n8poy (n8poy) asked a question.
Hi Everyone.
I'm trying to configure Device trust in this way:
If i try to access on Office 365 from a trusted IOS device is ok,otherwise the user should be redirected to Air Watch enrollment page.
This is the issue:
I'm redirected to Aw enrollment page, but even if i type a user active on AW and Okta i see this error:"Failed to validate Credentials".
Can you Help me?
Thank you
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
Hi,
For this kind of configuration we have two options:
Enforce Okta Device Trust for Native Apps and Safari on MDM-managed iOS devices, which is currently in EA:
https://help.okta.com/en/prod/Content/Topics/Mobile/Okta_Device_Trust_Native_Apps_Safari_MDM_Devices.htm
In this case, The MDM distributes Okta Mobile with appconfig to indicate it is managed-> the user accesses the application-> the iOS app redirects to Okta Mobile-> Okta mobile then verifies that the device is managed by and MDM-> the user can access the app.
The other option is Enforce Okta Device Trust for VMWare Workspace One-managed iOS devices. This option is currently in Beta:
https://help.okta.com/en/prod/Content/Topics/Mobile/okta_device_trust_vmwareworkspace1-managed_ios_devices.htm
Okta Device Trust for VMware Workspace ONE-managed iOS devices allows you to prevent unmanaged iOS devices from accessing enterprise services through browsers and native applications. This Device Trust solution combines the power of Okta’s Contextual Access Management policy framework with device signals from VMware Workspace ONE to deliver a secure and seamless end-user experience. Allowing Workspace ONE to add the Device Context to the SAML Assertion lets enterprises leverage Okta’s policy framework to require users to enroll their unmanaged device or satisfy an MFA challenge.
For further investigation, we recommend opening a Support ticket, but before this, please go through the documentation provided above.