Q1 2025 Okta Inc Earnings Call

Participants

Brett Tighe; CFO; Okta, Inc.

Dave Gennarelli; VP of IR; Okta, Inc.

Todd McKinnon; Co-Founder, Chairman & CEO; Okta, Inc.

Adam Charles Borg; Associate; Stifel, Nicolaus & Company, Incorporated, Research Division

Adam Tyler Tindle; Senior Research Associate; Raymond James & Associates, Inc., Research Division

Alexander Henderson; Senior Analyst; Needham & Company, LLC, Research Division

Andrew James Nowinski; Senior Equity Analyst; Wells Fargo Securities, LLC, Research Division

Brad Alan Zelnick; MD of Software Equity Research & Senior US Software Research Analyst; Deutsche Bank AG, Research Division

Eric Michael Heath; VP & Equity Research Analyst; KeyBanc Capital Markets Inc., Research Division

Fatima Aslam Boolani; Director & Co-Head of Software Research; Citigroup Inc., Research Division

Gabriela Borges; Analyst; Goldman Sachs Group, Inc., Research Division

Gray Wilson Powell; MD & Security and Infrastructure Software Analyst; BTIG, LLC, Research Division

Hamza Fodderwala; Equity Analyst; Morgan Stanley, Research Division

John Stephen DiFucci; Senior MD & Equity Research Analyst; Guggenheim Securities, LLC, Research Division

Jonathan Frank Ho; Partner & Technology Analyst; William Blair & Company L.L.C., Research Division

Joseph Anthony Gallo; Equity Associate; Jefferies LLC, Research Division

Joshua Alexander Tilton; SVP; Wolfe Research, LLC

Madeline Nicole Brooks; Research Analyst; BofA Securities, Research Division

Matthew George Hedberg; Analyst; RBC Capital Markets, Research Division

Patrick Edwin Ronald Colville; Lead Software Analyst; Scotiabank Global Banking and Markets, Research Division

Peter Weed; Analyst; Sanford C. Bernstein & Co., LLC., Research Division

Peter Marc Levine; Analyst; Evercore ISI Institutional Equities, Research Division

Robbie David Owens; MD and Senior Research Analyst; Piper Sandler & Co., Research Division

Roger Foley Boyd; Associate Analyst; UBS Investment Bank, Research Division

Rudy Grayson Kessinger; Senior VP & Senior Research Analyst; D.A. Davidson & Co., Research Division

Unidentified Analyst

Presentation

Dave Gennarelli

Hi, everyone. Welcome to Okta's First Quarter Fiscal Year 2025 Earnings Webcast. I'm Dave Gennarelli, Senior Vice President of Investor Relations at Okta. With me in today's meeting, we have Todd McKinnon, our Chief Executive Officer and Co-Founder; and Brett Tighe, our Chief Financial Officer.
At around the same time that the earnings press release hit the wire, we posted supplemental commentary to our IR website. This posted commentary contains a large portion of what would historically be the opening commentary including customer commentary, product-related news and a review of our financial results. This new format allows listeners to review that information before this call.
Today's meeting will include forward-looking statements pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including, but not limited to, statements regarding our financial outlook and market positioning. Forward-looking statements involve known and unknown risks and uncertainties that may cause our actual results, performance or achievements to be materially different from those expressed or implied by the forward-looking statements. Forward-looking statements represent our management's beliefs and assumptions only as of the date made. Information on factors that could affect our financial results is included in our filings with the SEC from time to time including the section titled Risk Factors in our previously filed Form 10-K.
In addition, during today's meeting, we will discuss non-GAAP financial measures. Though we may not state it explicitly during the meeting, all references to profitability are non-GAAP. These non-GAAP financial measures are in addition to and not a substitute for or superior to measures of financial performance prepared in accordance with GAAP. A reconciliation between GAAP and non-GAAP financial measures and a discussion of the limitations of using non-GAAP measures versus their closest GAAP equivalents is available in our earnings release.
You can also find more detailed information in our supplemental financial materials, which include trended financial statements and key metrics posted on our Investor Relations website. In today's meeting, we will quote a number of numeric or growth changes as we discuss our financial performance; and unless otherwise noted, each such reference represents a year-over-year comparison.
And now I'd like to turn the meeting over to Todd McKinnon. Todd?

Todd McKinnon

Thanks, Dave, and thank you, everyone, for joining us this afternoon. Q1 was a solid start to FY '25, highlighted by continued strength of large customers in the public sector and record profitability and cash flow. The operating efficiency actions that we started almost 2 years ago have delivered outstanding leverage to our model. While it's difficult to quantify the impact on our business from the October security incident, our analysis continues to suggest minimal impact on our financial results.
Today, I'll cover the progress we've made with the Okta Secure Identity commitment and then review some of the highlights from our showcase event earlier this month. As a reminder, we launched the Okta Secure Identity Commitment earlier this year. This is our long-term plan to lead the industry in the fight against identity attacks. It's aimed at hardening our ancillary and corporate systems and further strengthening our products and services as well as championing customer best practices that help enable our customers to be highly protected. We want our customers to benefit from our depth of experience, so we are further enhancing our customer policies to help ensure our products are deployed with Okta's best security practices.
In only a few short months, we've made meaningful progress. Identity plays a critical role in the technology stack, so it's not surprising that identity-based attacks have become a top method for threat actors. Over 80% of data breaches in the industry involve some kind of compromised identity.
Identity is security. As part of our vision to free everyone to safely use any technology, Okta is modernizing identity and effectively modernizing security. We are protecting our customers by blocking over 2 billion security attacks a month, and it's likely that number will only grow.
During the week of the RSA conference, we hosted hundreds of customers at our hybrid showcase event. In addition to the keynotes, we hosted a large group of CISOs from various industries to discuss today's threat environment and how Okta helps protect them. It was an energetic forum, and we walked away with even more confidence that we're on the right track of delivering industry-leading identity security solutions.
Our products are the foundation of Okta. We already have the broadest array of identity products in the world. Building on that, our current rate and pace of innovation is really impressive. We've historically put a lot of focus on delivering secure products to our customers, and we are now on the journey to make Okta one of the most secure companies in the world from every aspect, from our internal technologies to people to processes.
At Showcase, we featured the latest product innovations starting with a new product, identity, security, posture management. Stemming from our recent acquisition of Spera, this technology is a fantastic addition to our portfolio as it proactively identifies vulnerabilities and security gaps before they can be exploited. It works for both Okta and other identity providers like AWS and Azure AD, bringing a multilayered defense strategy on top of the already strong security capabilities in the Workforce Identity Cloud.
Earlier this month, we began rolling out Identity Security Posture Management to select customers in North America. We're also excited about the launch of Identity Threat Protection with Okta AI, which includes powerful features like Universal Logout, which makes it possible to automatically log users out of all of their critical apps when there is a security issue. Think of this as identity threat detection and response for Okta. We expect Identity Threat Protection to become generally available this summer.
There are so many more new products, features, enhancements that we spoke about at Showcase, so I encourage you to check out the summary in our posted commentary.
We're really excited about all the great innovation that is taking place at Okta, which will help drive future growth. I also want to remind you of our 3 top priorities for FY '25 because they are fundamental to our success. It shouldn't be surprising to anyone that security is our top priority from our company culture to our security architecture to our products and services. The second is reigniting our growth, and this is where all the great product innovation will contribute. And the third top priority is scaling Okta in order to set us up for success to become a $5 billion and then $10 billion-plus company.
To wrap things up, we are pleased with the start to FY '25. We're expanding on our robust and modern identity platform, and we have a strong pipeline of products and functionality powered by Okta AI. Identity is security, and Okta is playing a critical role in helping companies protect themselves from identity-based attacks. As always, I want to thank the entire Okta team for their tireless efforts and our awesome customers and partners around the world who put their trust in us every day.
Now here's Brett to cover the financial commentary and talk about how we're positioned for long-term profitable growth.

