Enable OMM enrollment

  1. In the Admin Console, go to OMM > OMM Policies.
  2. Click the appropriate button for the type of OMM enrollment you want to enable:
    • Android for Work Setup

      See Okta Mobility Management with Android for Work for AfW setup instructions. For Samsung SAFE and Native Android devices, no additional setup is necessary.

    • Apple Certificate Setup

    • To configure Okta Mobility Management for your Apple iOS devices or macOS computers, you must first configure the Apple Push Notification Service (APNS) certificate. This process requires downloading a Certificate Signing Request (CSR) from Okta, uploading the CSR to Apple for digital signature, and finally uploading the signed certificate to the Okta org; as follows:

      1. Examine the Apple Certificate Setup button:

        • A Yellow exclamation mark indicates a push certificate has not yet been configured.

        • A Green check mark indicates a valid push certificate has already been configured.

        • A Red exclamation mark indicates your current push certificate has either expired, or is close to expiring.

      2. Complete the following on the Apple Certificate Setup dialog:

        1. Click Download to obtain your Certificate Signing Request (okta-apns-CSR.dat) from Okta.

        2. Obtain an Apple Push Notification Service Certificate:

          1. Navigate to the Apple Push Certificates management portal using the link provided (https://identity.apple.com/pushcert).

            Note that you will need an Apple ID to log into this portal.

          2. If this is the first time you are setting up a certificate, you are prompted to accept Apple's terms and conditions. If you have configured one or more certificates already, they are listed in the portal.

            User-added image

          3. Click Create a Certificate.
          4. Click Choose File and navigate to the CSR file you downloaded previously for Apple to sign (okta-apns-CSR.dat), then click Upload. Once the request has been successfully uploaded, a confirmation screen appears.

            User-added image

          5. Click Download on the confirmation screen to download the APNS MDM certificate.

            Note that APNS certificates have an expiration date. Log in to the Apple Push Certificates Portal to Renew or Revoke certificates in the Certificates for Third-Party Servers section.

        3. Upload the Apple Push Certificate

        4. Return to the Apple Certificate dialog box, click Browse to locate the APNS downloaded in the previous step, then click Upload to complete the CSR signature process.

      3. Inform your users to download and install the Okta Mobile app from the Apple App Store. They should search for Okta Mobile and proceed through the download and installation process.