This article will explain how to set up Okta FastPass so that users can access any application without entering credentials. Okta Verify will perform a silent check and authenticate the user using Okta FastPass as the Multi-Factor Authentication (MFA) method.
- Multi-Factor Authentication (MFA)
- Okta FastPass
- Okta Identity Engine (OIE)
To allow users to access an app seamlessly, without needing to enter any credentials or click any buttons, admins should ensure the following settings are in place:
- A Global Session Policy where MFA is set to Required.
2. Okta Verify remains open during the session.
3. Users are enrolled in Okta Verify (with devices registered).
4. An Authentication Policy Rule that includes:
-
- Device state is set to Registered (either Not managed or Managed).
5. The option for Possession factor constraints could be with or without the options presented.
6. Option for - User must authenticate with could include:
-
- Any one factor type (it must be used with OktaFastPass).
- Possession factor > Okta FastPass.
If any of these requirements are not met, users will be prompted to either click Next after entering credentials or select Sign in with Okta FastPass if the admin has enabled this option.
