<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
MDM Compatibility with Okta Device Integrations
Apr 20, 2026
Devices and Mobility
Okta Identity Engine
Overview

Okta provides broad compatibility for Mobile Device Management (MDM) platforms that support the core underlying technologies required for device integrations. Administrators can integrate Okta with any MDM solution that supports Simple Certificate Enrollment Protocol (SCEP), managed application configurations, and Single Sign-On (SSO) extensions. This flexibility allows organizations to select the MDM vendor that best meets business requirements.

Applies To
  • Okta Identity Engine (OIE)
  • Mobile Device Management (MDM)
  • Okta Device Integrations
  • Okta Device Access (ODA) 
Solution

What is the Okta support policy for Mobile Device Management platforms?

Okta focuses on broad compatibility and a standardized set of modern security protocols rather than a fixed list of certified vendors for Mobile Device Management (MDM) integration. Okta supports integration with any MDM platform that implements the following core technical requirements:

 

  • Simple Certificate Enrollment Protocol (SCEP): The MDM manages and deploys certificates via SCEP. Okta uses these certificates to cryptographically verify device identity, forming the foundation of the device management security model.

  • Managed App Configurations: The MDM pushes configuration data down to managed applications. This deployment pushes the management hint, a unique secret key generated by Okta, to Okta Verify on mobile devices. This configuration allows Okta Verify to prove that a trusted MDM manages the device.

  • Single Sign-On (SSO) Extension Configuration (for macOS/iOS): The MDM configures native SSO extensions to provide a seamless and secure experience on Apple devices.

 

Standardizing these core protocols allows Okta to offer flexibility. Administrators can pair Okta Identity Engine (OIE) as a vendor-agnostic Identity Access Management (IAM) solution with the MDM that best fits organizational needs.

 

Okta regularly tests device integration solutions with the following MDM platforms to ensure compatibility and functionality. Review the Integrate Okta with MDM software documentation for detailed configuration information:

  • VMware Workspace ONE

  • Microsoft Intune (MEM)

  • Jamf Pro

Administrators can successfully deploy Okta device integrations with a variety of other MDM solutions that support the underlying protocols and technologies. Examples include, but are not limited to the following platforms:

 

 

Specific technical capabilities affect integration and the end-user experience when evaluating MDM providers. For example, administrators can use Google MDM for basic integrations, such as deploying management certificates via SCEP. However, Google MDM does not support the custom SSO extension required for advanced Okta features on Apple devices. Because of this limitation, Google MDM is incompatible with Okta Device Access (ODA) products for macOS and prevents the passwordless experience of Okta FastPass on macOS and iOS.

Recommended content

Still looking for help?
Loading
MDM Compatibility with Okta Device Integrations