<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Fido2 WebAuthn is Unsupported for Remote Desktop Connections with Okta Windows Credential Provider
Jul 8, 2025
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview
Fido2 WebAuthn is not supported for Remote Desktop with the Okta Windows Credential Provider.
Applies To
  • Okta Windows Credential Provider
  • FIDO2 WebAuthn
  • Remote Desktop (RDP)
Cause

Okta Windows Credential Provider uses a core version of IE/Edge (embedded browser). As such, FIDO2 webauthn is not supported/functional, as Okta does not support embedded web browsers for WebAuthn-based user verification documentation.

Solution

Allow the use of another MFA Factor, such as Okta Verify, SMS, Phone, Yubikey, or similar OTP.

A potential workaround to implement biometrics would be through Okta Verify.
 

  1. Okta Classic Engine

From the Admin Console, navigate to Security > Multifactor.

  • If Okta Verify is not enabled, enable it and click Edit.

    • Enable the "Require Touch ID or Face ID for Okta Verify (only on iOS)" option.

  1. Okta Identity Engine

From the Admin Console, navigate to Security > Authenticators.

  • On the Setup tab, click the actions drop-down corresponding to Okta Verify, and choose Edit.

    • From here, modify "User verification" from "Preferred" to "Required".

 

Related References

Recommended content

Still looking for help?
Loading
Fido2 WebAuthn is Unsupported for Remote Desktop Connections with Okta Windows Credential Provider