This article provides a solution for when trying to set up Device Assurance with ChromeOS to do a managed attestation check, and it does not work on a custom domain, but it does work on an Okta Org URL: https://[domain].okta.com.

When Device Assurance on a custom domain shows "Authenticate" and does not seem to do the device probing check, instead of showing the "Collecting device signals". 

• Okta Identity Engine (OIE)
• Device Assurance
• ChromeOS Device Trust Integration

This issue happens when the required SIW version is not run.

Verify what SIW version is running the latest version, as we are expecting the version v7.6.0+ in order to use Chrome DTC.

1. On the Admin dashboard, go to Customizations > Brands.
   1. If using a custom domain, should see at least two brands, one is the okta-provided domain [subdomain.okta.com] the other is the custom domain name.  Select the brand that uses a custom domain.
   2. From there, a few tabs at the top should be visible. The Pages tab should be selected.
   3. Sign-in Page should be an option visible next to the End-User Dashboard and Error Pages. Click Configure under the Sign-in Page.
   4. Select the Settings tab at the top of the page, and there is a space for the Sign-in Widget Version.
2. After upgrading to the required SIW version, log in to Chrome and should be able to see the page "Collecting device signals" when signing in.