Identity is all we do.
Apivant is an Okta and Auth0 services firm built around senior architects and the Frontier Identity Framework.
Why identity is the only thing we do
Identity is the layer the rest of security depends on. If access control is wrong, everything built on top of it is working from a bad assumption. We think that is too important to treat as one practice area among many, so it is the only thing we do.
We work the full Okta and Auth0 platform: OIG, OPA, ISPM, Okta for AI, complex Auth0 CIAM, and fine-grained authorization. The Frontier Identity Framework is how we map that ground, and it shapes every engagement.
How we deliver is different too. We orchestrate across three layers, mapped by one Identity Ontology, so agents handle the repetitive configuration and our architects make the judgment calls. The architects who start your engagement are the ones who finish it.
One clarification, since the name invites the question: Apivant is an independent IAM consulting firm and is not affiliated with Anthropic PBC, the AI research lab.
Diagram of the three orchestration layers. Journey Time Orchestration, Layer 1, covers sign-up, sign-in, and recovery journeys. Runtime Orchestration, Layer 2, lets any identity provider talk to any application. Control-Plane Orchestration, Layer 3, manages users, groups, policies, and authorization data. The Identity Ontology ties all three layers together.
Leadership
James Bonifield
Founder, CEOThe next wave of identity problems will be agent problems. We shaped our delivery method around that future, and we price the outcome rather than the hours.
James has led 100+ Okta and Auth0 projects as a customer, consultant, and practice leader, most recently as Okta Practice Lead at Optiv. He serves as executive sponsor on every client engagement.
- Led 100+ Okta and Auth0 projects across 50+ clients spanning the full platform
- Three years as Senior Manager and Okta Practice Lead at Optiv
- Background as a cybersecurity architect, developer, and data scientist
Harry Lambert
VP, Customer SuccessLarge CIAM platforms fail in operations before they fail in architecture. I learned that running one as the customer, not the consultant.
Harry implemented Okta CIAM for 24 million users and 250+ applications as a customer before leading identity consulting practices. He holds Okta Certified Technical Architect certification #20, a credential held by fewer than fifty professionals worldwide.
- Implemented Okta CIAM for 24M users and 250+ applications as a customer
- Identity consulting leadership at Accenture, BeyondID, and Optiv
- Former Okta Practice Lead at Optiv
Diego Koga
Chief ArchitectGood architecture is a set of decisions you can defend two years later. I give clients straight answers, even when the answer is no.
Diego brings 15+ years of CIAM and IAM architecture experience, with identity leadership roles at Auth0, Strivacity, and MATTR. As Chief Architect, he is the final authority on architectural decisions across the practice.
- 15+ years of architecture and engineering experience across CIAM and IAM
- Identity leadership roles at Auth0, Strivacity, and MATTR
- Directed architecture for large enterprises through high-stakes migrations, multi-cloud rollouts, and major digital transformations
Christopher St. Thomas
Chief Revenue OfficerDeals are won where implementation depth decides the outcome. My job is making sure Okta field teams know exactly when that moment is ours.
Christopher is an enterprise identity and security sales executive with 20+ years selling to Fortune 500 organizations. His Okta roles include Strategic Account Director and Senior Director of Global Alliances, and as CRO he leads partner go-to-market and joint pursuits.
- 20+ years in enterprise identity and security sales to Fortune 500 organizations
- Former Strategic Account Director at Okta (Southeast) and Senior Director, Global Alliances at Okta
- Most recently Strategic Account Executive at Strata Identity, working with GSIs including EY, Deloitte, and Wipro
How We Engage
Every engagement is fixed-fee and outcome-based. You buy a result, not a block of hours, and we absorb the delivery risk.
Mastermind
A Mastermind is an ongoing advisory retainer. A named senior architect joins your IAM planning discussions, reviews in-flight decisions, and serves as an external authority for your identity program over a defined period. There is no fixed deliverable. The value is a trusted advisor who knows your environment and gives a straight answer the day the question comes up.
Workshop
A Workshop is a bounded, multi-day intensive that produces a specific output: an architecture blueprint, a migration plan, an authorization model candidate, or a prioritized remediation roadmap. Each Workshop is scoped to a single identity domain or decision. We bring a named senior architect and discovery frameworks we have already built; you bring your engineering and security leads. The deliverable is written, validated against your real environment, and immediately actionable.
Assessment
An Assessment is a scoped diagnostic with a written deliverable. The scope is one IAM surface: your workforce tenant, your customer identity architecture, your authorization model, or your agentic identity posture. We audit the current state, identify the risks and gaps, and deliver written findings with a prioritized remediation sequence. An Assessment is the typical entry point for a new client relationship and the prerequisite for a fixed-fee implementation engagement.
1 of fewer than 50 Okta Certified Technical Architects worldwide
Our team holds certifications across the full Okta and Auth0 platform, including the Okta Certified Technical Architect credential. Fewer than 50 practitioners worldwide hold it, and one of them is on our team.


Put a Senior Architect on Your Identity Problem
Tell us where your identity program is stuck. We reply within one business day with a point of view.




