Introduction In this blog post, I’ll take you on a journey how to configure Okta Device Access Desktop MFA if you use Microsoft Intune as your Mobile Device Management (MDM) solution for your macOS device fleet.We start with the configuration on Okta and show how to create the necessary configuration profile on Intune side.Have fun reading the blog and then, of ..read more

Client-Initiated Backchannel Authentication (CIBA) is rapidly gaining traction and showing promise in delivering a secure and seamless experience during sensitive transaction verification within a digital application. Here are some notes about this interesting development and how Okta is pioneering its adoption ..read more

Okta’s Advanced Server Access (ASA) eliminates password and SSH-key challenges with just-in-time, ephemeral certificates, improving security and user experience. While ASA doesn’t support transactional MFA, Okta’s RADIUS agent with the libpam_radius module enables sudo step-up MFA. The guide details RADIUS agent setup, server configuration, and sudo entitlement adjustments for enhanced security ..read more

April 2024 : This is a Early Access feature. In the next phase Okta Device Access enables end users to complete their challenge with a FIDO2 security key to login to their macOS devices.In this blog post you will get an overview, how to setup FIDO2 authentication, how the user experience is looking like and ..read more

This short post is for the information of people who may look at some of the older OIG API and Workflows articles on this site and find they no longer work. You should be using the Okta Connector with the Custom API Action card now instead of the old generic API Connector card. The OLD ..read more

April 2024: This is an Early Access Feature! Introduction Since the initial release of Okta Device Access for Windows, many exciting new features such as Self-service password reset or number challenge have been developed and released.Now we are announcing the next exciting one of Okta Device Access the Passwordless login for Windows endpoints! If the ..read more

This article is a walkthrough of the new Govern Okta Admin Roles feature in Okta Workforce Identity Cloud (WIC). Overview of the Feature This new feature builds on the flexible and customisable administration roles that have been available on Okta WIC for some time. It treats the Okta Admin Console as an application with entitlements ..read more

Workspace ONE Launcher lets IT administrators design a custom home screen for Android devices. You can easily layout your applications and branding using the Workspace ONE UEM admin console. Once set up, the Launcher automatically replaces your regular home screen and enforces IT policies for both the device and apps. It’s designed with frontline workers ..read more

This article is to help with Backup and Restore process for Okta Privileged Access (OPA) components managed and maintained outside of the Okta infrastructure. Backing up your Okta PA server agent and Gateway configurations is a proactive safeguard against downtime, and other unwanted negative impacts to your business. OPA does not have capabilities to back ..read more

This article explores the mechanisms available to help troubleshoot issues with Self-Service Password Reset (SSPR) with Okta Device Access in a Windows Domain-joined environment. There are multiple components involved in a SSPR flow with Okta Device Access and understanding the components, flow and where the components log messages is useful for troubleshooting issues. Note that ..read more