Okta FastPass Probing on macOS Devices
Oct 10, 2025
Multi-Factor Authentication
Okta Identity Engine
Overview
This article describes the authentication flow on macOS devices when Okta Verify FastPass is used for authentication and device probing is required.
Applies To
- Okta Identity Engine (OIE)
- Okta Verify FastPass
- macOS
Solution
A FastPass authentication flow can be initiated on macOS devices in three ways:
- SSO extension
-
-
An optional configuration for Mobile Device Management (MDM)-managed devices covers some uncommon network configurations.
- NOTE: Okta FastPass now supports phishing resistance for Apple Safari and native apps on macOS without the need for a Single Sign-On (SSO) extension.
- There is no need to perform this setup unless instructed by the Okta Professional Service or the Okta Support team.
-
- Loopback
-
-
Loopback works in almost all situations with browsers and native applications as long as the app is running. It does not require any additional configuration.
-
- Custom URL Scheme(CUS)
-
- CUS works in most browsers, but in embedded WebViews, the parent application would need to detect the custom URL the user is clicking on and invoke it at the system level so that the app gets notified of the challenge (this rarely happens, so CUS can be considered not supported for embedded WebViews).
