<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Okta Desktop MFA Configuration without Adaptive MFA

Last Updated:

Okta Device Access
Okta Identity Engine

Overview

This article outlines necessary changes to configure Desktop MFA with the Device Access SKU only (without the Adaptive MFA SKU).

Applies To

  • Okta Identity Engine (OIE)
  • Okta Device Access (ODA)
  • Desktop MFA for Windows

Solution

Okta Device Access (ODA) requires the device certificate to be deployed to the computer. An external Certificate Authority (CA) or Okta's CA can be used for this purpose.

Follow those steps to use the CA specifically for Okta Device Access:

  1. In the Okta Admin Console, go to Security > Device Integrations.
  2. Ensure to select the Device Access tab. Do not configure Endpoint Management because the Desktop (Windows and macOS only) platform will not be available, according to the Unable to Add Platform for Mac and Windows in Device Integrations article when the Adaptive MFA SKU is not available.
  3. Click on Add SCEP configuration.
  4. In the MDM, deploy a configuration profile set to Computer Level

Device Integrations

 

Related references

Recommended content

Still looking for help?
Loading
Okta Support - Okta Desktop MFA Configuration without Adaptive MFA