Brett Tighe

Thanks, Todd, and thank you, everyone, for joining us today. Just a quick reminder that most of my typical commentary on the quarterly financials was published on Okta's Investor Relations website at the same time as the press release. I'll cover a few of the financial highlights, but we'll focus my commentary on broader topics before getting into our business outlook.
Our solid Q1 financial performance continues to suggest minimal impact on our financial results stemming from last year's security incident. Consistent with last quarter, as we analyzed our key metrics, we couldn't attribute a quantifiable impact from the security incident on our Q1 results. And while not quantifiable, the event likely had some level of impact. We'll continue to monitor this as we move through the rest of FY '25.
The macro environment during Q1 was relatively consistent with what we experienced over the past few quarters. In short, it's stable but still challenging and most notably having an impact on our mix of new business versus upsells with existing customers.
Moving on to some financial highlights. Over the past several quarters, we've put significant effort into positioning the company for profitable growth for years to come. The actions we've taken to drive efficiencies in our cost structure have yielded impressive results. Our Q1 financial performance was highlighted by record operating profitability as well as record free cash flow, resulting in a free cash flow margin of 35%. The cash flow performance is even more impressive when considering it includes a [$22 million] impact related to the headcount reduction action at the start of Q1.
Another highlight in the quarter was Q1 subscription gross margin of 83.5%, which represents an increase of 420 basis points when compared to 2 years ago. The improvement reflects the cost-saving initiatives we've taken that have resulted in lower platform costs. We expect subscription gross margin to remain in the 83% range and flex down slightly for the rest of the fiscal year as we invest in the business across key areas such as security, public sector and customer support.
We were encouraged by Q1's strong top line metrics and pipeline growth. Public sector was a particular area of strength, led by our largest ever public sector deal. In fact, 5 of our top 6 deals in Q1 were with public sector organizations. And despite the strong quarter for public sector deals, which are typically 1-year deals, weighted average contract term length for contracts signed in the quarter increased year-over-year.
We added 150 net new customers in the quarter. This primarily reflects the ongoing business trends of the current macro environment, resulting in increased weighting of upsell versus new business and continued strength with large enterprise customers. Once again, our fastest-growing cohort was large customers with $1 million-plus ACV.
Now let's turn to our business outlook for Q2 and FY '25. As always, we take a prudent approach to forward guidance. We are factoring in a stable but still challenging macro environment consistent with what we've experienced over the past few quarters. We also continue to incorporate some conservatism into our outlook as we continue to monitor potential impacts related to last year's security incident.
Again, you can view the more granular guidance details in our press release or posted commentary.
For the second quarter of FY '25, we expect total revenue growth of 13% to 14%; current RPO growth of 10% to 11%; non-GAAP operating margin of 19% to 20%; and free cash flow margin of approximately 5%. Keep in mind that cash flow in Q1 was a record and that Q2 is seasonally the lowest quarter of the year.
We are raising our outlook across the board for full year FY '25. We now expect total revenue growth of 12%, non-GAAP operating margin of 19% to 20% and a free cash flow margin of approximately 22%.
To wrap things up, we remain confident that we've set the path of profitable growth for years to come. Our balance sheet is strong with a net cash position of approximately $1.2 billion, and we continue to focus on initiatives to drive the top line while driving operational efficiencies.
With that, I'll turn it back to Dave for Q&A. Dave?

Question and Answer Session

Dave Gennarelli

Thanks, Brett. I see there are quite a few hands raised already, and I'll take them in order. And in the interest of time, please limit yourself to one question so that we can get to everyone. And then you're welcome to queue back up with additional questions.
So with that, let's go to our first question from Gabriela Borges at Goldman.

Gabriela Borges

For Todd and Brett, I'm hoping you can provide some qualitative commentary on sales productivity. There are factors outside of your control with the macro, but maybe talk about the factors that are within your control and specifically, how you think about training and enablement around cross-sell and where you think NRR can go over the medium term with some of the new products that you've released.

Todd McKinnon

It's something we're really focused on. I've talked about it on previous calls. One of the leading indicators of productivity is tenure, and the level of tenure in the sales team has been ramping over the past few quarters. And it's at a comfortable level now for us, so we're happy with where it is. And we're waiting to see throughout the year for the ramp in productivity that will come from that.
And I think in Q1, it was good, but it can get better in previous quarters, mostly because just the sales for the year ramp through the subsequent quarters of the year, and also, we assume that the productivity will be higher, too, there. So Q1 is solid, but it's only a small part of the year, and we have -- we're really optimistic about the further increases in productivity through the rest of the quarters of the year.
In terms of cross-sell, we had a very strong quarter in terms of cross-sell. We're happy with the way the team is positioning both clouds with -- starting with Workforce and then moving to customer, or even in the public sector deal we mentioned, there's actually a significant cross-sell the other way. It started with customer identity and then the big upsell was with workforce identity, which is a healthy thing to see in the business. So that is a key metric. And I would say, we're off to a solid start, and we're really optimistic about what could happen the rest of the year in terms of acceleration.

Dave Gennarelli

Next up, we'll go to Fatima Boolani at Citi.

Fatima Aslam Boolani

Todd, just to piggyback off that last point, so the public sector performance has actually been very consistently strong over the arc of the last several quarters. So I was hoping if you could drill into this with a little bit more detail as it relates to what sort of catalysts are you tapping very effectively within the public sector. And frankly, the public sector strength is outside of the normal confines of what we typically see from a timing standpoint, typically back half of the year, coinciding with the U.S. Federal fiscal year-end. But any specific details around what mandates you're tapping and why public sector has actually been so strong and consistently strong, whereas kind of other parts have been maybe a little bit more challenged?

