditions trading price of the 2025 Notes and 2026 Notes collectively the Notes our liquidity requirements legal and contractual restrictions and other factors During fiscal 2025 we repurchased 42 million principal amount of the 2025 Notes for
40 million in cash and 258 million principal amount of the 2026 Notes for 240 million in cash which resulted in an aggregate gain on early extinguishment of debt of 19 million During fiscal 2024 we repurchased 508 million principal amount of the 2025 Notes for 462 million in cash and 542 million principal amount of the 2026 Notes for 475 million in cash which resulted in an aggregate gain on early extinguishment of debt of 106 million The 2025 Capped Calls and 2026 Capped Calls remained outstanding notwithstanding such repurchase We may however elect to terminate the 2025 Capped Calls or 2026 Capped Calls in full or in part In connection with any such termination the option counterparties or their respective affiliates are expected to modify their hedge positions which activity could affect the market price of our Class A common stock or the trading price of the Notes that remain outstanding See
On February 1 2024 we completed the acquisition of Spera Cybersecurity Inc and its subsidiary Spera an identity security platform provider The acquisition date cash consideration was 58 million Of this amount 12 million was transferred to an escrow fund as partial security for any purchase price adjustments and indemnification obligations and will be paid to the former Spera stockholders following the 18 month anniversary of the closing date less any such adjustments or indemnification obligations See
We believe our existing cash and cash equivalents our investments and cash provided by sales of our solutions will be sufficient to meet our short term and long term projected working capital and capital expenditure needs for the foreseeable future Our future capital requirements will depend on many factors including our subscription growth rate subscription renewal activity billing frequency the timing and extent of spending to support development efforts the expansion of sales and marketing activities the expansion of our international operations the introduction of new and enhanced product offerings and the continuing market adoption of our platforms We continue to assess our capital structure and evaluate the merits of deploying available cash We may in the future enter into arrangements to acquire or invest in complementary businesses services and technologies including intellectual property rights We may be required to seek additional equity or debt financing In the event that additional financing is required from outside sources we may not be able to raise it on terms acceptable to us or at all If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in new technologies this could reduce our ability to compete successfully and harm our results of operations
A significant majority of our customers pay in advance for annual subscriptions Therefore a substantial source of our cash is from our deferred revenue which is included on our consolidated balance sheet as a liability Deferred revenue consists of the unearned portion of billed fees for our subscriptions which is recognized as revenue in accordance with our revenue recognition policy As of January 31 2025 we had deferred revenue of 1 718 million of which 1 691 million was recorded as a current liability and is expected to be recorded as revenue in the next 12 months provided all other revenue recognition criteria have been met
Our largest source of operating cash is cash collections from our customers for subscription and professional services Our primary uses of cash from operating activities are for employee related expenditures marketing expenses and third party hosting costs
During fiscal 2025 cash provided by operating activities was 750 million an increase of 238 million compared to fiscal 2024 The increase was primarily attributable to an increase in cash received from customers and improved spend efficiency
During fiscal 2025 cash used in investing activities was 314 million compared to cash provided by investing activities of 441 million during fiscal 2024 The change was primarily attributable to a decrease in proceeds from maturities and sales of available for sale securities and an increase in payments for business acquisitions and purchases of securities available for sale and other
During fiscal 2025 cash used in financing activities was 359 million a decrease of 524 million compared to fiscal 2024 The decrease was primarily attributable to lower volume of payments made for repurchases of the Notes offset by the taxes paid related to net share settlement of equity awards during fiscal 2025
In the ordinary course of business we enter into agreements of varying scope and terms pursuant to which we agree to indemnify customers vendors lessors business partners and other parties with respect to certain matters including but not limited to losses arising out of the breach of such agreements services to be provided by us or from intellectual property infringement claims made by third parties In addition we have entered into indemnification agreements with our directors and certain officers and employees that will require us among other things to indemnify them against certain liabilities that may arise by reason of their status or service as directors officers or employees No material demands have been made upon us to provide indemnification under such agreements and there are no claims that we are aware of that could have a material effect on our consolidated balance sheets consolidated statements of operations and comprehensive loss or consolidated statements of cash flows
We prepare our consolidated financial statements in accordance with accounting principles generally accepted in the United States of America In the preparation of these consolidated financial statements we are required to make estimates and assumptions that affect the reported amounts of assets liabilities revenue costs and expenses and related disclosures To the extent that there are material differences between these estimates and actual results our financial condition or results of operations would be affected We base our estimates on past experience and other assumptions that we believe are reasonable under the circumstances and we evaluate these estimates on an ongoing basis We refer to accounting estimates of this type as critical accounting estimates which we discuss below
Income taxes are accounted for using the liability method Under this method deferred tax assets and liabilities are recognized for the expected future tax consequences of temporary differences between the financial reporting and tax basis of assets and liabilities as well as for operating loss and tax credit carryforwards Deferred tax assets and liabilities are measured using enacted tax rates that are expected to apply to taxable income for the years in which those tax assets and liabilities are expected to be realized or settled
Valuation allowances are established when necessary to reduce deferred tax assets to the amounts that are more likely than not expected to be realized based on the weighting of positive and negative evidence Future realization of deferred tax assets ultimately depends on the existence of sufficient taxable income of the appropriate character within the carry back or carry forward periods available under the applicable tax law In assessing the need for a valuation allowance we consider available evidence including past operating results estimates of future taxable income and the feasibility of tax planning strategies Our judgment regarding future estimates may change due to many factors including future market conditions and the ability to successfully execute our business plans and tax planning strategies Should there be a change in the ability to recover deferred tax assets our provision for income taxes would increase or decrease in the period in which the assessment is changed
Our tax positions are subject to income tax audits by multiple tax jurisdictions throughout the world We recognize the tax benefit of an uncertain tax position only if it is more likely than not that the position is sustainable upon examination by the taxing authority based on the technical merits Significant judgment is required in determining the technical merits of an uncertain tax position such as taking into account current tax laws our interpretation of current tax laws and possible outcomes of current and future audits conducted by foreign and domestic tax authorities We adjust these reserves in light of changing facts and circumstances such as the closing of a tax audit or the refinement of an estimate To the extent the final tax outcome of these matters is different than the amounts recorded such differences may impact the provision for income taxes in the period in which such determination is made
When we acquire a business the purchase price is allocated to the acquired assets including separately identifiable intangible assets and assumed liabilities at their respective estimated fair values Any residual purchase price is recorded as goodwill The allocation of the purchase price requires management to make significant
If the initial accounting for a business combination is not complete following the acquisition date we report provisional amounts for the known assets liabilities equity interests or items of consideration for which the accounting is incomplete at the end of the financial reporting period Provisional accounting is inherently subjective and judgmental The objective of the measurement period is to provide a reasonable period of time to obtain the information necessary to complete all aspects of business combination accounting with a high level of confidence During the measurement period which may be up to one year from the acquisition date adjustments to the reported provisional amounts may be recorded for which the accounting was incomplete with the corresponding offset to goodwill Should the accounting for a business combination be incomplete by the end of a reporting period that falls within the measurement period we report provisional amounts in our financial statements disclosing them as provisional and any material measurement period adjustments are identified as such Additional assets acquired or liabilities assumed in an acquisition that were not recognized at the acquisition date might be identified during the measurement period Upon the conclusion of the measurement period or final determination of the fair value of assets acquired or liabilities assumed whichever comes first no further adjustments are made
We evaluate contingent liabilities including threatened or pending litigation and make provisions for such liabilities when it is both probable that a loss has been incurred and its amount can be reasonably estimated Because of uncertainties inherent in litigation we base our estimate and accrue the liabilities if any on the information available at the time of our assessment Significant judgment is required to determine both the probability and the estimated amount of loss given such legal proceedings are inherently unpredictable and subject to significant uncertainties some of which are beyond our control Developments in these matters could affect the amount of any liability we may accrue As additional information becomes available we may revise our estimates Any revisions in the estimates of potential liabilities could have a material impact on our operating results and financial position Further until the final resolution of any such matter there may be a loss exposure in excess of the liability recognized and such amount could be significant
Our contracts with customers often contain multiple performance obligations For these contracts we account for individual performance obligations separately if they are distinct The transaction price of the contract is allocated to the separate performance obligations on a relative standalone selling price SSP basis Evaluating customer contracts with multiple performance obligations and complex terms may require significant judgment in identifying the distinct performance obligations
