Device Access certificates

Deploy Device Access certificates using the Simple Certificate Enrollment Protocol (SCEP) through your mobile device management (MDM) software. These certificates grant access to specific API endpoints and identify the device making the calls.

Certificates for Device Access are separate from the certificates used for managed device attestation. See Configure a Certificate Authority for more information about management attestation.

Device Access certificates are required for:

Okta Device Access on computers running macOS or Windows
Desktop Password Sync on computers running macOS 14 Sonoma and later

Tasks

Configure a Certificate Authority (CA) for Device Access. You can either use Okta as a CA, or use your own CA:
- Use Okta as a CA for Device Access
- Use your own CA for Device Access
Verify certificate deployments

Device Access certificates

Tasks

Related topics