Setting up Okta Device Trust with Workspace ONE UEM
Okta is updating their identity platform and moving away from the Okta Classic Engine to the Okta Identity Engine. With this update, the way that Device Trust is configured has completely changed. The updated device trust now relies upon the MDM deployment of the Okta Verify app deployed with a specific Application Configuration containing a key generated from the Okta console. If the key from the console matches the key stored in the app on the device, the device must be enrolled (otherwise, how would it have received the matching key) and the device is considered trusted. Add Okta Verify as an authenticator In the Okta console, go to Security > Authenticators Under Setup , click Add Authenticator Select Okta Verify and configure the required options Create an enrollment policy (or edit the default) In the Admin console, to go Security > Authenticators Under Enrollment , add a new policy (or edit an existing one) In the Eligible Authenticators section , select one of the fo...