The functional currencies of our foreign subsidiaries are the respective local currencies Most of our sales are denominated in U S dollars and therefore our revenue is not currently subject to significant foreign currency risk Our operating expenses are denominated in the currencies of the countries in which our operations are located which are primarily in the United States the United Kingdom Canada and Australia Our consolidated results of operations and cash flows are therefore subject to fluctuations due to changes in foreign currency exchange rates and may be adversely affected in the future due to changes in foreign exchange rates To date we have not entered into any hedging arrangements with respect to foreign currency risk or other derivative financial instruments During fiscal 2025 2024 and 2023 a hypothetical 10 change in foreign currency exchange rates applicable to our business would not have had a material impact on our consolidated financial statements
We had cash cash equivalents and short term investments totaling 2 523 million as of January 31 2025 of which 2 362 million was invested in U S treasury securities money market funds corporate debt securities and certificates of deposit Our cash and cash equivalents are held for working capital and general corporate purposes including potential future acquisition activity Our short term investments are made for capital preservation purposes We do not enter into investments for trading or speculative purposes
Our cash equivalents and our investment portfolio are subject to market risk due to changes in interest rates Fixed rate securities may have their market value adversely affected due to a rise in interest rates Due in part to these factors our future investment income may fall short of our expectations due to changes in interest rates or we may suffer losses in principal if we are forced to sell securities that decline in market value due to changes in interest rates However because we classify our short term investments as available for sale no gains are recognized due to changes in interest rates As losses due to changes in interest rates are generally not considered to be credit related changes no losses in such securities are recognized due to changes in interest rates unless we intend to sell it is more likely than not that we will be required to sell we sell prior to maturity or we otherwise determine that all or a portion of the decline in fair value are due to credit related factors
As of January 31 2025 a hypothetical 10 relative change in interest rates would not have had a material impact on the value of our cash equivalents or investment portfolio Fluctuations in the value of our cash equivalents and investment portfolio caused by a change in interest rates gains or losses on the carrying value are recorded in other comprehensive income loss and are realized only if we sell the underlying securities prior to maturity
In September 2019 we issued the 2025 Notes due September 1 2025 with a principal amount of 1 060 million Concurrently with the issuance of the 2025 Notes we entered into separate capped call transactions The 2025 Capped Calls were completed to reduce the potential dilution from the conversion of the 2025 Notes As of January 31 2025 510 million principal amount of the 2025 Notes remain outstanding As of January 31 2025 the 2025 Notes are classified as current liabilities due to their upcoming maturity on September 1 2025
In June 2020 we issued the 2026 Notes due June 15 2026 with a principal amount of 1 150 million Concurrently with the issuance of the 2026 Notes we entered into separate capped call transactions The 2026 Capped Calls were completed to reduce the potential dilution from the conversion of the 2026 Notes As of January 31 2025 350 million principal amount of the 2026 Notes remain outstanding
The 2025 Notes and 2026 Notes have a fixed annual interest rate of 0 125 and 0 375 respectively accordingly we do not have economic interest rate exposure on the Notes However the fair value of the Notes is exposed to interest rate risk Generally the fair market value of the Notes will increase as interest rates fall and decrease as interest rates rise In addition the fair value of the Notes fluctuates when the market price of our common stock fluctuates The fair value was determined based on the quoted bid price of the Notes in an over the counter market on the last trading day of the reporting period See
to our consolidated financial statements Convertible Senior Notes Net for additional information Changes in the interest rate environment upon maturity of this fixed rate debt could have an effect on our future cash flows and earnings depending on whether the debt is replaced with other fixed rate debt variable rate debt or equity
We have audited the accompanying consolidated balance sheets of Okta Inc the Company as of January 31 2025 and 2024 the related consolidated statements of operations comprehensive income loss stockholders equity and cash flows for each of the three years in the period ended January 31 2025 and the related notes collectively referred to as the consolidated financial statements In our opinion the consolidated financial statements present fairly in all material respects the financial position of the Company at January 31 2025 and 2024 and the results of its operations and its cash flows for each of the three years in the period ended January 31 2025 in conformity with U S generally accepted accounting principles
We also have audited in accordance with the standards of the Public Company Accounting Oversight Board United States PCAOB the Company s internal control over financial reporting as of January 31 2025 based on criteria established in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission 2013 framework and our report dated March 5 2025 expressed an unqualified opinion thereon
These financial statements are the responsibility of the Company s management Our responsibility is to express an opinion on the Company s financial statements based on our audits We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U S federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB
We conducted our audits in accordance with the standards of the PCAOB Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement whether due to error or fraud Our audits included performing procedures to assess the risks of material misstatement of the financial statements whether due to error or fraud and performing procedures that respond to those risks Such procedures included examining on a test basis evidence regarding the amounts and disclosures in the financial statements Our audits also included evaluating the accounting principles used and significant estimates made by management as well as evaluating the overall presentation of the financial statements We believe that our audits provide a reasonable basis for our opinion
The critical audit matter communicated below is a matter arising from the current period audit of the financial statements that was communicated or required to be communicated to the audit committee and that 1 relates to accounts or disclosures that are material to the financial statements and 2 involved our especially challenging subjective or complex judgments The communication of the critical audit matter does not alter in any way our opinion on the consolidated financial statements taken as a whole and we are not by communicating the critical audit matter below providing a separate opinion on the critical audit matter or on the accounts or disclosures to which it relates
As explained in Note 2 to the consolidated financial statements the Company derives revenue from subscription fees and professional services fees The Company s arrangements are generally non cancelable and non refundable In addition the arrangements do not provide customers with the right to take possession of the software and as a result are accounted for as service arrangements Subscription revenue which includes support is recognized on a straight line basis over the non cancelable contractual term of the arrangement generally beginning on the date that the Company s service is made available to the customer Revenue for the Company s professional services is recognized as services are performed in proportion to their pattern of transfer
Auditing the Company s accounting for revenue recognition was challenging specifically related to the appropriate identification and evaluation of non standard terms and conditions for significant arrangements that involve negotiation of otherwise standard terms with the customer For example certain non standard terms and conditions required judgment to identify the distinct performance obligations
We obtained an understanding evaluated the design and tested the operating effectiveness of the Company s internal controls over the identification and evaluation of terms and conditions in contracts that impact revenue recognition including the identification of performance obligations
Among other procedures on a sample basis we tested the completeness and accuracy of management s identification and evaluation of the non standard terms and conditions in contracts Further we selected a sample of significant contractual arrangements that may involve negotiation of standard terms to test that management had properly assessed the impact of any non standard terms on the identified performance obligations Additionally to verify completeness of non standard terms and conditions we obtained confirmations of terms and conditions for a sample of arrangements with customers
We have audited Okta Inc s internal control over financial reporting as of January 31 2025 based on criteria established in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission 2013 framework the COSO criteria In our opinion Okta Inc the Company maintained in all material respects effective internal control over financial reporting as of January 31 2025 based on the COSO criteria
We also have audited in accordance with the standards of the Public Company Accounting Oversight Board United States PCAOB the consolidated balance sheets of the Company as of January 31 2025 and 2024 the related consolidated statements of operations comprehensive income loss stockholders equity and cash flows for each of the three years in the period ended January 31 2025 and the related notes and our report dated March 5 2025 expressed an unqualified opinion thereon
The Company s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting included in the accompanying Management s Report on Internal Control over Financial Reporting Our responsibility is to express an opinion on the Company s internal control over financial reporting based on our audit We are a public accounting firm registered with the PCAOB and are required to be independent with respect to the Company in accordance with the U S federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB
We conducted our audit in accordance with the standards of the PCAOB Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects
Our audit included obtaining an understanding of internal control over financial reporting assessing the risk that a material weakness exists testing and evaluating the design and operating effectiveness of internal control based on the assessed risk and performing such other procedures as we considered necessary in the circumstances We believe that our audit provides a reasonable basis for our opinion
A company s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles A company s internal control over financial reporting includes those policies and procedures that 1 pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the company 2 provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company and 3 provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition use or disposition of the company s assets that could have a material effect on the financial statements