Todd McKinnon

Yes. I think there's a bunch of factors there. I'll try to call out some of them to hopefully be helpful for your understanding of the dynamics of the business. I would say the first one is that usually public sector deals are bigger and which means that the organizations we're selling to are bigger, which means they haven't been impacted like some of the SMB parts of our business having this -- the macro environment the last few quarters.
So I think, like we're seeing in the rest of the business, the biggest, fastest growing cohort of customers is the $1 million-plus customers. You see the $100,000-plus customers growing faster than the overall customer count, 12% versus 6%. So we're seeing a migration up of the business, which we think is a good healthy thing for long-term growth. So public sectors within that is they're bigger deals. They're bigger organizations.
Now once you do click into even that, you're seeing a lot of the -- first of all, the public sector business is -- has -- it's state and local. It's civilian, federal, and it's Department of Defense Federal in the U.S. There is -- and the majority of our public sector business is in the U.S.
And so when you look at that, the big public sector win we talked about this quarter, which we're very happy about, is actually a -- which is relatively a newer part of the public sector vertical for us, which is the Department of Defense. A big agency in the Department of Defense selected Okta to standardize across the board for access management, which is very exciting. And that's a result of many things, it's a result of persistent sales campaigns and proof points at smaller parts of the department and smaller parts of the federal government. But it's also a testament to better certification, so IL4 certification and then also the ability to serve some IL5 workloads, which is a very important. FedRAMP High, or a couple of certifications we've gotten over the last year or so, which is really driving momentum.
And then the last bucket there is kind of like it's the trends that are impacting every organization, which is they have -- they're making bigger investments in technology. They understand that identity can give them choice and flexibility and help them, which is particularly in the big public sector deal is -- a particular example of this, they can actually consolidate around many, many identity providers. So we talk about consolidation broadly, but there's a lot of sprawl in these big organizations around multiple identity technologies.
This Department of Defense agency had over 75 identity tools, which is -- sounds crazy; but when you think about the size and scope of this deal, it's maybe not that crazy. So they're trying to do more efficiency with their dollars. They're trying to consolidate around the right pain points. We think identity is one of those. And then they're also making sure that they're robust and defended against cyberattacks. And like every other part of the world, they understand that identity is a key to getting that posture right, and they're looking to shore up that part of their cyber defense with the solid identity platform. So those are some of the dynamics. Hopefully, that's helpful.

Brett Tighe

I would just add to that actually, 2 things. One, if you remember a couple of years ago, we -- 1 of our 3 strategic initiatives was around federal, right? And so that was back in FY '23. We spent a lot of time and a lot of focus, and you can see the fruits of our labor, if you will, over the last couple of years, and seeing the focus for us really pay off. And then the other one is, one thing to keep in mind is we're still in the early innings of this opportunity. We look at the public sector is a massive opportunity, and we still have a lot of room to run there.

Dave Gennarelli

Great. Let's go to Brad Zelnick at Deutsche Bank.

Brad Alan Zelnick

Congrats on a good result, especially relative to some crazy stuff happening in software. Brett, my question is for you. I'm just trying to reconcile the 2Q cRPO guide for further deceleration with what otherwise looks strong when I look at Q2 revenue and the full year revenue guide. What dynamics should we consider? Does some of those public sector deals maybe not fully make their way into cRPO? Or are there any other factors that we should keep in mind when thinking about your cRPO guide for Q2?

Brett Tighe

Yes. No other factors specific to the public sector. I mean they -- obviously, they're in the current RPO numbers of Q1 with 15% year-over-year growth, which we feel were solid results. But ultimately, when you look at the guidance not just for Q2 current RPO but also any of the guidance that we gave here today, we're factoring into 2 main things, right? Macroeconomic headwinds are still out there. It's really affecting us in 2 different ways. One is on new logo acquisition. The other one is on the upsell side of the house around seat upsells, monthly active user upsells on the customer identity side. There's still a headwind out there to growth, both the net retention number and the current RPO number and any guidance that we really give here.
And then the second main factor is the security incident. Although we didn't -- we saw really only minimal impact to our financials in Q1 and in Q4, like you remember from 90 days ago, we're still being thoughtful about that and just baking all that into the guidance that we've given you guys here today.

Dave Gennarelli

Next, we have Eric Heath at KeyBanc.

Eric Michael Heath

I guess I wanted to drill in on some of the PAM commentary from the prepared remarks. A couple of nice customer wins in the G2K. I thought that was quite interesting. So could you elaborate more on those customer wins? Just, firstly, were they displacements and if they were on-prem or cloud workloads? And then third, just as it relates to the telecom customer specifically, you mentioned it needed to meet federal compliance requirements. So is PAM already FedRAMP certified at this point because that seems pretty impressive to me if it is?

Todd McKinnon

The early -- so PAM is -- we're very happy with the progress there. It is early in terms of its life cycle only having been available starting in Q4 of last year. So it's encouraging early traction there. I think that the -- kind of like what we expected is playing out in terms of it's not necessarily replacing other technologies or the other privileged access management technologies. It's more because of the product is easy to use, and it's really purpose built for modern cloud environments. You're spinning up a bunch of virtual hosts. You're using containers, modern DevOps-type environment. It's really good at those kind of environments. And in many places where we go into, those environments don't have a privileged solution, and we fit really nicely in there. And that's what we're seeing in some of the early traction.
The other very -- maybe also it's good to see our thesis confirmed, is that it's often bought as part of the whole suite. So they'll buy governance and PAM and add that to the -- to our access management tools on the workforce side. And that's -- our whole theory has been that those 3 things should be more integrated, should be -- should come from the same vendor, and we're building the identity suite for workforce in the sense that those 3 things work really well together. And we're seeing that play out in some of the early wins.
The -- and we're seeing on the -- when we sell a governance, it's -- of the total -- after governance is installed or sold, governance can be 1/3 of the entire ARR after governance gets installed there. And we're seeing a similar -- it's early, but we're seeing a similar uplift for PAM as well.
So all these signs are very encouraging. The product is not yet FedRAMP certified, so that will come later, to answer your specific question there. But it's exciting, some early proof and validation points for our approach in that market.

Dave Gennarelli

Let's go to Adam Tindle at Raymond James.

Adam Tyler Tindle

Todd, I just want to first acknowledge the impressive profitability here. On the flip side, if I looked at Brett's guidance, it looks like Okta is likely tracking to a single-digit growth business within the next couple of quarters. I noticed in your prepared remarks, you used the term reignite growth. So I just wondered if you can maybe just double click on the top opportunities that you see to reaccelerate growth from here. Which areas would those be?
And then secondly, from a capital allocation perspective, Brett noted that you have $1.2 billion of net cash. Is there something that you might consider more transformational that would help accelerate that time line to reignite growth?

Todd McKinnon

The -- reigniting growth is 1 of our top 3 priorities. Of course, the first is secure -- securing Okta and securing our -- making sure our products do the same things for all of our customers and with our secure identity commitment. That's our #1 priority.
Second is reigniting growth. So it's very important to us. And I think there's 3 important things I'll call out there in terms of how we're thinking about driving up that growth rate and doing everything we can to meet and then exceed our guidance we've put forward. That first one is we want to make sure that we're -- we have trained, enabled, tenured productive salespeople. And as I mentioned previously for a couple of questions ago, we think we're off to a solid start on that dimension.
The second one is new product innovation, where we're just starting to hit the ramping phase of -- in terms of the next few quarters of material impact of governance product. PAM is a few quarters behind that, but it has a potential to get there being built and sold and positioned as a suite, which I think we're seeing really early signs of compelling value there. We have a customer identity business that's, by far, the leader in the industry, that has a ton of innovation coming in that part of the business as well with highly regulated identities and all the other announcements we've made there. And so the products are a really important part of what we're doing.
And then the third thing is just, broadly speaking, how we fit into the partner ecosystem and particularly in the large enterprise, working more effectively and being strategic partners with the global SIs and having them fit us into their -- or build practices around us, so we can fit seamlessly into what they're trying to do strategically with their businesses and all the way up and down the partner channel. We've made a bunch of changes there over the last year; and hopefully, as you all talk to the folks in the partner community, you're seeing positive feedback about what we're doing and how we can work with the partner community effectively and to serve everyone's mutual interest.
So those are some of the highlights. It is very important. We think we have a very big long-term market opportunity. And we're not here to be a slow growth company. We're here to be accelerating growth and reaching that market opportunity over the long term.

