Hi @Timbus, thanks for the question and for the interest in Boundary!
On the Okta integration - this is coming soon! We are actively working on an OIDC authentication method that will be available in an upcoming release. For more information see our public roadmap.
For target mapping, we have a similar ask being tracked on this discuss thread and this github issue.
While it’s not in yet in our near-term roadmap, assigning targets to particular workers is very much in our vision for Boundary for the reasons you cited - improved latency and fine-tuned access controls to resources residing on private networks. Our team is actively discussing this but we still need to continue investigation before we can commit to a timeline publicly.
As for the bonus question - currently clients can only connect to a target’s default-port defined by an admin. As a work-around you could just create a separate target for each port that clients might use to connect.