Because of its inherent limitations internal control over financial reporting may not prevent or detect misstatements Also projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions or that the degree of compliance with the policies or procedures may deteriorate
Okta Inc the Company is the leading independent identity partner The Company s Okta Platform and Auth0 Platform enable customers to securely connect the right people to the right technologies and services at the right time Employees and contractors sign into the Okta Platform to seamlessly and securely access the applications they need to do their most important work with more modern and secure experiences in the cloud and via mobile devices Developers leverage the Okta Platform and Auth0 Platform to securely and efficiently embed identity into the software they build allowing them to innovate and focus on their core mission The Company is headquartered in San Francisco California
The accompanying consolidated financial statements which include the accounts of the Company and its wholly owned subsidiaries have been prepared in conformity with accounting principles generally accepted in the United States of America GAAP All intercompany balances and transactions have been eliminated in consolidation
The Company conducts business globally and is managed operated and organized by major functional departments that operate on a consolidated basis As a result the Company operates as one reportable segment The Company employs a SaaS business model and generates revenue primarily by selling multi year subscriptions to its cloud based offerings
The Company s chief operating decision maker CODM is the chief executive officer The CODM utilizes consolidated GAAP and non GAAP measures of profit and loss to evaluate the Company s overall performance and inform resource allocation to support strategic priorities and capital allocation needs The profit and loss measure most consistent with GAAP used by the CODM is consolidated net income loss
The CODM is regularly provided with budgeted expense information and consolidated expense data Accordingly significant segment expenses are inherently reflected in the consolidated financial statements and related notes
The preparation of consolidated financial statements in conformity with GAAP requires estimates judgments and assumptions that affect the reported amounts of assets and liabilities disclosure of contingent assets and liabilities at the date of the consolidated financial statements and the reported amounts of revenue and expenses during the reporting period Estimates are based on historical experience and on other assumptions that management believes are reasonable under the circumstances Actual results could vary from those estimates The Company s most significant estimates include the valuation of deferred income tax assets uncertain tax positions assets and liabilities acquired in business combinations and loss contingencies related to litigation
The functional currencies of the Company s foreign subsidiaries are the respective local currencies Translation adjustments arising from the use of differing exchange rates from period to period are included in accumulated other comprehensive loss within the consolidated statements of stockholders equity Foreign currency transaction gains and losses are included in interest and other net in the consolidated statements of operations and were not material in fiscal 2025 2024 or 2023 All assets and liabilities denominated in a foreign currency are translated into U S dollars at the exchange rate on the balance sheet date Revenue and expenses are translated at the average exchange rate during the period
Revenue is derived from subscription fees which include support fees and professional services fees The Company sells subscriptions to its platforms through arrangements that are generally one to five years in length The arrangements are generally non cancellable and non refundable Furthermore if a customer reduces the contracted usage or service level the customer has no right of refund The subscription arrangements do not provide customers with the right to take possession of the software supporting the platforms and as a result are accounted for as service arrangements This revenue recognition policy is consistent for sales generated directly with customers and sales generated indirectly through channel partners
Subscription revenue which includes support is recognized on a straight line basis over the non cancellable contractual term of the arrangement generally beginning on the date that the Company s service is made available to the customer
Professional services principally consist of customer specific requests for application integrations user interface enhancements and other customer specific requests Revenue for professional services is recognized as services are performed in proportion to their pattern of transfer
Some of the Company s contracts with customers contain multiple performance obligations For these contracts the Company accounts for individual performance obligations separately if they are distinct The transaction price is allocated to the separate performance obligations on a relative standalone selling price SSP basis
The Company determines SSP based on observable if available prices for those related services when sold separately When such observable prices are not available the Company determines SSP based on overarching pricing objectives and strategies taking into consideration market conditions and other factors including customer size volume purchased market and industry conditions product specific factors and historical sales of the deliverables Pricing objectives market conditions or other factors may change in the future resulting in changes to standalone selling prices that could impact the timing or amount of revenue recognition
Deferred revenue consists primarily of payments received and accounts receivable recorded in advance of revenue recognition under the Company s subscription and support services and professional services arrangements The Company primarily invoices its customers for its subscription services arrangements annually in advance The Company s payment terms generally provide that customers pay the invoiced portion of the total arrangement fee within 30 days of the invoice date Amounts anticipated to be recognized within one year of the balance sheet date are recorded as deferred revenue current the remaining portion is recorded as deferred revenue noncurrent in the consolidated balance sheets
Sales commissions earned by the Company s sales force are generally considered incremental and recoverable costs of obtaining a contract with a customer Sales commissions for new revenue contracts including incremental sales to existing customers are deferred and then amortized on a straight line basis over a period of benefit which is determined to be generally five years The Company determined the period of benefit by taking into consideration the terms of its customer contracts its technology and other factors Sales commissions for renewal contracts are deferred and then amortized on a straight line basis over the contractual term
Sales commissions capitalized as contract costs totaled 186 million and 158 million in fiscal 2025 and 2024 respectively Amortization of contract costs totaled 130 million 104 million and 84 million in fiscal 2025 2024 and 2023 respectively Amortization expense is included in sales and marketing expenses in the accompanying consolidated statements of operations
Costs of revenue primarily consist of costs related to providing the Company s cloud based platforms to its customers including third party hosting fees amortization of capitalized internal use software and finite lived purchased developed technology customer support other employee related expenses for security technical operations and professional services staff and allocated overhead costs
Qualifying internally developed software development costs including the associated stock based compensation expenses are capitalized during the application development stage as long as management has authorized and committed to funding the project it is probable the project will be completed and the software will be used to perform the function intended Capitalization of such costs ceases once the project is substantially complete and ready for its intended use Capitalized software development costs are included in Intangible assets net on the consolidated balance sheets and are amortized on a straight line basis over an expected useful life of 3 years
Restructuring generally includes significant actions involving employee related severance charges facilities consolidation and contract termination costs Employee related severance charges are largely based upon substantive severance plans while some are mandated requirements in certain foreign jurisdictions Severance costs generally include severance payments outplacement services health insurance coverage and legal costs These charges are reflected in the period when both the actions are probable at the balance sheet date and the amounts are reasonably estimable Right of use asset impairments are recognized on the date the premises have been vacated or the Company have ceased use of the leased facilities
The Company s equity incentive plans provide for granting stock options restricted stock units RSUs restricted stock awards to employees consultants officers and directors and RSUs with market based vesting conditions to certain executives In addition the Company offers an employee stock purchase program ESPP to eligible employees
Stock based compensation expense related to stock awards including stock options RSUs market based RSUs and ESPP is measured based on the fair value of the awards granted and recognized as an expense over the requisite service period
The fair value of each option and ESPP awards are estimated on the grant date using the Black Scholes option pricing model which requires the use of various assumptions including the expected term of the award the expected volatility of the price of the underlying common stock risk free interest rates and expected dividend yield of the underlying common stock Stock based compensation expense is recognized following the straight line attribution method over the requisite service period for options and over the offering period for ESPP awards The expected term of the Company s stock options which were last granted to employees in fiscal 2022 was determined utilizing the simplified method due to lack of historical exercise data The expected volatility was determined using a weighted average of the historical volatility measures of a group of guideline companies and the Company s own historical volatility The risk free interest rate was based on the U S Treasury yield in effect at the time of grant for a period consistent with the expected term of the award The expected dividend was assumed to be zero as the Company has never declared or paid any cash dividends and do not currently intend to declare dividends in the foreseeable future
The fair value of each RSU award is based on the fair value of the underlying common stock as of the grant date Stock based compensation expense is recognized on a straight line basis over the requisite service period generally three to four years
The fair value of each market based RSU award is measured using a Monte Carlo simulation valuation model which requires the use of various assumptions including the stock price volatility and risk free interest rate as of the valuation date corresponding to the length of time remaining in the performance period Stock based compensation expense for awards with market conditions is recognized over the requisite service period using the accelerated attribution method and is not reversed if the market condition is not met
The assumptions used to determine the fair value of the stock awards represent management s best estimates These estimates involve inherent uncertainties and the application of management s judgment Forfeitures are accounted for as they occur
