Articles

IntroductionDemosmacOS Demo – The Device-Bound SSO ExperienceWindows Demo: TPM-Backed ProductivityEarly Access Feature ActivationCreating the DBSSO Authentication RuleImplementing Device-Bound Single Sign-On on macOSmacOS PrerequisitesImplementing the Configuration in Jamf ProImplementing the Configuration in Microsoft IntuneImplementing Device-Bound Single Sign-On on WindowsWindows PrerequisitesDesktop MFA policies for WindowsEnabling the “Okta-Joined” StateActivating Direct AuthenticationFinal thoughts Introduction In the modern cybersecurity landscape,…

Okta Desktop MFA Configuration In the Admin Console, go to Settings, Account, Embedded widget sign-in support.And ensure that the Interaction Code checkbox is selected. Now navigate to Applications –> Applications, click Browse App Catalog and search for Desktop MFA. Click Add integration Retrieve the Client ID and Client secret, these will be required during deployment. Set the Application username format to match your organization’s requirements (e.g., user principal name for Azure…

Table of ContentsOkta PSSO Setup and IntegrationSetting Up the Okta PSSO Application Okta PSSO Setup and Integration In this section, we will cover the initial steps for configuring the Okta PSSO application and establish the necessary SCEP (Simple Certificate Enrollment Protocol) configuration.  Setting Up the Okta PSSO Application Navigate to Applications > Applications. In the application catalog, search for Platform. From the…

Table of ContentsIntroductionPrerequisitesConfigure management attestationDownload x509 certificateCreate CA in Workspace ONEAdd Certificate Template in Workspace ONECreate device profile for Okta Intermediate CACreate user profile to deploy the Okta CA-issued client certificateVerify the certificate installation (Windows)Verify the managed flag in Okta Introduction You can ensure that devices are managed by an endpoint management (in my example Workspace ONE) tool before…

Table of ContentsIntroductionRequirementsConfigure Okta Verify Number ChallengeSign in overviewDemo Introduction In the latest Early Access Okta Verify Release for  (4.8.1) Okta now supports Push notification (number challenge) for Okta Device Access Desktop MFA. Users can choose whether to include a number challenge with an Okta Verify push notification.The number challenge verifies that a sign-in attempt to an app protected by Okta came from the intended user…

Table of ContentsIntroductionPrerequisitesCreate/Adjust Desktop MFA PoliciesConfiguration steps Self-service password reset overviewDemo (AD Users) Introduction Self-service password reset allows your users to initiate a password reset if they’re locked out of the computer. Self-service password reset requires users to be online.Users can’t initiate a password reset without an internet connection.The self-service password reset function is designed for…