This article provides steps to resolve an issue where a device is shown as "Not Managed" in Okta. This can occur after a device is deleted from Okta for troubleshooting or for other reasons.

• Okta Identity Engine (OIE)
• Device Management
• Mobile Device Management (MDM)
• Okta FastPass

This issue occurs when a managed device is deleted from the user's profile in Okta. This action invalidates the device management certificate, causing the device state to change to "Not Managed".

To restore the managed status of a device, the old certificate must be removed and a new one must be deployed from the MDM platform.

1. On the affected device, remove the old management certificate. Refer to Verifying Device Management Simple Certificate Enrollment Protocol (SCEP) Certificate Installed Successfully on Desktop OS to find the certificate location for the relevant operating system.
2. From the MDM platform, deploy a new management certificate SCEP profile to the device. For detailed instructions, see the relevant guide:
   • Configure delegated SCEP for macOS devices using Intune
   • Configure delegated SCEP for Windows devices using Intune
3. After the new certificate is deployed via SCEP, the user must sign in to an application protected by an authentication policy that requires Okta FastPass.
4. This authentication action prompts Okta to check the device's management status, and the device state will change to Managed.

Related References