Deferred tax assets and liabilities are recognized for the future tax consequences attributable to differences between the financial statement carrying amounts of assets and liabilities and their respective tax basis Deferred tax assets are also recognized for operating losses and tax credit carry forwards Valuation allowances are recorded to reduce deferred tax assets when it is more likely than not that a tax benefit will not be realized Management considers all positive and negative evidence in evaluating the Company s ability to realize its deferred tax assets for example its historical results and forecasts of future ability to realize its deferred tax assets including forecasts of future taxable income by jurisdiction Deferred tax assets and liabilities are measured using enacted tax rates applicable in the years in which they are expected to be recovered or settled The effect on deferred tax assets and liabilities of a change in tax law is recognized in the provision for income taxes in the period that includes the enactment date
The Company does not provide for income taxes on undistributed earnings of subsidiaries that are intended to be indefinitely reinvested Where the Company does not intend to indefinitely reinvest subsidiary earnings income and withholding taxes as applicable are provided on such undistributed earnings
The calculation of tax liabilities involves dealing with uncertainties in the application of complex tax regulations The Company determines if the weight of available evidence indicates that it is more likely than not that a tax position will be sustained on tax audit assuming that all issues are audited and resolution of any related appeals or litigation processes are considered The tax benefit is then measured as the largest amount that is more than 50 likely to be realized upon ultimate settlement The reserves for uncertain tax positions are adjusted as facts and circumstances change for example on closing of a tax audit expiration of statutes of limitation on potential assessments or refinement of an estimate To the extent that the final outcome of these matters is different than the amounts recorded such differences will impact the provision for income taxes in the period in which such a determination is made The provisions for income taxes include the impact of reserves for uncertain tax positions along with the related interest and penalties
Cash and cash equivalents consist of cash on hand and highly liquid investments with original maturities of three months or less from the date of purchase Cash equivalents generally consist of investments in money market
The Company s short term investments comprise of U S treasury securities corporate debt securities and certificates of deposit The Company determines the appropriate classification of its short term investments at the time of purchase and reevaluates such designation at each balance sheet date The Company has classified and accounted for its short term investments as available for sale securities as the Company may sell these securities at any time for use in its current operations or for other purposes even prior to maturity As a result short term investments including securities with stated maturities beyond twelve months are classified within current assets in the consolidated balance sheets
Available for sale securities are recorded at fair value each reporting period and are periodically evaluated for impairment For unrealized losses in securities that the Company intends to hold and will not more likely than not be required to sell before recovery the Company further evaluates whether declines in fair value below amortized cost are due to credit or non credit related factors
The Company considers credit related impairments to be changes in value that are driven by a change in the creditor s ability to meet its payment obligations and records an allowance and recognizes a corresponding loss in interest income and other net when the impairment is incurred Unrealized non credit related losses and unrealized gains are reported as a separate component of accumulated other comprehensive loss in the consolidated balance sheets until realized Realized gains and losses are determined based on the specific identification method and are reported in interest income and other net in the consolidated statements of operations
The Company s strategic investments consist primarily of equity investments in privately held companies and are included in Other assets on the consolidated balance sheets Investments in privately held companies without readily determinable fair values in which the Company does not own a controlling interest or have significant influence over are measured using the measurement alternative In applying the measurement alternative the Company adjusts the carrying values of strategic investments based on observable price changes from orderly transactions for identical or similar investments of the same issuer Additionally the Company evaluates its strategic investments at least quarterly for impairment Adjustments and impairments are recorded in Interest and other net on the consolidated statements of operations
In determining the estimated fair value of its strategic investments in privately held companies the Company uses the most recent and available data Valuations of privately held securities are inherently complex due to the lack of readily available market data and require the use of judgment The determination of whether an orderly transaction is for an identical or similar investment requires use of significant judgment In its evaluation the Company considers factors such as differences in the rights and preferences of the investments and the extent to which those differences would affect the fair values of those investments The Company s impairment analysis encompasses an assessment of both qualitative and quantitative factors including the investee s financial metrics market acceptance of the investee s product or technology general market conditions and liquidity considerations
Accounts receivable are recorded at the invoiced amount net of allowances These allowances are based on the Company s assessment of the collectibility of accounts by considering the age of each outstanding invoice the collection history of each customer and an evaluation of current expected risk of credit loss based on current economic conditions and reasonable and supportable forecasts of future economic conditions over the life of the receivable The Company assesses collectibility by reviewing accounts receivable on an aggregated basis where similar characteristics exist and on an individual basis when specific customers with collectibility issues are identified Amounts deemed uncollectible are recorded as an allowance in the consolidated balance sheets with an offsetting decrease in deferred revenue or a charge to general and administrative expense in the consolidated statements of operations
Property and equipment net is stated at cost less accumulated depreciation Depreciation is recorded using the straight line method over the estimated useful lives of the respective assets Repairs and maintenance costs are expensed as incurred
Business combinations are accounted for under the acquisition method of accounting which requires the acquired assets including separately identifiable intangible assets and assumed liabilities to be recorded as of the acquisition date at their respective estimated fair values Any excess of the purchase price over the fair value of the assets acquired including separately identifiable intangible assets and liabilities assumed is recorded as goodwill
The determination of the fair value of assets acquired and liabilities assumed involves assessments of factors such as the expected future cash flows associated with individual assets and liabilities and appropriate discount rates at the date of the acquisition Significant management inputs used in the estimation of fair value of assets acquired and liabilities assumed include but are not limited to expected future cash flows future changes in technology estimated replacement costs person hours required in recreating certain acquired technologies discount rates and assumptions about the period of time the brand will continue to be used in the Company s portfolio Where appropriate external advisers are consulted to assist in the determination of fair value For non observable market values fair value has been determined using acceptable valuation methods The Company uses its best estimates and assumptions to assign fair value to the tangible and intangible assets acquired and liabilities assumed at the acquisition date The Company s estimates are inherently uncertain and subject to refinement During the measurement period which may be up to one year from the acquisition date the Company may record adjustments to the fair value of these tangible and intangible assets acquired and liabilities assumed with the corresponding offset to goodwill The results of operations for businesses acquired are included in the financial statements from the acquisition date Acquisition related expenses and post acquisition restructuring costs are recognized separately from the business combination and are expensed as incurred
Goodwill represents the excess of the purchase price over the estimated fair value of net assets of businesses acquired in a business combination Goodwill amounts are not amortized Goodwill is tested for impairment annually on the first day of the fourth quarter of each fiscal year or whenever events or changes in circumstances indicate the carrying amount of goodwill may not be recoverable The Company operates as a single operating segment
Management has the option to first perform a qualitative assessment to determine whether it is more likely than not that the fair value of the Company s reporting unit is less than the carrying amount including goodwill The Company also has the option which the Company has elected to bypass the qualitative assessment and perform the quantitative assessment The quantitative assessment involves comparing the fair value of the reporting unit to its carrying value including goodwill An impairment charge is recognized for the amount by which the carrying amount exceeds the reporting unit s fair value not to exceed the total amount of goodwill allocated to that reporting unit No goodwill impairments were recorded during the years presented based on the assessments performed
Long lived assets such as property and equipment and finite lived intangible assets subject to amortization are reviewed for impairment whenever events or changes in circumstances indicate that the carrying amount of such assets may not be recoverable Recoverability of assets to be held and used is measured by comparing the carrying amount to the estimated undiscounted future cash flows expected to be generated If the carrying amount exceeds the undiscounted cash flows the assets are determined to be impaired and an impairment charge is recognized as the amount by which the carrying amount exceeds its fair value Intangible assets with finite lives are amortized on a straight line basis over their estimated useful lives
The Company leases office space under operating leases with expiration dates through 2030 The Company determines whether an arrangement constitutes a lease and records lease liabilities and right of use assets on its consolidated balance sheets at lease commencement Lease liabilities are measured based on the present value of the total lease payments not yet paid discounted based on the more readily determinable of either the rate implicit in the lease or the incremental borrowing rate which is the estimated rate the Company would be required to pay for a collateralized borrowing equal to the total lease payments over the term of the lease The estimation of the incremental borrowing rate is based on an estimate of the Company s unsecured borrowing rate adjusted for tenor and collateralized security features Lease liabilities due within twelve months are included within accrued expenses and other current liabilities on the consolidated balance sheet Right of use assets are measured based on the corresponding lease liability adjusted for i payments made to the lessor at or before the commencement date ii initial direct costs incurred and iii tenant incentives received incurred or payable under the lease Recognition of rent expense begins when the lessor makes the underlying asset available to the Company The Company does not assume renewals or early terminations of its leases unless it is reasonably certain to exercise these options at commencement and does not allocate consideration between lease and non lease components
