<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Device Assurance Policies Disappeared or Unavailable
Nov 20, 2025
Devices and Mobility
Okta Identity Engine
Overview

Some of the following errors are encountered when trying to set up Device Assurance policies: 

  • Before you can create a policy rule that specifies the device: antiVirus, Okta Support needs to enable a setting for your org.
  • Before you can create a policy rule that specifies the device: autoUpdateSettings, Okta Support needs to enable a setting for your org.
  • Before you can create a policy rule that specifies the device: securityCenterService, Okta Support needs to enable a setting for your org.
  • Before you can create a policy rule that specifies the device: firewall, Okta Support needs to enable a setting for your org.
Applies To
  • Okta Identity Engine (OIE)
  • Device Assurance
Cause
  • Adaptive MFA SKU licensing is missing.
  • If the Adaptive MFA SKU is enabled on the tenant, this behavior is caused by Okta FastPass being disabled from Security > Authenticators > Okta Verify.
Solution
  • If the licensing for Adaptive MFA is missing

This is a paid feature required for complex, risk-aware authentication policies. To purchase or enable the Adaptive MFA license, please contact the designated Account Executive (AE) or Customer Success Manager (CSM).

  • If the license is already active, ensure the FastPass Enrollment setting is properly checked in the Okta Admin Dashboard.

 

  • Okta Verify is disabled 

If Okta Verify is disabled in the enrollment settings, the "Managed" device status cannot be used in the Authentication Policy.

    • To enable Okta Verify. navigate to Security > Authenticators > Okta Verify.
    • NOTE: Registering a device does not automatically make it " Managed". After registration, the user must complete a successful Okta Verify FastPass authentication on that device. This sign-in step updates the device's status to "Managed."
    Conclusion: To avoid the situation mentioned above and to successfully flag devices as "Managed", both Adaptive SKU and Okta FastPass Enablement are needed.  
     
    Without FastPass being enabled:

    FastPass disabled   Authentication Policy 

     

    With FastPass being enabled:

     

    FastPass enabled Authentication Policy 

     

    Recommended content

    Still looking for help?
    Loading
    Device Assurance Policies Disappeared or Unavailable