Brett Tighe

No, no, I'd add 1 or 2 things to that, Adam. One is around hunter-farmer model. I know you guys heard about that from us 90 days ago, a couple of months ago or 3 months ago. we obviously want to accelerate logo acquisition and obviously penetrate the customer base. I mean we've got 19,100 plus customers, and you heard us talk in prior calls about governance customers of only -- it's measured in the hundreds.
So there's a lot of opportunity inside the customer base. I'm just using governance as an example, but you could apply what I just said to everything Todd just said in terms of additional products. And hopefully, everyone had a chance to look through all the exciting product announcements that we made at Showcase or listed out in the posted commentary.
And then in terms of your question around capital allocation and capital structure right now, we're going to continue to do what we've done in the past, right, be opportunistic with the debt and leave the balance of the money there for operating the business and looking at tech tuck-ins, things to accelerate the road map like you saw with Spera, which then turned into posture management, which is an exciting product that just came out a few weeks ago. It is only available to some customers in North America. So it's still very early, but it's just another example of us taking small tuck-ins and frankly, accelerating some new exciting features for our customers.

Dave Gennarelli

Let's go to Hamza Fodderwala at Morgan Stanley.

Hamza Fodderwala

I'll echo my congrats on the results in a tough environment. Todd, just going back to your comment, you talked about accelerating growth, $5 billion, $10 billion revenue company. Just from a hiring perspective, when you think about sort of the slower headcount that you've had over the last couple of years, is there -- are you seeing signals in the demand environment or in your opportunity to maybe pick that up a bit? And how should we kind of think about that growth margin equation going forward?

Todd McKinnon

I think in the enterprise segment, we do. We see signals there. I think in SMB, it's still more of a wait and see. I think we'll have to see some more quarters of stability or improving dynamics there before we'll be more comfortable ramping that up. Brett mentioned one of the changes we made, which is doing this hunter-farmer approach in the SMB segment, which we're very optimistic about. It's going to take a few quarters to have the impact we think it can have. But as that settles out and as the -- some of the economic choppiness maybe stabilizes further or picks up a little bit, we'd be more confident adding headcount there.
I think the enterprise, public sector, strategic, international segments are -- that's where we've seen a lot of the growth, and that's where our customers have the biggest need in terms of lots of complexity, lots of -- technical choice really matters. Like not being locked into one platform is really valuable. They have a lot of risk, a lot of cyber risk, a lot of risk of not getting the technology adopted and driving their business forward. So I think that's a really long-term place to invest, and we're looking at making sure we do that in a measured way. We don't want to -- we want to balance growth and profitability, but we're not going to leave opportunity on the field where we see we can take it.

Dave Gennarelli

Let's go to Madeline Brooks at BofA.

Madeline Nicole Brooks

I guess I just want to go back to the guidance, pick it up a little bit. So it feels like the second half guide is very conservative. And I just look at 1 quarter results and also assuming that the second quarter comes in line, the model shows a pretty significant slowdown from 1 half to second half. So can you just go a little bit deeper into the specifics of the conservatism? For example, if I think about churn, it takes roughly 3 to 4 quarters to churn off of identity platform. So is that an increased risk that you're looking at for the back half compared to, say, signing new businesses?

Brett Tighe

Yes. I think it's a little bit of a mix of both new business and on the renewal side of being prudent about both the things I talked about earlier around macroeconomic uncertainty and also the security incident, right? I mean, we've talked about it before with maybe the impact associated with the security incident, like you said about renewals, may take a little bit longer. So we're just baking those items in to make sure that we're just being prudent at this point. And based on what we see in the business, and from a pipeline perspective, the mix, new business versus upsell, all that good stuff, we're just taking that all into account, into the guidance here today.

Madeline Nicole Brooks

And maybe just pushing a little bit further. This is going to sound very cliche, so apologies in advance. But if you can't weigh them 50-50, what keeps you up more at night? Is it potential churn? Or is it difficulty signing new customers, for the back half of the year in that conservatism?

Todd McKinnon

I would say, signing new customers.

Brett Tighe

I was going to -- I would agree with that 100%.

Todd McKinnon

Yes, as you just tested, we're aligned.

Brett Tighe

Yes.

Madeline Nicole Brooks

Perfect. Love to see that.

Brett Tighe

Well, I think the other thing also, Madeline, is gross retention has remained very stable for years. And so it's been one of those very stable metrics, and so that's something we don't tend to worry about. That's why we focus and talk to you guys about reigniting growth. We talk about hunter-farmer. We talk about partners. We talk about all these things about new logo acquisition and penetrating the base further because that's our main focus and concern.

Dave Gennarelli

Next up, we have Patrick Colville at Scotiabank.

Patrick Edwin Ronald Colville

I mean, for me, the story of Okta over the last 12 months has been some incredible kind of product innovation with governance, PAM and the new models you called out on this call, Identity Security Posture Management and the Identity Threat Protection. I guess how are they going to flow through the financial model in terms of kind of net retention and qualitatively to cRPO? I mean because this is major launches. So when are we going to be able to see that in numbers?

Brett Tighe

I think it really depends on the maturity of the product. I think, obviously, governance is a lot further along, right? And we've talked about hundreds of customers. We still have thousands of customers to go, clearly, based on the math, just total customers minus those hundreds of customers. So that would be the first one to -- you'd start to see in cRPO and also into net retention, but the other ones will trail behind them.
I wouldn't expect for these newer things that are coming out like posture management or threat protection, I wouldn't expect it in FY '25 at all. I probably wouldn't even think it would impact it in FY '26 because we're talking about a $2.5 billion business at this point. It takes a lot of money in any of these products to make a material difference to the overall numbers. So we're setting these up for the long term, not just to harness it for a couple of quarters here or there. So it's really the long-term play that you should expect.

Todd McKinnon

Yes. How we're thinking about this internally is that the -- I think it will mirror the order of broad enablement. So we're broadly enabling people in the following order: governance is first, followed by a combination of posture management and identity threat protection, followed by privileged access. So we think that Identity Threat Protection with Okta AI and Identity Security Posture Management, that bundle could pretty quickly have as much of an impact as governance.
And then we think the next sequential enablement in the next order of impact will probably be Privileged Access. So that's how we're thinking about it internally. And I think that maps out to what you'll see in terms of the flowing through in the financials over time.