For leases with a lease term of 12 months or less short term leases rent expense is recorded in the consolidated statements of operations on a straight line basis over the lease term and records variable lease payments as incurred
The Company is periodically involved in various legal claims and proceedings The Company routinely reviews the status of each significant matter and assesses its potential financial exposure If the potential loss from any matter is considered probable and the amount can be reasonably estimated the Company records a liability for the estimated loss If either or both of the criteria for recording the liability are not met the Company assesses whether there is at least a reasonable possibility that a loss or additional losses may have been incurred If there is a reasonable possibility that a loss may have been incurred the Company discloses the estimate of the amount of loss or range of loss discloses that the amount is immaterial or discloses that an estimate of loss cannot be made as applicable Because of inherent uncertainties related to these legal matters the Company bases its loss accruals on the best information available at the time As additional information becomes available the Company reassesses its potential liability and may review its estimates Actual outcomes of these legal and regulatory proceedings may differ materially from the Company s estimates
Financial instruments that are exposed to concentrations of credit risk consist primarily of cash and cash equivalents short term investments and accounts receivable The Company s short term investments are primarily intended to facilitate liquidity and capital preservation and consist predominately of highly liquid investment grade fixed income securities diversified among industries and individual issuers The Company s policy is designed to limit exposure from any particular issuer or institution
Credit risk arising from accounts receivable is mitigated due to the large number of customers and their dispersion across various industries and geographies For the periods presented there were no customers that represented more than 10 of the Company s accounts receivable balance or total revenue
The Company serves customers and users from data center facilities located across various different physical locations such as the U S Europe and Asia Pacific most of which are operated by a single third party The Company has disaster recovery protocols at the third party service providers Even with these procedures for disaster recovery in place access to the Company s service could be significantly interrupted resulting in an adverse effect on its operating results and financial condition
The Company computes basic and diluted net income loss per share attributable to common stockholders for Class A and Class B common stock using the two class method required for participating securities Under the two class method basic net income loss per share attributable to common stockholders is computed by dividing the net income loss attributable to common stockholders by the weighted average number of shares of common stock outstanding during the period
Diluted earnings per share attributable to common stockholders is computed by giving effect to all potential shares of common stock including shares underlying convertible senior notes unvested RSUs outstanding stock options unvested common stock and restricted stock issued in connection with certain business combinations and ESPP obligations to the extent they are dilutive The dilutive effect of potentially dilutive common shares included in diluted earnings per share is determined in accordance with the treasury stock if converted or contingently issuable accounting methods depending on the nature of the security
In November 2023 the Financial Accounting Standards Board FASB issued guidance which requires potential disclosure of incremental segment information on an annual and interim basis This guidance is effective for fiscal years beginning after December 15 2023 and interim periods within fiscal years beginning after December 15 2024 and requires retrospective application to all prior periods presented in the financial statements The Company adopted this guidance in fiscal 2025 with no material impact to its consolidated financial statements
In December 2023 the FASB issued guidance to provide disaggregated income tax disclosures on the rate reconciliation and income taxes paid This guidance is effective for annual periods beginning after December 15 2024 with early adoption permitted The Company intends to adopt this guidance in fiscal 2026 and expects the adoption of the updated guidance to result in disclosure of additional disaggregated tax information
In November 2024 the FASB issued guidance requiring the disclosure in the notes to financial statements of specified disaggregated income statement expense information This guidance is effective for annual periods beginning after December 15 2026 and interim reporting periods beginning after December 15 2027 with early adoption permitted The Company is currently evaluating the impact of this guidance
The following table summarizes the Company s restructuring liability related to severance and termination benefit costs that is included in Accrued expenses and other current liabilities on the consolidated balance sheets
The 2024 Restructuring Plan involved a reduction of the Company s workforce by approximately 400 full time employees The 2024 Restructuring Plan was substantially complete by the first quarter of fiscal 2025 and the Company recognized aggregate restructuring costs of 24 million in fiscal 2024
The 2023 Restructuring Plan involved a reduction of the Company s workforce by approximately 300 full time employees The 2023 Restructuring Plan was substantially complete by the first quarter of fiscal 2024 and the Company recognized aggregate restructuring costs of 15 million in fiscal 2023
Additionally during fiscal 2023 the Company implemented a real estate optimization plan which provided for closing duplicative sites and decommissioning underutilized offices and floors As result the Company recognized non cash lease impairment charges of
Financial assets are measured at fair value each reporting period using a fair value hierarchy that prioritizes the use of observable inputs and minimizes the use of unobservable inputs when measuring fair value A financial instrument s classification within the fair value hierarchy is based upon the lowest level of input that is significant to the fair value measurement
Strategic investments primarily include equity investments in privately held companies which do not have a readily determinable fair value Strategic investments are classified as Level 3 in the fair value hierarchy as nonrecurring fair value measurements may include observable and unobservable inputs As of January 31 2025 and 2024 the balance of strategic investments was 30 million and 26 million respectively
Deferred revenue which is a contract liability consists primarily of payments received and accounts receivable recorded in advance of revenue recognition under the Company s contracts with customers and is recognized as the revenue recognition criteria are met
Transaction price allocated to the remaining performance obligations represents all future non cancelable contracted revenue that has not yet been recognized inclusive of deferred revenue that has been invoiced and non cancelable amounts that will be invoiced and recognized as revenue in future periods
Company expects to recognize revenue of approximately 2 248 million or 53 over the next 12 months with the balance to be recognized as revenue thereafter Remaining performance obligations for professional services and other contracts as of January 31 2025 were not material
During fiscal 2025 the Company repurchased 42 million principal amount of the 2025 Notes for 40 million in cash and 258 million principal amount of the 2026 Notes for 240 million in cash resulting in a gain on early extinguishment of debt of 19 million
During fiscal 2024 the Company repurchased 508 million principal amount of the 2025 Notes for 462 million in cash and 542 million principal amount of the 2026 Notes for 475 million in cash resulting in a gain on early extinguishment of debt of 106 million
The 2025 Notes are senior unsecured obligations of the Company and bear interest at a fixed rate of 0 125 per year Interest is payable in cash semi annually in arrears on March 1 and September 1 of each year beginning on March 1 2020 The 2025 Notes mature on September 1 2025 unless earlier redeemed repurchased or converted
The terms of the 2025 Notes are governed by an Indenture by and between the Company and Wilmington Trust National Association as Trustee the 2025 Indenture Upon conversion the 2025 Notes may be settled in cash shares of Class A common stock or a combination of cash and shares of Class A common stock at the Company s election
The 2025 Notes are convertible at an initial conversion rate of 5 2991 shares of Class A common stock per 1 000 principal amount of the 2025 Notes which is equal to an initial conversion price of approximately 188 71 per share of Class A common stock subject to adjustment under certain circumstances in accordance with the terms of the 2025 Indenture Prior to the close of business on the business day immediately preceding June 1 2025 holders of the 2025 Notes may convert all or a portion of their 2025 Notes only in multiples of 1 000 principal amount under the following circumstances
during any fiscal quarter commencing after the fiscal quarter ending on January 31 2020 and only during such fiscal quarter if the last reported sale price of Class A common stock for at least 20 trading days whether or not consecutive during the period of 30 consecutive trading days ending on and including the last trading day of the immediately preceding fiscal quarter is greater than or equal to 130 of the conversion price of the 2025 Notes on each applicable trading day
during the five business day period after any five consecutive trading day period in which the trading price per 1 000 principal amount of the 2025 Notes for each trading day of that five consecutive trading day period was less than 98 of the product of the last reported sale price of Class A common stock and the conversion rate on such trading day
On or after June 1 2025 until the close of business on the second scheduled trading day immediately preceding the maturity date holders may convert all or any portion of their 2025 Notes regardless of the foregoing circumstances During the three months ended January 31 2025 the conditions allowing holders of the 2025 Notes to convert during the three months ending April 30 2025 were not met As of January 31 2025 the 2025 Notes are classified as current liabilities due to their upcoming maturity on September 1 2025
The Company may redeem for cash all or any portion of the 2025 Notes at its option on or after September 6 2022 if the last reported sale price of the Company s Class A common stock has been at least 130 of the conversion price then in effect for at least 20 trading days whether or not consecutive during any 30 consecutive trading day period including the last trading day of such period ending on and including the trading day preceding the date on which the Company provides notice of redemption at a redemption price equal to 100 of the principal amount of the 2025 Notes to be redeemed plus any accrued and unpaid interest to but excluding the redemption date
