Okta Verify for Admins

Okta Verify is a multifactor authentication type developed by Okta. End users can verify their identities with the Okta Verify mobile app.

After an end user installs the app on their primary device, they can verify their identity by approving a push notification or by entering a one-time code. When a user signs in to their organization, the Okta Verify app prompts them to verify their identity.

Note: End users can only register one device at a time with Okta Verify. To register a new device, users must reset their Okta Verify account and then open Okta Verify to add and register their new device.

 

Are you an end user looking to set up and use Okta Verify? See Okta Verify for End Users.

 

HealthInsight: Why is this task recommended?


This feature is a HealthInsight security task. For more security recommendations from Okta, see HealthInsight.

Enable Okta Verify (with push when available) for end users to authenticate with a strong MFA factor.

Security impact: High

End-user impact: High

Okta recommends: Update factor enrollment policies based on the following:

  • Enable Okta Verify as a primary factor. If available for your org, also enable Okta Verify with Push.

 

Okta Verify General Flow

  1. Okta admin enables and configures Okta Verify in the admin console.
  2. End user signs in to their Okta org and is prompted to enroll with Okta Verify for the first time.
  3. End user enrolls their device with Okta Verify by scanning a bar code in their browser using the Okta Verify app.
  4. End user verifies their identity either by 1) requesting a push notification sent to their mobile device or by 2) entering a verification code.
  5. End user either approves push notification or enters verification code displayed in the Okta Verify app.
  6. After successful verification, end user logs in automatically to Okta, and is redirected to their account dashboard.

 

Procedures

 

 

Related Links