Dave Gennarelli

Let's go to Joe Gallo at Jefferies.

Joseph Anthony Gallo

Nice job in a really tough environment. I wanted to follow up on some of the things you said earlier, Todd. You noted large deal strength. And while large deals are growing, new customer adds over $100,000 was down meaningfully year-over-year. So can you just talk through the gross retention rate of that business? And then is there just anything notable to call out between enterprise spend versus SMB or mid-market spend?

Todd McKinnon

The -- your first question, you said that -- is it gross retention or growth retention? What did you say?

Joseph Anthony Gallo

So I was -- so for large deals, $100,000 and larger, year-over-year adds were down year-over-year. So I was just asking on the gross retention.

Brett Tighe

Gross retention.

Todd McKinnon

Yes. I think the -- if you look at the logo numbers, there's no -- it's the softness is in the adds. It's not in the elevated churn rates. So the net is a result of fewer adds, not a result of higher logo churn. So that's, as Brett mentioned -- and that matches up with the dollar gross retention, which has been stable and healthy for many years.
The -- I do think that just there's a lot of opportunity in -- we talk about these $100,000 deals and that number being up 12%. There's a lot of room to expand even in those, especially when you layer on the breadth of the product portfolio now, the customer identity add to the workforce suite, the workforce to customer. And then even within the workforce suite, you're getting a lot of capabilities to upsell governance, workflows, identity threat protection, identity security posture management, privileged access and it's a lot of potential there. So it's one of the reasons why we've seen success in that part of the business, and we're also focused on it for the future to make sure we capture the opportunity there as well.

Brett Tighe

Joe, just to add to that, another dynamic that has happened now 2 quarters in a row is the majority -- vast majority of the ACV that was added in the quarter actually came from customers that are greater than $100,000 already. So it's not like you'd see an add into that cohort because they're already in the cohort. And so we saw that in Q4, if you remember, I said that last quarter. It happened again. So it's -- when Todd is talking about the strength in large businesses, it really is in the cohort that's already in there.
You also see the $1 million cohort continue to be the fastest-growing cohort amongst all the cohorts. So it's really that upper end that we tend to be doing well right now. And we believe that's directly related back to what we've been talking about with macro. These bigger businesses have, one, bigger balance sheets, but also what Todd's talking about, they have more complexity to solve and that's really where we shine from a product set perspective.

Dave Gennarelli

Next, we go to Rudy Kessinger at D.A. Davidson.

Rudy Grayson Kessinger

I guess kind of trying to triangulate on some of the other questions here, the cRPO growth deceleration, the implied growth deceleration, this high single-digit range in the second half and the caution around the new customers. I guess when you look at your top-of-funnel sales activity and pipeline generation just over the last 90 days versus the prior quarter or maybe before the breach, I know you're saying no quantifiable impact to the Q1 numbers from the breach. But how has that breach impacted, I guess, your top-of-funnel sales activity and pipeline generation?

Brett Tighe

Yes. I mean from a pipeline perspective in Q1, that created -- that we had, created pipeline in the quarter was healthy, and we were happy with it. So that's one of the reasons why we're saying here that we're struggling to find quantifiable evidence that there has been an impact related to the security incident. Now granted, there's always the potential that there are deals we're not seeing, but we never really see it in the numbers and the way we track things. So we're limited by what we can see.

Dave Gennarelli

Next, let's go to Gray Powell at BTIG.

Gray Wilson Powell

Okay. Great. So yes, it was good to see the net retention rate stabilize this quarter. I just want to make sure that I'm sort of thinking about the components of your growth profile correctly between the installed base and new customers. So maybe just like what does the recurring revenue look like on the new customers that you've signed up the last 6 to 12 months? And how does that compare to the installed base? Like are you signing up -- are the new customers that are coming onboard, are they bigger customers, same, smaller? And then just how should we think about that going forward?

Brett Tighe

We haven't seen a significant departure from the past. I mean they might be slightly bigger just because enterprise is doing a little bit better. But I mean, it's -- because there's such a deep customer set and such a large amount of ACV, it's hard to sway the metrics with 1 or 2 quarters. It just -- law of large numbers. I don't know, Todd, if you would add anything else to that, but that's how I've been seeing the math, at least from my perspective.

Todd McKinnon

I think I don't have the quantitative analysis that would answer this question directly. But I can tell you some of my experiences and conversations. I think that we still have an opportunity to do a better job having the first deal have a broader set of our products. Often I'm in conversations where I was just in a big deal review for a Q2 deal this morning, where it was still for budget reasons and other reasons that the land set of products was still pretty traditional, single sign-on, advanced multifactor, a little bit LCM.
And I think one thing we can improve on is making that broader, which would mean that, theoretically, there would be less upsell potential, but it will also mean that the customer starts with a broader set of our products upfront. And it would be more expensive and more strategic, and so it's an area to improve. But that's -- those are some thoughts there that might be helpful.

Dave Gennarelli

Next up, John DiFucci at Guggenheim.

John Stephen DiFucci

I -- first, I want to thank Brad for asking the cRPO question, so I don't have to ask Brett that question this time. But listen, I think it's -- one of you mentioned the SMB portion of your customer base and the risk associated with that portion of the market as it pertains to the macro backdrop. But can you comment on the mid-market, like sort of between the enterprise and the SMB? And any changes in demand for that portion of the market and how the identity platform message or the triumphant of like access PAM and IGA is resonating there. I know it's early, but it seems to me that there's just a whole lot of white space to cross sell into that type of customer.

Todd McKinnon

Yes. I think it's something we're really focused on, and it's kind of back to my previous answer. I think it's still -- the platform, the governance, access and privileged and posture management, still early. I think a lot of that segment still thinks about it in the traditional categories and they're trying to solve the access management problem. They're trying to solve the multifactor authentication problem.
And the industry is evolving, and we're helping push it that way. We can make sure we -- everyone knows that they can solve all these problems at once, and there's a better way to do it and simpler and it will increase our security posture. The good news is that, I think, there's a lot of -- I think, more than a couple of years ago, there's a lot more awareness of the security challenge and the security risks there, which I think is every breach and every month and every quarter, the entire world gets more aware of it, but particularly in that segment is something I've noticed as well.

John Stephen DiFucci

Is my assessment, Todd, of that market accurate? Like I think of PAM and IGA as traditionally large enterprise markets or products. But it seems to me like -- I mean, you're there too, but your sweet spot -- I know you're in the large enterprise. But you compete also in the sort of mid-level smaller enterprise, and that just seems like they don't have those products because they're...