Holders of the 2025 Notes who convert their 2025 Notes in connection with certain corporate events that constitute a make whole fundamental change as defined in the 2025 Indenture or in connection with the Company s issuance of a redemption notice are under certain circumstances entitled to an increase in the conversion rate Additionally in the event of a corporate event that constitutes a fundamental change as defined in the 2025 Indenture holders of the 2025 Notes may require the Company to repurchase all or a portion of their 2025 Notes at a price equal to 100 of the principal amount of the 2025 Notes being repurchased plus any accrued and unpaid interest
In connection with the pricing of the 2025 Notes the Company entered into capped call transactions with respect to its Class A common stock The 2025 Capped Calls are purchased call options that give the Company the option to purchase approximately 6 million shares subject to anti dilution adjustments substantially identical to those in the 2025 Notes of its Class A common stock for approximately 188 71 per share subject to adjustment corresponding to the approximate initial conversion price of the 2025 Notes exercisable upon conversion of the 2025 Notes The 2025 Capped Calls have initial cap prices of 255 88 per share subject to adjustment and will expire in 2025 if not exercised earlier The 2025 Capped Calls are intended to offset potential dilution to the Company s Class A common stock and or offset the potential cash payments that the Company could be required to make in excess of the principal amount upon any conversion of the 2025 Notes under certain circumstances The 2025 Capped Calls are separate transactions and are not part of the terms of the 2025 Notes The 2025 Capped Calls meet the criteria for classification as equity and as such are not remeasured each reporting period
The 2026 Notes are senior unsecured obligations of the Company and bear interest at a fixed rate of 0 375 per year Interest is payable in cash semi annually in arrears on June 15 and December 15 of each year beginning on December 15 2020 The 2026 Notes mature on June 15 2026 unless earlier redeemed repurchased or converted
The terms of the 2026 Notes are governed by an Indenture by and between the Company and Wilmington Trust National Association as Trustee the 2026 Indenture Upon conversion the 2026 Notes may be settled in cash shares of Class A common stock or a combination of cash and shares of Class A common stock at the Company s election
The 2026 Notes are convertible at an initial conversion rate of 4 1912 shares of Class A common stock per 1 000 principal amount of the 2026 Notes which is equal to an initial conversion price of approximately 238 60 per share of Class A common stock subject to adjustment under certain circumstances in accordance with the terms of the 2026 Indenture Prior to the close of business on the business day immediately preceding March 15 2026 holders of the 2026 Notes may convert all or a portion of their 2026 Notes only in multiples of 1 000 principal amount under the following circumstances
during any fiscal quarter commencing after the fiscal quarter ending on October 31 2020 and only during such fiscal quarter if the last reported sale price of the Company s Class A common stock for at least 20 trading days whether or not consecutive during the period of 30 consecutive trading days ending on and including the last trading day of the immediately preceding fiscal quarter is greater than or equal to 130 of the conversion price of the 2026 Notes on each applicable trading day
during the five business day period after any five consecutive trading day period in which the trading price per 1 000 principal amount of the 2026 Notes for each trading day of that five consecutive trading day period was less than 98 of the product of the last reported sale price of the Company s Class A common stock and the conversion rate on such trading day
On or after March 15 2026 until the close of business on the second scheduled trading day immediately preceding the maturity date holders may convert all or any portion of their 2026 Notes regardless of the foregoing circumstances During the three months ended January 31 2025 the conditions allowing holders of the 2026 Notes to convert during the three months ending April 30 2025 were not met and as a result the 2026 Notes were classified as noncurrent liabilities as of January 31 2025
The Company may redeem for cash all or any portion of the 2026 Notes at its option on or after June 20 2023 if the last reported sale price of the Company s Class A common stock has been at least 130 of the conversion price then in effect for at least 20 trading days whether or not consecutive including the trading day immediately preceding the date on which the Company provides notice of redemption during any 30 consecutive trading day period ending on and including the trading day preceding the date on which the Company provides
Holders of the 2026 Notes who convert their 2026 Notes in connection with certain corporate events that constitute a make whole fundamental change as defined in the 2026 Indenture or in connection with the Company s issuance of a redemption notice are under certain circumstances entitled to an increase in the conversion rate Additionally in the event of a corporate event that constitutes a fundamental change as defined in the 2026 Indenture holders of the 2026 Notes may require the Company to repurchase all or a portion of their 2026 Notes at a price equal to 100 of the principal amount of the 2026 Notes being repurchased plus any accrued and unpaid interest
In connection with the pricing of the 2026 Notes the Company entered into capped call transactions with respect to its Class A common stock The 2026 Capped Calls are purchased call options that give the Company the option to purchase approximately 5 million shares subject to anti dilution adjustments substantially identical to those in the 2026 Notes of its Class A common stock for approximately 238 60 per share subject to adjustment corresponding to the approximate initial conversion price of the 2026 Notes exercisable upon conversion of the 2026 Notes The 2026 Capped Calls have initial cap prices of 360 14 per share subject to adjustment and will expire in 2026 if not exercised earlier The 2026 Capped Calls are intended to offset potential dilution to the Company s Class A common stock and or offset the potential cash payments that the Company could be required to make in excess of the principal amount upon any conversion of the 2026 Notes under certain circumstances The 2026 Capped Calls are separate transactions and are not part of the terms of the 2026 Notes The 2026 Capped Calls meet the criteria for classification as equity and as such are not remeasured each reporting period
The estimated fair values of the Notes which are Level 2 financial instruments were determined based on the quoted bid prices of the Notes in an over the counter market on the last trading day of the reporting period
The Company has entered into various non cancelable office space operating leases with original lease periods expiring between 2025 and 2030 These leases do not contain material variable rent payments residual value guarantees financial covenants or other restrictions The Company s corporate headquarters lease in San Francisco has a 10 year term which expires in October 2028 The Company is entitled to two five year options to extend this lease subject to certain requirements
The weighted average remaining term of operating leases was 3 8 years and 4 5 years as of January 31 2025 and January 31 2024 respectively and the weighted average discount rate used to measure the present value of the operating lease liabilities was 5 6 and 5 5 as of January 31 2025 and January 31 2024 respectively
In conjunction with the execution of certain office space operating leases letters of credit in the aggregate amount of 6 million and 7 million were issued and outstanding as of January 31 2025 and January 31 2024 respectively No draws have been made under such letters of credit
On May 20 2022 a purported shareholder filed a putative class action lawsuit in the United States District Court for the Northern District of California against the Company and certain of its executive officers captioned
No 3 22 cv 02990 The lawsuit asserted claims under Sections 10 b and 20 a of the Securities Exchange Act of 1934 alleging that the defendants made false or misleading statements or omissions concerning the Company s cybersecurity controls vulnerability to data breaches and the Company s integration of Auth0 Inc Auth0 The lawsuit sought an order certifying the lawsuit as a class action and unspecified damages The defendants moved to dismiss the amended complaint On March 31 2023 the court dismissed in full the claims based on the plaintiff s allegations related to the Company s cybersecurity controls and
vulnerability to data breaches and dismissed in part and denied in part the claims based on allegations related to the Auth0 integration On May 28 2024 the parties entered into a stipulation of settlement the Stipulation where in exchange for the release and dismissal with prejudice of all claims the Company agreed to pay and or to cause its insurance carriers to pay a total of 60 million which is covered through a combination of the Company s Director Officer D O insurance and the balance of the Company s 10 million retention on the primary D O policy The Stipulation does not constitute an admission of fault or wrongdoing by the Company or its executives On November 19 2024 the court granted final approval of the Stipulation and dismissed the lawsuit in its entirety with prejudice
Additionally two purported shareholders filed derivative lawsuits on behalf of the Company in the United States District Court for the Northern District of California against certain of its current and former executive officers and directors captioned
No 3 22 cv 08627 filed Dec 13 2022 the California Federal Derivative Actions The California Federal Derivative Actions allege among other things that the defendants breached their fiduciary duties by making false or misleading statements or omissions concerning the Company s cybersecurity controls vulnerability to data breaches and the Company s integration of Auth0 The California Federal Derivative Actions seek orders permitting the plaintiffs to maintain the actions derivatively on behalf of the Company awarding unspecified damages allegedly sustained by the Company awarding restitution from the individual defendants and requiring the Company to make certain reforms to its corporate governance and controls On February 22 2023 the court entered a stipulated order consolidating the California Federal Derivative Actions appointing co lead counsel for plaintiffs and staying the consolidated California Federal Derivative Actions during the pendency of the motion to dismiss in the securities class action lawsuit The consolidated California Federal Derivative Actions are captioned
No 3 22 cv 07480 On May 9 2023 the court entered a stipulated order continuing the stay through the close of discovery in the securities class action lawsuit and on January 27 2025 the court entered an order continuing the stay
On April 14 2023 another shareholder filed a substantially similar derivative lawsuit in the United States District Court for the District of Delaware against certain of the Company s current and former executive officers and directors captioned
No 1 23 cv 00413 the Buono Action On May 31 2023 the court entered a stipulated order whereby the defendants agreed to accept service and stay the Buono Action through the close of discovery in the securities class action lawsuit
On January 25 2024 another shareholder filed a substantially similar derivative lawsuit in the United States District Court for the District of Delaware against certain of the Company s current and former executive officers and directors captioned
