Sign in to your org with Okta Verify
Okta Verify is an MFA factor developed by Okta. Use the Okta Verify app to confirm your identity so you can sign in to your organization securely.
Use Okta Verify to sign in to your org
- Make sure you have set up Okta Verify already:
- or -
- Sign in to your org.
- Choose an option to confirm your identity:
Option 1: Send Push
This feature is available only if your IT department has enabled it.
If the Send Push option is available after you try to sign in to Okta, you can click it to receive a pop-up notification on your mobile device. The notification allows you to accept or reject your authentication request. The notification expires in five minutes if you don't accept or reject the authentication request. To receive a new notification, sign in to Okta again and a new notification is sent to your mobile device.
- Sign in to your org from your desktop computer.
- Click Send Push to send a notification to your mobile device. You can select Send push automatically so that future notifications pop up automatically on your mobile device.
- Check your mobile device for a pop-up notification from Okta Verify.
- Tap the option that confirms you tried to signed in to your Okta org. Your web browser redirects to your Okta apps.
If the Okta Verify notification doesn't pop up on your device, go to Settings > Notifications > Okta Verify and ensure that app notifications are turned on.
Option 2: Enter code
To use this option, enter an Okta generated six-digit code provided in the Okta Verify app to confirm your identity. For security purposes, this code changes every thirty seconds
- Sign in to your org from your desktop computer.
- When prompted, open the Okta Verify app on your mobile device.
- Remember the verification code that appears onscreen. In the example below, the code for Okta is 745795. If more than one account appears, use the one associated with the org you want to access.
- In your web browser, enter the code. Click Verify to continue.
If the code you entered is correct, you are signed in to your org.
Don't know your username? Your Okta username is created for you by your admin. Most new Okta users receive a Welcome email from Okta which contains their username and a link allowing them to create a password and activate their account. If you didn't receive a Welcome email, contact your administrator.
The Okta Verify Authentication challenge screen appears.
If Okta detects an unusual sign-in attempt to your Okta account, a Review button may appear in the Okta Verify app. Okta may consider a sign-in attempt to be unusual based on a number of factors, including details about your device and your location. The Review button allows you to review the sign-in details and then access your Okta account after completing a simple verification challenge. The challenge helps to ensure that the sign in attempt came from you, not an unauthorized person.
This feature is not supported if you log in to Okta from a command line (such as in an LDAPi environment).
- Tap Review.
- Under Did You Just Try to Sign In? review the location, device type, and authentication time shown, then do either of the following:
Option 1: If the review details match your device and current location:
- Tap Yes, It's Me. Satisfy the security challenge as follows:
Three numbers appear on your mobile device.
One number appears in your desktop browser.
- Tap the number on your mobile device that matches the number in the desktop browser.
Authentication succeeds and you are redirected to your Okta org (or prompted with a second factor, if your admin set one up).
If you tap Yes, It's Me but then decide you want to deny the sign-in attempt instead of completing the challenge (or if the challenge didn't appear on your desktop browser), tap Back to sign in details and then tap No, It's Not Me. This will deny the authentication attempt and prevent access to your Okta account. Contact your admin or IT department.
Option 2: If the review details don't match your device and current location:
Tap No, It's Not Me This will deny the authentication attempt and prevent access to your Okta account. Contact your admin or IT department.
Review button functionality is not supported on Apple Watches. If you use Okta Verify on an Apple Watch, the Review button appears on the watch when Okta detects an unusual sign-in attempt to your account but the options Yes, It's Me and No, It's Not Me do not appear after you tap Review. To accept or reject the sign-in attempt, use Okta Verify on your mobile phone.
Authenticate with Apple Watch or Android Wear
Okta Verify supports the use of both Apple Watch and Android Wear.
The Okta Verify for Apple Watch app allows you to view and accept or reject Okta Verify with push notifications from your watch screen. The watch also displays a rotating one-time password to allow authentication if push notifications are not enabled or if internet connectivity is unavailable.
Once you've paired your watch with an iPhone, the Okta Verify app installs automatically. Note that while the app can be opened and used at any time, the watch only receives notifications from the iPhone if it is locked based on Apple design.
The Okta Verify for Android Wear app allows you to view and accept or reject Okta Verify with Push challenges from your watch screen. You can also access the OTP on their Android Wear devices.
Authenticate with Apple Touch ID
Touch ID uses fingerprint detection technology to guard against unauthorized use of Okta Verify.
- Sign in to Okta and click Set Up Touch ID when the prompt appears.
If Touch ID has not been set up on your device, iOS Settings appear to allow you to configure it.
- The Touch ID for "Okta Verify" screen appears.
- Enrollment is complete after you confirm your identity with your fingerprint.
Approve requests directly from iOS push notifications
You can approve or deny an authentication request from Okta Verify directly from a notification without having to open the app each time.
There are two ways to approve a request from a notification:
- From the lock screen
- From a pop-up notification on an unlocked screen
To approve a request from the lock screen:
- Swipe left after the notification appears.
- Tap View.
Tap Yes, It's Me or No, It's Not Me. You are prompted to unlock your device.
- To proceed, enter your PIN or unlock the device with your fingerprint.
To approve a request from an unlocked screen:
- Swipe down when the notification appears.
- Tap Yes, It's Me or No, It's Not Me to action the request.
When you approve a request, you are signed in to your org automatically.
Devices with 3D Touch
If your iOS device supports 3D Touch, you can hard press a notification to display options to approve or deny the request.