Todd McKinnon

Yes, it's very true. So the -- and if you go back 10 years ago, there was no real mid-market access management product either. It was Active Directory if you had Windows clients and Windows servers and Windows printers. An Active Directory was your identity management system. And Okta changed that. Okta was the first real mid-market identity product and access management product.
And so now you're seeing the same thing happen in the other markets with privilege and governance, where SailPoint has been more large enterprise; CyberArk, the same thing. And we're really the first really viable mid-market solution for that thing, for that set of capabilities. And at the same time, like in a lot of these markets, the disruptor is moving up.
So now these large enterprises are -- this is -- we're talking about a -- it's just -- it's -- if you step back, and we're so -- in Okta, we're so hard on ourselves and so hard driving. We want to have success in everything. But if you take a step back, you got to realize that, I mean, a major Department of Defense agency just standardized on Okta. And this is like, this is -- we've changed the world. I mean we've brought cloud access management to this part of the government, and this really customer that has high standards and really check things over. And we're going to do the same thing for governance in the enterprise as we -- and we're going to do it for the governance and privilege in the mid-market and customer identity. It's a pretty exciting progress.

John Stephen DiFucci

The numbers this quarter speak for themselves.

Dave Gennarelli

Great. Let's go to Andy Nowinski at Wells Fargo.

Andrew James Nowinski

So it seems like identity security is the cornerstone of Zero Trust and meaning that you can't have Zero Trust without having a strong identity solution in place. And none of the SASE providers out there have identity security. And then we see Okta winning, as you just mentioned, the DoD deal, which they're currently deploying SASE as part of that Thunderdome contract. So I'm wondering, are you seeing Okta getting pulled into more deals as part of Zero Trust or SASE projects? And then more specifically, on the DoD deal, do you think that could be a beachhead win for Okta in the federal market, which could lead to other agencies following their lead in consolidating Okta?

Todd McKinnon

Yes. As exciting as this deal is, it's not the entire DoD deal. It's one agency in the DoD. So it's a significant deal for us. It's a 7-figure ARR deal, but it's not the entire DoD. That would be like a mega deal. But it does have the potential to do what you're saying, which is in the defense community and then the broader federal government and then the trickle down to state and local. The reason we're -- one of the reasons we're excited about it is because it could have that -- really set that precedent and drive the market forward there, which is exciting.
The interesting -- it is -- the comments about Zero Trust are interesting. You have to have a good identity story. And I think what I've seen is that, many times, people, when they say Zero Trust, they mean their approach is like they do something on the end point. They do something on the network, and they do something in identity. And many times, they'll take a -- initially, they take a good enough identity approach. They'll use legacy identity. Maybe they'll use Microsoft identity. And what they learn is that the benefits of the strong network and strong end point aren't really realized without the identity because the threats are moving toward identity, 8 out of 10 data breaches involve some kind of compromised identity.
So as customers get the basics, end point and network in place, the threat actors have already moved on. And they're going after the accounts, and this good enough identity or this legacy identity is just not enough. And I think you're seeing customers start to realize that more and more. And unfortunately, some of the breaches out there are making that very apparent. So we have a lot of opportunity, a lot of work to do to help the industry be better defended, better -- get to a complete Zero Trust solution, which is what we're very focused on.

Dave Gennarelli

Next up, Josh Tilton at Wolfe Research.

Joshua Alexander Tilton

Maybe just a two-parter for me. I guess the first one is you guys keep talking a relative strength and growth from your million-plus cohort. And I'm just trying to understand, is the faster growth that you're seeing upmarket a function of these customers actually improving their spending behavior? Or is it just more of a relative game and the smaller customers are being impacted more by the macro dynamics that you guys are calling out?

Brett Tighe

Yes. I mean from a growth perspective -- and when we talk about the fastest-growing cohort, we look at both ACV percentage growth and also customer logo count in that cohort. So it doesn't really have a compare versus the other smaller customers. It's just a compare against itself. So we continue to make inroads into that -- into those larger enterprise and strategic customers we talked about, and Todd just talked about one of them earlier. They are already a 7-figure customer, became a larger 7-figure customer. And yes, it doesn't account for the customer account but accounts for the ACV, the annualized contract value. So we look at it both ways to be able to make sure we're not coming away with the wrong conclusion of how we're doing in that specific segment.

Todd McKinnon

Yes. I was going to -- I was thinking about your question. I was going to say kind of the cop-out answer, which is both. I think you are seeing definite changes in behavior. You're seeing people thinking about standardizing overly complex, brittle, nonintegrated identity deployments. I mentioned the example of a customer that has 70 identity tools, and they wanted to get that down.
You're seeing a better -- I think, a faster acceleration of the ability or the desire for a large enterprise to want to use a cloud identity security piece of infrastructure like Okta. That's -- a lot of times, these big enterprises, they have hundreds and hundreds -- teams of hundreds and hundreds of people that have owned the legacy identity stack. And sometimes that's -- those folks are reticent to change. And so you're starting to see more of that behavior change.
And then -- but also, I think it is true that in our business, where people -- I think our business mix is more toward mid-enterprise than people expect. So I think as we grow and mature in the large enterprise and have continued portion of our business there, we're going to surprise some people in terms of the impact that segment will have on our overall numbers and our overall growth rate and market presence and all of the financial metrics that will follow that.

Joshua Alexander Tilton

That makes sense. And maybe just a super quick follow-up. A lot of my peers congratulating you on a good print and a tough [take]. There's been a lot of underwhelming results in software, like even in security. I know you mentioned the macro was consistent with what you've seen in previous quarters. But what I want to try to understand is like how did the macro compare to what your expectations were heading into the print. Did things kind of play out the way you were expecting? Was it better or was it worse?
And maybe given the conservatism in the back half that you've been called out on a few times this quarter, like help us explain what's baked in there from a macro perspective, and maybe just help us understand -- you talked to this conservatism in there from the breach impact but you keep telling us that it's not quantifiable today. So like how does the magnitude of what's baked into the guidance related to the breach compared to what is an unquantifiable amount?

Todd McKinnon

Yes, yes. That's a -- let me try to take a shot at that. So in terms of the Q1, the -- I think we were -- I think we had really high hopes that the macro is going to be different, and it ended up being the same. So I mean I think -- yes, that's how I would answer that. If you just look at all the inputs coming into the quarter, there's a chance that it could really be a different environment in terms of macro and it kind of ended up being consistent.
So I think in terms of your question about guidance and how we're thinking about the future and what's baked in and what's not, I think we've talked about macro, and I think we're going to have to see a quarter where we get excited about the macro being different, and it is different. That would give us more comfortable to think -- give us more comfort that it's going to be different going forward.
And then the security is -- I think it's just time. I think we've really done a lot of great work making Okta more secure, having conversations with customers, helping them understand how our products and our -- what we're doing as a company can help them be more secure and learn from us. And the conversations are positive and the conversations are reassuring that we're doing the right thing, and it's resonating, et cetera, et cetera. But I just think maybe more time in terms of putting the security issue in the rearview mirror is going to give us more confidence in terms of taking that factor out of the guidance.

Brett Tighe

Yes. I would just add, Josh, thank you for that seven-part question as well. And the...

Joshua Alexander Tilton

I want to make you smile.