No 1 24 cv 00106 together with the Buono Action the Delaware Federal Derivative Actions On March 18 2024 the court entered a stipulated order whereby the defendants agreed to accept service and stay the derivative action through the close of discovery in the securities class action lawsuit
On July 1 2024 another shareholder filed a substantially similar derivative lawsuit in the Court of Chancery for the State of Delaware the Delaware Chancery Court against certain of the Company s current and former executive officers and directors captioned
C A No 2024 0685 PAF the Grimaldi Action On July 19 2024 the Delaware Chancery Court entered a stipulated order whereby the defendants agreed to accept service and to stay the derivative action through final approval of the settlement in the securities class action lawsuit
On October 18 2024 another shareholder filed a substantially similar derivative lawsuit in the Delaware Chancery Court against certain of the Company s current and former executive officers and directors captioned
C A No 2024 1072 PAF the Duprat Action On November 8 2024 the Delaware Chancery Court entered a stipulated order where the defendants agreed to accept service in the Duprat Action the Grimaldi Action and the Duprat Action were consolidated the Delaware Chancery Actions and the Delaware Chancery Actions were stayed pursuant to the terms previously entered in the Grimaldi Action
On January 10 2025 the Company and defendants agreed in principle to the non monetary terms of a global resolution of the California Federal Derivative Actions the Delaware Federal Derivative Actions and the Delaware Chancery Actions and executed a Memorandum of Understanding in connection therewith containing the agreed upon material non monetary terms of the proposed settlement
While the Company and defendants have agreed in principle to settle the above referenced derivative lawsuits the Company is unable to predict the outcome or estimate the amount of loss or range of losses that could potentially result from these lawsuits
The Company s subscription services are generally warranted to perform materially in accordance with the Company s online help documentation under normal use and circumstances Additionally the Company s arrangements generally include provisions for indemnifying customers against liabilities if its subscription services infringe a third party s intellectual property rights Furthermore the Company may also incur liabilities if it breaches the security or confidentiality obligations in its arrangements To date the Company has not incurred significant costs and has not accrued any material liabilities in the accompanying consolidated financial statements as a result of these obligations
The Company has entered into service level agreements with a majority of its customers defining levels of uptime reliability and performance and permitting certain customers to receive credits for paid amounts related to subscription services when the Company fails to meet the defined levels of uptime In very limited instances the Company allows customers to early terminate their agreements in the event that the Company fails to meet those levels as they may constitute a breach of contract If the customer did terminate they would receive a refund of prepaid unused subscription fees To date the Company has not experienced any significant failures to meet defined levels of uptime reliability and performance as a result of those agreements and as a result the Company has not incurred significant costs and has not accrued any material liabilities in the accompanying consolidated financial statements as a result of these warranties
Agreements with customers and other third parties may include indemnification or other provisions under which the Company agrees to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims of intellectual property infringement damages caused by us to property or persons or other liabilities relating to or arising from the use of the Company s platforms or other acts or omissions The Company cannot reasonably estimate potential payment obligations as a result of indemnification claims because it cannot predict when and under what circumstances they may be incurred As a result no material liabilities have been recognized in the accompanying consolidated financial statements related to these indemnification obligations
Holders of Class A and Class B common stock are entitled to one vote per share and ten votes per share respectively and the shares of Class A common stock and Class B common stock are identical except for voting and conversion rights Shares of Class B common stock may be converted into Class A common stock at any time at the option of the stockholder on a one for one basis and are automatically converted into Class A common stock upon sale or transfer subject to certain limited exceptions Shares of Class A common stock are not convertible
During fiscal 2025 2024 and 2023 the Company issued 56 250 75 000 and 41 250 shares respectively of Class A common stock as charitable contributions and recognized 5 million 6 million and 4 million respectively as general and administrative expense in the consolidated statements of operations
The Company has two equity incentive plans the 2009 Stock Plan 2009 Plan and the 2017 Equity Incentive Plan 2017 Plan All shares that remain available for future grants are under the 2017 Plan As of January 31 2025 options to purchase 811 267 shares of Class A common stock and 1 387 313 shares of Class B common stock remained outstanding
The Company s equity incentive plans provide for granting stock options RSUs restricted stock awards to employees consultants officers and directors and RSUs with market based vesting conditions to certain executives In addition the Company offers an ESPP to eligible employees
Options issued under the Plan generally are exercisable for periods not to exceed ten years and generally vest over four years with 25 vesting after one year and with the remainder vesting monthly thereafter in equal installments Shares offered under the Plan may be i authorized but unissued shares or ii treasury shares
No options were granted during fiscal 2025 2024 and 2023 The total grant date fair value of stock options vested was 16 million 48 million and 104 million during fiscal 2025 2024 and 2023 respectively The intrinsic value of the options exercised which represents the difference between the fair market value of the Company s common stock on the date of exercise and the exercise price of each option was 213 million 57 million and 108 million during fiscal 2025 2024 and 2023 respectively Windfall tax benefits realized upon exercise of stock options were 47 million during fiscal 2025 while no windfall tax benefits were realized in fiscal years 2024 and 2023
The Company granted 4 858 824 RSUs with an aggregate fair value of 471 million during fiscal 2025 As of January 31 2025 and 2024 there was a total of 672 million and 898 million respectively of unrecognized stock based compensation expense related to unvested RSUs which is being recognized over a weighted average period of 1 8 years based on vesting under the award service conditions The total fair value of RSUs vested during fiscal 2025 2024 and 2023 was 382 million 335 million and 229 million respectively
During the first quarter of fiscal 2025 the Company began funding withholding taxes due upon the vesting of employee RSUs in certain jurisdictions by net share settlement rather than its previous approach of selling shares of the Company s common stock The amount of withholding taxes related to net share settlement of employee RSUs is reflected as i a reduction to additional paid in capital and ii cash outflows for financing activities when the payments are made The shares withheld by the Company as a result of the net share settlement of RSUs are not considered issued and outstanding and do not impact the calculation of basic net income loss per share attributable to the Class A and Class B common stockholders
In March 2022 the Company granted market based RSUs to certain members of management with an average grant date fair value of 244 73 The target number of market based RSUs granted was 58 150 One third of these market based RSUs vest over each of a one two and three year performance period each starting on February 1 2022
In March 2023 the Company granted market based RSUs to certain members of management with an average grant date fair value of 149 78 The target number of market based RSUs granted was 192 843 One third of these market based RSUs vest over each of a one two and three year performance period each starting on February 1 2023
In March 2024 the Company granted market based RSUs to certain members of management with an average grant date fair value of 182 15 The target number of market based RSUs granted was 183 595 One third of these market based RSUs vest over each of a one two and three year performance period each starting on February 1 2024
For each granted market based RSU award the number of shares that can be earned ranges from 0 to 200 of the target number of shares based on the relative performance of the per share price of the Company s common stock as compared to the Nasdaq Composite Index over the respective performance periods and subject to continuous employment through the vesting dates The average grant date fair value per target market based RSU is determined using a Monte Carlo simulation approach Compensation expense for awards with market conditions is recognized over the service period using the accelerated attribution method and is not reversed if the market condition is not met
As of January 31 2025 there was 15 million of unrecognized stock based compensation expense related to unvested restricted stock awards which is being recognized over a weighted average period of 2 1 years based on vesting under the award service conditions
The ESPP provides for 12 month offering periods beginning June 21 and December 21 of each year and each offering period consists of up to two six month purchase periods The ESPP contains a reset provision under which the offering period resets if the fair market value of the Company s common stock on the purchase date is less than the fair market value on the offering date
During fiscal 2025 the Company s employees purchased 586 149 shares of its Class A common stock under the ESPP The shares were purchased at a weighted average purchase price of 71 68 per share with proceeds of 42 million During fiscal 2024 the Company s employees purchased 793 739 shares of its Class A common stock under the ESPP The shares were purchased at a weighted average purchase price of 57 84 per share with proceeds of 46 million
As of January 31 2025 and January 31 2024 there was 15 million and 16 million respectively of unrecognized stock based compensation expense related to the ESPP which is being recognized over a weighted average vesting period of 0 6 years
The Company has a qualified defined contribution plan under Section 401 k of the Internal Revenue Code covering eligible employees A portion of employee contributions are matched up to a fixed maximum dollar amount per year per employee During fiscal 2025 2024 and 2023 matching contributions related to the plan were 18 million 19 million and 21 million respectively
For fiscal 2025 income tax expense resulted primarily from profitable foreign jurisdictions federal and state taxes resulting from limitations on tax attribute utilization offset by the impact of tax windfalls from stock based compensation in the United States For fiscal 2024 the income tax expense resulted primarily from income tax expense related to profitable foreign jurisdictions federal and state taxes resulting from limitations on tax attribute utilization and the tax impact of shortfalls from stock based compensation in the United Kingdom For fiscal 2023 income tax expense resulted primarily from income tax expense related to profitable foreign jurisdictions the tax impact of shortfalls from stock based compensation in the United Kingdom and state taxes
