<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
User Device Does Not Appear as Managed
May 8, 2025
Okta Device Access
Okta Classic Engine
Okta Identity Engine
Overview

This article discusses the scenario in which one of the devices previously connecting to Okta as managed now appears to be an unmanaged device.

Applies To
  • Managed Windows Devices
  • Okta Verify (OV)
Cause

Reviewing the Okta Verify (OV) logs indicated that a failed upgrade causes the issue. To check the Okta Verify logs:

  1. Open the Windows Event Viewer

Use Windows+R command  to open the Run command and enter: eventvwr.

  1. Under Applications and Services Logs, click Okta.

Information

02/09/2024 07:16:10

OktaUpdate

8611

None

ApplicationInstaller: Process Launched to upgrade from version: 5.1.3 to 5.3.0 message:CurrentInstalledVersion=5.1.3&AutoUpdateUrl=https://<MyDomain>.okta.com/&EventLogName=Okta&EventSourceName=OktaUpdate&ReleaseChannel=GA&ArtifactType=WINDOWS_OKTA_VERIFY&PipeName=Okta.etc.=.

 

Error

03/09/2024 08:18:33

Okta Verify

8120

None

WindowsMessageSender.InformAllInstances: Failed copying data from process 22692 from sender window 0x196760.

 

 

Error

03/09/2024 08:18:33

Okta Verify

8120

None

BindingsManager.HandleCustomUriActivation: Failed to signal the primary instance for URI activation.

 

Error

03/09/2024 13:25:04

OktaUpdate

8900

None

ApplicationInstaller: Auto Update will not happen due to exception: System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond <ipAddress:Port>

   at System.Net.Sockets.Socket.InternalEndConnect(IAsyncResult asyncResult) etc.

 

Error

04/09/2024 09:36:27

Okta Verify

8120

None

[PrimaryApplicationLaunch][CustomUriRequest][OktaWebRequest.SendMessageAsync]: Call to https://<domain>/idp/authenticators/<id>/transactions/ftjwN3TgqXXWHzr8rCnCw-eWT__kq3DzMEE/verify failed with Forbidden. Request Id: a99a99aa0123aaaaaa9999aa9a9a99aaa

 

 

Solution

To ensure a device is correctly recognized as "Managed" by Okta, follow these steps:

  1. Redeploy Okta Verify:
  1. Authenticate Using Okta FastPass to Establish Managed Status:

To trigger the process that updates the device's management status, the user needs to authenticate using Okta FastPass. Guide them through this initial authentication with a temporary policy:

    1. Create a Temporary Bookmark Application:

      1. Navigate to the Okta Admin Dashboard: Applications > Applications > Browse App Catalogue.
      2. Search for and select Bookmark.
      3. Click Add Integration.
      4. Provide a name for this temporary bookmark (for example, "Managed Device Check").
      5. Enter any working URL (this is temporary and for policy enforcement).
      6. Click Assign and assign this bookmark app to the specific user whose device is not showing as managed.

    2. Create an Authentication Policy Requiring Managed Status for the Bookmark App:

      1. Go to the Okta Admin Dashboard > Security > Authentication Policies.
      2. Click Add Policy.
      3. Enter a name for this temporary policy (for example, "Require Managed Device").
      4. Click Save.
      5. On the policy page, navigate to the Applications tab and click Add App.
      6. Select the Bookmark app created and click Done.
      7. Go back to the Rules tab for this new policy.
      8. Edit the Catch-All Rule
        1. Click Actions > Edit next to the Catch-All Rule.
        2. Scroll down to THEN Access is and select Denied.
        3. Click Save.
      9. Add a new Rule: 
        1. Click Add Rule.
        2. Give the rule a name (for example, "Managed Device Allowed").
        3. Under IF User is, leave the default (Any user assigned to the app).
        4. Under AND Device state is, select Registered.
        5. Under AND Device management is, select Managed.
        6. Under AND Authentication methods, ensure Okta Verify - FastPass is listed as an available option.
        7. Under When to prompt for authentication, choose Every time user signs in to resource.
        8. Click Save.

    3. Have the user authenticate:

      • Instruct the affected user to attempt to access the "Managed Device Check" bookmark from the device that is not showing as managed.

    4. Interpret the results:

      • Successful Authentication: If the user can authenticate using Okta Verify - FastPass, their device's status in Okta should now be updated to Managed.
      • Authentication Failure (Denied by Catch-All): If the user is denied access by the Catch-All Rule, the logs generated by this authentication attempt will provide valuable information for further troubleshooting the underlying issue preventing the device from being recognized as managed. Please collect these logs for analysis: Collect Okta Verify Logs from Desktop (macOS / Windows).

Recommended content

Still looking for help?
Loading
User Device Does Not Appear as Managed