Enforce Okta Device Trust for managed Windows computers

Okta Device Trust for Windows allows you to prevent unmanaged Windows computers from accessing corporate SAML and WS-Fed cloud apps. It works with any browser or native app that can access the certificate store when performing the federated authentication flow to Okta. This includes Edge, Internet Explorer, Chrome, and Microsoft Office clients that support Modern Authentication.

The image illustrates how Okta Device Trust is enforced for managed Windows devices.

Okta Device Trust for Windows provides these key benefits:

  • Ensures that only end users on domain-joined Windows computers can seamlessly SSO into SAML and WS-Fed cloud apps
  • Protects enterprise data even when there is no defined network boundary
  • Provides a frictionless end user experience by utilizing the Okta Certificate Authority
  • Support for Device Trust enrollment in multi-forest environments.