Brett Tighe

You beat Eric on his three-parter. The only thing I would add is, look, one of the things just from like a -- we don't see all the deals, Todd and I, but one of the things we get exposed to is some of the larger deals and is really -- you're still seeing budgetary thought out there by a lot of customers. Like it's still on top of a lot of people's minds, and they're really rationalizing software spend. I mean we're doing the same thing to our vendors. So we were hoping to not see that, right? That's probably the biggest thing.
If you're just -- there's no plot that we can point -- I mean, there is a little bit. We do track that to some extent. But like you just hear about it from our sales team of just there's still people out there being very -- they're scrutinizing their spend a lot still. So love to see that to stop happening. And then I think Todd talked about the security incident and the potential impacts. Like we've done a lot like Todd was saying, but I also would say there's more for us to do, right?
We've got the Secure Identity Commitment out there. We've made some -- we've made a lot of progress, but there's still a lot of investment and a lot of things that we need to do. And I think we've done a lot of great work. I'm really proud of the team. We should also thank the team. They've done an amazing job, but we still need a lot of work to do there. And so we need to make sure that we're being thoughtful about that in the guidance as we move forward. Like Todd's saying, time will help, but we're going to just be thoughtful at this point given we're only a couple of quarters out.

Dave Gennarelli

Let's go to Rob Owens and his one-part question.

Robbie David Owens

One-part and I'll keep it easy here. You guys for a while had talked about channel transition that you've been seeing away from the traditional reseller channel. Just looking for an update relative to what you're seeing on that front.

Todd McKinnon

Yes, the transition or the maturation, I would say, of our partner program is ongoing. It's having good success. In general, there's 2 things that have happened. One is that we -- and this is going back a year or so, so this isn't a new thing. This is an ongoing evolution.
We really focused on fewer partners and poured more researchers and fewer partners, and it's expected more from them in terms of the activities they were doing that were sourcing deals and maturing deals and closing deals or renewing deals instead of just having a super broad program that just was more focused around fulfilling orders and processing paper, which makes sense because identity is complex and the more we can get an ecosystem enabled and help customers understand the technologies and how they can implement it, et cetera, et cetera. And then at the same time, really emphasizing on working with the largest SIs in the world to help some of these big strategic customers make these decisions around identity and hopefully have Okta products and technology included in some of those decisions.
Yes, and it's going really well and -- but I think, particularly in the largest enterprises, the fruits are just starting to really, really bear out for us. And we're optimistic about how that can really move the needle in the next couple of years.

Dave Gennarelli

Great. Let's go to Alex Henderson at Needham.

Alexander Henderson

Great. Can you hear me?

Dave Gennarelli

Loud and clear.

Alexander Henderson

Perfect. So first off, congratulations on a nice quarter, and thanks so much for the conservative guidance. And I will say, we've gotten a lot of very positive feedback from the channel about your steps of the channel, particularly with the VARs.

Todd McKinnon

That's good to hear.

Alexander Henderson

What I have been hearing, though, is that there is a shift in the marketplace among the C-suite from fear about the economy to, gee, I need to focus on how I'm going to implement AI. And in that context, there's uncertainty around the mechanics of what they need to do to secure AI within their organizations.
And I guess my question to you is we're hearing the pipelines of the VAR channels, particularly in security, are extremely robust into the back half of the year. But the uncertainty around AI decision is keeping people from implementing it. So how robust is the pipeline that you're looking at? And are you, in fact, hearing that from your C-suite customers when you talk to them?

Todd McKinnon

Yes. What I've heard is everyone is figuring out how they can deploy this new wave of technology to their products and services and business and how they can use it for security and how they can use it for innovation. But they're not at the stage where it's broadly impacting other plans. It's more of like a -- their planning exercise at this point. I think that might change in the future.
And my bet is that they're going to be building new apps. They're going to be deploying more technology from vendors that are building apps with AI built in, which is going to -- all of that's going to lead to more identity. They're going to have to log people into their new apps they build. They're going to have to secure the privileged accounts that are running the infrastructure behind the new apps. They're going to have to make sure that people in their workforce can get to the apps that are the latest, greatest AI-driven experiences for support or for other parts of the business. So I think that identity is one of these foundational things that's going to be required whether it's the AI wave, which is going to be really real and impactful and -- or whether it's whatever comes after that.

Alexander Henderson

So not impacting spending today but might impact to help it in the future.

Todd McKinnon

Yes, yes. That's how I see it.

Dave Gennarelli

Next up, Peter Levine at Evercore.

Peter Marc Levine

Maybe just 2 for you, Brett. One, any color you can share just in terms of customer SIEM versus workforce this quarter? I know you don't give it every quarter, but just directionally how that's looking, assumptions for the year. And second is net retention at 111%. I mean are you assuming that this is the trough that we shouldn't see this tick any lower throughout the year as these tenured reps ramp. Like we'll see that accelerate. But just curious if that 111% is in your assumption that -- based on your guidance.

Brett Tighe

Yes. So from -- I'll answer them backwards. So I'll take the net retention one first. In terms of net retention, right now, we're at 111%, flat with last quarter, 111%. Based on our model right now and based on our assumptions around new business versus upsell mix based on the pipeline that we see and the pipe create, we think we can -- we'll fluctuate plus or minus a couple of points from here.
If you remember last quarter, I said basically the same thing. It's really down to new business mix versus upsell mix. So if we get a little bit more new business, maybe a little bit of a headwind in net retention. If we get a little more upsell, a little bit of a tailwind to the net retention rate.
So in terms of your question around SIEM versus workforce, we had a solid Q1. One quarter won't make the difference in how the mix of the business changes, so we'll update you guys likely next quarter on how the trends are going there in terms of the total -- last quarter, for everybody's memory, it was 60% workforce growing 17% year-over-year and 40% customer identity growing 21% year-over-year.

Todd McKinnon

Yes. And that's ARR.

Brett Tighe

Yes.

Dave Gennarelli

All right. Next up, Jonathan Ho at William Blair.

Jonathan Frank Ho

Just with your Identity Security Commitment, I know there was some talk about pausing the product development as part of that process. Can you talk a little bit about the impact on your products from the identity commitment and maybe what some of that feedback has been from your customers?

Todd McKinnon

The -- we -- in the fourth quarter of last year, we had a 90-day pause on everything that was in security, and the impact for customers was very interesting. So the product teams did product work during that pause. And the product work was all focused on very simple priority, which is attackers know that Okta products are the standard in all these customers. So they're assuming that these products will be there. And if the setups aren't secured by default, they're going to exploit that. So the product teams were tasked with going and making them secure by default.
So customers receiving, after that 90 days, the features they have received, whether it's MFA required, whether it's step-up strong authentication required for sensitive actions, whether that's using our governance product govern the requesting and the granting of elevated roles inside of Okta, all this stuff was product benefit that the customers received. So it wasn't the same kind of product benefit. It wasn't like a new capability in their product. It was making the product they already owned have a better security posture. So that was a very positive thing that they received.
The -- it did delay some of the announcements. Like it did delay Identity Threat Protection for about a quarter, but now that's released in early access. So the delays were part of the reality, but I think some of the innovation has already been shipped and you'll see that start to really ramp up now that the product teams aren't at that 100% focused. They still have a different mindset now. They're still building all this secured by default and these capabilities and this value into the products, but they're able to go back to some of the regularly scheduled road map items at this point.