The Company does not provide for income taxes on undistributed earnings of subsidiaries that are intended to be indefinitely reinvested Where the Company does not intend to indefinitely reinvest subsidiary earnings income and withholding taxes as applicable are provided on such undistributed earnings and are insignificant
The Tax Cuts and Jobs Act enacted on December 22 2017 amended Internal Revenue Code Section 174 to require that specific research and experimental R E expenditures be capitalized and amortized over five years U S R E or fifteen years non U S R E beginning in fiscal 2023 As a result for fiscal 2024 and 2023 the Company disavowed certain tax deductions which resulted in the utilization of federal and state tax attributes to offset this impact
The Company has determined that it is not more likely than not that it will realize the benefits of its net deferred tax assets in the United States due to negative evidence such as a continued cumulative loss and an increase in net deferred tax assets despite attribute utilization Therefore the Company has recorded a valuation allowance to reduce the carrying value of the U S deferred tax assets net of U S deferred tax liabilities The U S valuation allowance increased by 57 million and 9 million during fiscal 2025 and 2024 respectively
As of January 31 2025 the Company had approximately 2 683 million of federal and 2 025 million of state net operating loss carryforwards available to offset future taxable income If not utilized the federal and state net operating loss carryforwards will begin to expire in 2036 and 2026 respectively The federal and state net operating losses for fiscal 2025 consider the impacts of the amendments of prior year federal and state tax returns as discussed in the effective tax rate reconciliation section As of January 31 2025 the Company had approximately 34 million of UK net operating losses which do not expire
As of January 31 2025 the Company had federal research and development tax credit carryforwards of 130 million and California research and development tax credit carryforwards of 86 million The federal research and development credits will start to expire in 2038 while the California research and development credits do not expire
The Company s ability to utilize the net operating loss and tax credit carryforwards in the future may be subject to substantial restrictions in the event of future ownership changes as defined in Section 382 of the Internal Revenue Code and similar state tax laws
For all periods presented the Company has an immaterial amount of unrecognized tax benefits that if recognized would impact the effective tax rate The Company s policy is to include interest and penalties related to unrecognized tax benefits within the provision for income taxes For all years presented the Company has not accrued a material amount in interest and penalties related to unrecognized tax benefits The Company does not have any significant uncertain tax positions as of January 31 2025 for which it is reasonably possible that the positions will increase or decrease within the next twelve months
As the Company has net operating loss carryforwards for the U S federal and state jurisdictions the statute of limitations is open for all years For material foreign jurisdictions the tax years open to examination include the tax years 2017 and forward
The following table presents the calculation of basic and diluted net income loss per share Net income loss is reported in millions and rounded from amounts in thousands as a result net income loss per share may not recalculate exactly due to rounding
The Company entered into capped call transactions in connection with the issuance of the convertible senior notes The effect of the capped calls was also excluded from the calculation of diluted net income per share as the effect of the capped calls would have been anti dilutive
Property and equipment by geographic location is based on the location of the legal entity that owns the asset As of January 31 2025 and 2024 the majority of the Company s long lived assets which primarily consist of property and equipment and operating lease right of use assets were located in the United States
On February 1 2024 the Company acquired all of the outstanding equity of Spera an identity security platform provider The acquisition of Spera is expected to broaden the Company s identity threat detection and security posture management capabilities The Spera acquisition was accounted for as a business combination
The acquisition date fair value of purchase consideration for Spera of 58 million was paid in cash Of this amount 12 million of consideration was transferred to an escrow fund as partial security for any purchase price adjustments and indemnification obligations and will be paid to the former Spera stockholders following the 18 month anniversary of the closing date less any such adjustments or indemnification obligations
The Company recorded 18 million for developed technology intangible assets with an estimated useful life of 5 years and recorded 42 million of goodwill which is primarily attributed to the assembled workforce as well as the integration of Spera s technology and the Company s technology None of the goodwill is expected to be deductible for U S federal income tax purposes
The Company entered into revesting agreements with Spera s founders pursuant to which 238 795 additional shares of Okta s Class A common stock were issued as of the closing date which vest over three years The 20 million fair value of the unvested restricted stock award is attributable to a post combination service condition and will be accounted for by the Company separately from the business combination as stock based compensation expense
Acquisition related expenses incurred were not material This acquisition did not have a material impact on the Company s consolidated financial statements therefore historical financial information and pro forma disclosures have not been presented
Our management with the participation of our principal executive officer and principal financial officer has evaluated the effectiveness of our disclosure controls and procedures as defined in Rules 13a 15 e and 15d 15 e under the Exchange Act as of the end of the period covered by this Annual Report on Form 10 K
Based on this evaluation our management concluded that as of January 31 2025 our disclosure controls and procedures are effective to provide reasonable assurance that information we are required to disclose in reports that we file or submit under the Exchange Act is recorded processed summarized and reported within the time periods specified in the Securities and Exchange Commission s rules and forms and that such information is accumulated and communicated to our management including our principal executive officer and principal financial officer as appropriate to allow timely decisions regarding required disclosure
Our management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rule 13a 15 f of the Exchange Act Our management conducted an evaluation of the effectiveness of our internal control over financial reporting based on the framework in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission 2013 framework Our internal control over financial reporting includes policies and procedures that provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external reporting purposes in accordance with U S generally accepted accounting principles Based on this evaluation management concluded that our internal control over financial reporting was effective as of January 31 2025 Our independent registered public accounting firm Ernst Young LLP has issued an audit report with respect to our internal control over financial reporting which appears in Part II Item 8 of this Annual Report on Form 10 K and is incorporated herein by reference
There was no change in our internal control over financial reporting identified in connection with the evaluation required by Rules 13a 15 d and 15d 15 d of the Exchange Act that occurred during the quarter ended January 31 2025 that has materially affected or is reasonably likely to materially affect our internal control over financial reporting
In designing and evaluating the disclosure controls and procedures and internal control over financial reporting management recognizes that any controls and procedures no matter how well designed and operated can provide only reasonable assurance of achieving the desired control objectives In addition the design of disclosure controls and procedures and internal control over financial reporting must reflect the fact that there are resource constraints and that management is required to apply its judgment in evaluating the benefits of possible controls and procedures relative to their costs
During the quarter ended January 31 2025 none of our directors or officers as defined in Rule 16a 1 f of the Exchange Act informed us of the adoption or termination of a Rule 10b5 1 trading arrangement or a non Rule 10b5 1 trading arrangement as each term is defined in Item 408 of Regulation S K
The information required by this item is incorporated by reference to our Proxy Statement relating to our 2025 Annual Meeting of Stockholders The Proxy Statement will be filed with the SEC within 120 days of the fiscal year ended January 31 2025
Our board of directors has adopted a code of conduct that applies to all of our employees officers and directors The full text of our code of conduct is available on our investor relations website at investor okta com under Responsibility and Governance We intend to satisfy the disclosure requirement under Item 5 05 of Form 8 K regarding amendments to or waiver from a provision of our code of conduct by posting such information on the website address and location specified above
The information required by this item is incorporated by reference to our Proxy Statement relating to our 2025 Annual Meeting of Stockholders The Proxy Statement will be filed with the SEC within 120 days of the fiscal year ended January 31 2025
The information required by this item is incorporated by reference to our Proxy Statement relating to our 2025 Annual Meeting of Stockholders The Proxy Statement will be filed with the SEC within 120 days of the fiscal year ended January 31 2025
The information required by this item is incorporated by reference to our Proxy Statement relating to our 2025 Annual Meeting of Stockholders The Proxy Statement will be filed with the SEC within 120 days of the fiscal year ended January 31 2025
The information required by this item is incorporated by reference to our Proxy Statement relating to our 2025 Annual Meeting of Stockholders The Proxy Statement will be filed with the SEC within 120 days of the fiscal year ended January 31 2025
Pursuant to the requirements of Section 13 or 15 d of the Securities Exchange Act of 1934 as amended the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized
KNOW ALL PERSONS BY THESE PRESENTS that each person whose signature appears below constitutes and appoints Todd McKinnon and Brett Tighe and each of them as his or her true and lawful attorneys in fact and agents with full power of substitution and resubstitution for him or her and in his or her name place and stead in any and all capacities to sign any amendments to this Annual Report on Form 10 K and to file the same with Exhibits thereto and other documents in connection therewith with the Securities and Exchange Commission hereby ratifying and confirming all that each of said attorneys in fact or substitute or substitutes may do or cause to be done by virtue hereof
Pursuant to the requirements of the Securities Exchange Act of 1934 this report has been signed below by the following persons on behalf of the Registrant and in the capacities and on the dates indicated
The certifications furnished in Exhibit 32 1 hereto are deemed to accompany this Annual Report on Form 10 K and will not be deemed filed for purposes of Section 18 of the Securities Exchange Act of 1934 as amended except to the extent that the registrant specifically incorporates it by reference

Company Name	Okta, Inc. Vist SEC web-site
Category	SERVICES-PREPACKAGED SOFTWARE
Trading Symbol	OKTA