Adding a secondary or tertiary fingerprint to Touch ID on macOS causes an authentication error in Okta Verify. Resolving this issue requires disabling and re-enabling Touch ID, re-adding the Okta Verify account, or reinstalling the Okta Verify application.
When a user adds a second fingerprint for use with Okta Verify, Okta generates the following error:
Your organization requires Touch ID. Click Enable Touch ID to keep using this account.
- Okta Verify Application
- Okta Identity Engine (OIE)
- macOS
- Touch ID
When a second Touch ID profile is added to the device, the OS invalidates the private keys associated with the Secure Enclave, which causes Okta Verify's stored credentials to become inaccessible and triggers the need for re-enrollment.
How is the Touch ID fingerprint error resolved in Okta Verify?
See the following troubleshooting steps to resolve this issue:
- Disable and re-enable TouchID.
- Delete the account within Okta Verify and add it again.
- Uninstall and reinstall Okta Verify on the device.