Dave Gennarelli

Okay. Let's see how many more we can cover in the next 5 minutes till about 10 after. So let's go to Matt Hedberg at RBC.

Matthew George Hedberg

Great. Quick one for me, Todd. Congrats on the pending GA of Identity Threat Protection. I guess for those new modules, and I guess Okta AI in general, how are you thinking about just pricing and monetization just sort of longer term? I mean how do we think about that impacting deal sizes over the long term?

Todd McKinnon

Yes. I think that the -- it's -- Okta AI will be monetized through 2 ways. one will be new products like Identity Threat Protection with Okta AI; and the other way, it will be -- it will just make products better. For example, the Identity Security Posture Management, it has a new capability that's going to be added to that product that's just going to make it smarter about how it detects service accounts. That Identity Security Posture Management scans a customer's entire SaaS estate, and says, here are all the things you should look at. You should take -- this account needs MFA. This other account is -- probably has overly permissive permissions.
The challenge there is how does the customer know which of those accounts are service accounts, so they can't have human biometrics. And we added -- we used some AI capability to add that to the scan. So that's an example of just the product gets better versus Identity Threat Protection is like it's a whole new product enabled by that. So that's -- you'll see that consistent across all of our products, those 2 patterns.

Dave Gennarelli

Yes. Let's go to Roger Boyd at UBS.

Roger Foley Boyd

I wanted to come back to net retention and upsell in particular. Some others in the software space are clearly seeing the impact from seat count reductions or less seat count expansions getting worse in the first quarter, as they renewed some multiyear deals. It seems like the message from Okta is that net retention is starting to stabilize. So I'm wondering if you have a specific view on the seat count headwind. Is that stable, getting better, et cetera?

Brett Tighe

It's definitely a headwind to growth. Just forget net retention. It's a headwind to growth. It's also a headwind to net retention. We don't see it getting worse, but it's still not nearly what it was a few years ago. And so it's -- yes, we'd love to see it get better. I mean it's definitely holding back the growth of the...

Todd McKinnon

Yes. What we'll see is we'll see a customer will add a couple of new products but the seat count will go down, so the dollar value of the deal will stay the same or maybe go up a little bit. And 2 years ago, it would have gone up 25% because they would add new products and the seat count would have gone up too. So that's how you get some of those dynamics in the business.

Brett Tighe

And to be clear, it's not just seats, like employees. It's also monthly active users on the customer identity side. It's happening in both environments, so it's really macro-driven.

Dave Gennarelli

Peter Weed at Bernstein.

Peter Weed

You emphasized that kind of the growth acceleration is a key priority this year, which is amazing. Obviously, we'll have to see that but at the same time, that you're emphasizing that there's a trade-off between kind of upsell and new customer growth, which kind of, at least to me, implies that you're bottlenecked at sales capacity. Like how do you see kind of unhooking that trade-off, so each of them can be growing on their own and you can make kind of strategic investments to really get both flying?

Todd McKinnon

I think there's -- one of the reasons why we're doing the hunter-farmer model in the SMB segment is to unlock that bottleneck. So what we found is that sales productivity and sales resources was going to the upsells because we were having more products to sell. There was -- the economy was changing, so on the margin, it was easier to sell to existing customers. So we have that structural shift in the SMB particularly because that's been the hardest, most impact economically to unblock that bottleneck.
I think enterprise is a different story. I think, as I mentioned a few questions back, we are adding capacity there. We have a big opportunity there to run. And it's -- so I don't feel like we're -- I don't feel like we have to make that trade-off in that segment.

Dave Gennarelli

Let's go to Adam Borg at Stifel.

Adam Charles Borg

Maybe for Todd, a few minutes ago, you talked about the opportunity with service accounts. So maybe just more broadly on the nonhuman identity side. Just how do you think about nonhuman identity? Obviously, one of your competitors is getting deeper into the machine identity space.

Todd McKinnon

I think it's interesting. I think there's a lot lumped in there, everything from some of these companies were -- 10 years ago, they were peak AI companies. And the industry -- identity got popular, and then everyone wanted to be an identity company. So now they're machine identity companies.
I tend to look at the problem through the lens of customer challenges and how they think about the problems. And customers think about things very pragmatically. They have all these accounts. They want visibility into all of them. They want to have them not be vulnerable to phishing. So for human accounts, they want phishing-resistant factors like MFA or biometric MFA.
For machine accounts, they want session binding and they want vaulting of the tokens, et cetera, et cetera. And that's what we're trying to solve whether it's through the Identity Security Posture Management, whether that's other enhancements to the portfolio that will solve that customer problem. So that's -- I think, in that sense, it is a real opportunity. It is a real need for customers, and that's what we're focused on.

Dave Gennarelli

Okay. Let's do one final one with [Brian]. And Ittai, Taz and Joel, my apologies, we'll catch you on the after call. Brian , go ahead.

Unidentified Analyst

Sorry, got on mute. Maybe, Todd, I want to go way back to the acquisition of Auth0, and I think they had a couple of thousand enterprise customers. What's the overlap between SIEM and workforce at this point? And given the overall trends in the market to consolidate onto platforms and limitations for logo expansion, what opportunity do you have to, I guess, cross sell between SIEM and workforce? And what might the barriers be that you're seeing or the friction be in that market?

Todd McKinnon

Yes. I think there's a ton of opportunity. I think the biggest dynamic in that market is that the customer identity market is -- it's really a couple of different markets. One market is the market that the company is not a tech company. They're nontechnology, so that means the CIO probably owns the customer-facing website and the app a customer may have versus a tech company where the customer identity is owned by the product, Head of Product or the CTO and it's -- so to consolidate, we do really well when the CIO is the buyer of customer identity because the buyer of workforce identity and the buyer of customer identity is the same thing.
I think it's less consolidation when the buyer is VP of Product or Head of Marketing. So that's why Auth0 was so compelling because that platform gave us a chance to reach that buyer and really appeal to multiple buyers within the enterprise. The downside of that is that, on the margin, sometimes it's harder to make that sale. But when you do make it, you're in a much more strategic position at the customer because you're serving multiple departments and multiple C-level executives in that organization.

Unidentified Analyst

So any sense of what incremental overlap or that you can take advantage of at this point? Or are you pretty much saturated there just as far as you can tell?

Todd McKinnon

No, no, no, I think there's -- I mean, all this talk -- this call about the potential upsells and the expansion on the workforce side, the biggest expansion opportunity we have is selling customer identity to the workforce customer base. If you just look at the Venn diagrams, that's the most greenfield there.
And within that, I think it's easier when it's a company that the CIO, our traditional buyer, also owns the customer identity. It's more challenging when they don't. But when they don't own it, it's probably coming through an engineering team or an app dev team, and we have the best developer platform, customer identity solution out there. So that gives us a leg up even if the buyer may be different.

Dave Gennarelli

Great. Thanks, everybody, for staying late. Before you go, I just want to let you know that in addition to hosting several on-site and virtual bus tours this quarter, we'll be attending the NASDAQ Investor Conference in London on June 11, and we hope to see you at one of those events. Thanks, everyone.