This is an Early Access feature. To enable it, please contact Okta Support.

Enforce Okta Device Trust for Exchange ActiveSync on OMM-managed iOS devices

This Okta Device Trust solution for Microsoft Office 365 EAS on OMM managed iOS devices allows you to do the following:

  • Configure the iOS mail app to use certificates instead of passwords to allow OMM-enrolled users to authenticate to Microsoft Office 365 Exchange ActiveSync.
  • Configure iOS mail app client access policy to prevent users with unmanaged devices from accessing Microsoft Office 365 Exchange ActiveSync.

The image illustrates how Okta Device Trust is enforced for Exchange ActiveSync on OMM-managed iOS devices.>


This Device Trust solution provides these key benefits:

  • Allows end users to seamlessly SSO in to their native iOS mail app (EAS) from OMM-enrolled iOS devices
  • Enhances Office 365 Exchange ActiveSync security through enforcement of certificate-based authentication instead of password authentication
  • Prevents users with unmanaged iOS devices from accessing Office365

  • Helps prevent users from becoming locked-out of their account due to Active Directory (AD) password resets