00u9cusvzJc3Tlzmu3561.548460929000252E12 (Customer) asked a question.
We use VMware Workspace ONE for device management and for some reason when I require an android device to be trusted before signing into apps, it does not work. It works fine for iOS devices but not Okta is not recognizing device trust on the WS1 side for android.
I can't tell if it's a WS1 issue or an okta issue. I've reached out to Okta support and they were as useless as a wet towel. They say its WS1's problem and WS1 says its Okta's problem...
I know the connection between Okta and WS1 is working otherwise the iOS device trust wouldn't be working... they both use the same Identity provider configuration.
Interested in even working with a paid consultant that knows both worlds.... getting through to either support team without them blaming the other platform has been tough to say the least. Thanks in advance.
@00u9cusvzJc3Tlzmu3561.548460929000252E12 (Customer) I hope you are doing well, based on the information, I would say that your android devices may be Android 10(Q), if this is the case, unfortunately, device trust will not work with these at the moment, this is a piece of the documentation on the known issues section -> https://help.okta.com/en/prod/Content/Topics/Mobile/dt-mdm-managed-android-devices.htm
"Android 10 (Q) isn't supported with this solution — Changes made by Google prevent Android 10 devices from communicating their trust posture (Trusted/Not-Trusted) to ISVs such as Okta. Consequently, authentication requests from Native Apps or Chrome on Android 10 devices appear as "Not Trusted." In this scenario Okta prompts users to access protected resources through Okta Mobile to ensure that device posture is evaluated correctly."
not sure if this is the case, please provide us more information to assist you better with this. Additionally, please double the check the guide for android devices and make sure not steps were missed or skipped.