End User Configuration
Your end users first need to upgrade to the latest version of the Okta Verify Mobile app (Version 2.0.5 and above for iPhone, Version 220.127.116.11 and above for Windows devices, and Version 2.0.5 and above for Android).
Note: If you need to rename your existing Okta subdomain for any reason, security dictates that your active end-user Okta Verify enrollments be reset. For more details on renaming subdomains, see Renaming Your Okta Subdomain.
If the user doesn’t already have Okta Verify configured, they'll need to go through the standard Okta Verify enrollment process to configure it.
Do so as follows:
- From your (end user) Okta Home page, click the drop-down menu next to your name, then select Settings.
- Scroll down to the Extra Verification section and click the Setup button adjacent to Okta Verify Mobile App.
The Set Up Okta Verify screen appears.
- Choose your device type (Apple, Android, or Windows):
- Click the Next button.
- Scan the bar code that appears with your device. If you have issues scanning the bar code for any reason, click the Problems scanning barcode? link.
- From this screen, you can select to have an activation link sent to an email address, a cellphone via SMS; or to setup Okta Verify manually, without Push Authentication. If you select the manual option, the screen expands as follows:
- Continue configuring Okta Verify manually, as described in Configuring Multifactor Authentication.
End User Experience After Enablement
End users experience the following on their next sign in to Okta.
After successfully signing into Okta, the Sign in with Okta Verify challenge screen appears.
Ensure you have access to your mobile device as you are prompted to verify by either:
- Selecting Push to device to use push authentication. OR
- Clicking the Okta Mobile app from your mobile device and entering the one-time code into the Enter code field. If you opted to configure Okta Verify manually, you will only have the option to enter a code, not to push to your device.
If you opted for push authentication, you have two options:
Have a notification sent out to your device
Tap the Approve icon on your device to approve the verification request.
You are signed into your account without any further action.
Use the automatic push option
Click the Send push automatically check-box.
For this first instance, you are still required to click the Push to device button on the Okta Sign On page. After you've completed this initial verification, simply touching the Approve button from your mobile device signs you into Okta without further action.