qe97d (qe97d) asked a question.
I know in Okta Classic Engine that multiple mobile devices can not be enrolled for Okta Verify.
However, in OIE, it appears that Admins are able to "Set Up Another" allowing them to enroll multiple mobile devices for Okta Verify (and I have been successful in doing so) (see picture in 4a at https://help.okta.com/eu/en-us/Content/Topics/end-user/ov-ios-reset-register.htm).
However, I am not seeing this same option when logging in with a non-administrator account. When logging in as a non-administrator, I only see an option to "Remove" (like further down in the same link).
As this works as expected for Administrators, is this something that can be enabled for non-Administrators (or maybe I have something configured incorrectly)?
Hi @qe97d (qe97d) , Thank you for reaching out to the Okta Community!
I've been looking into this as I was not able to reproduce this based on user permissions (admin vs non-admin) and I found out that you already have a support ticket. I'm posting this for visibility in case other Community members encounter this issue.
Turns out the issue was caused by restrictions in the Authenticator Enrollment policies and how users could not enroll via certain login flows.