General Security

The settings in this section apply to general security policies for your organization and specific security policies for mobile usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control.. To access these settings, navigate to Security > General.


You can configure the following settings under Organization:

Okta Mobile Settings

Changes to Okta Mobile security settings may take up to 24 hours to be applied to all the eligible end usersEnd users who have installed a version of Okta Mobile that supports these Early Access security settings. in your orgThe Okta container that represents a real-world organization. and for Okta to prompt those end users to update their PIN. ClosedScreenshot

Go to Security > General > Okta Mobile and configure the folowing:

Option Description
PIN length Specify the required number of digits for the PIN.
Allow simple PIN Select to permit the use of repeating, ascending, and descending numeric sequences (such as 1111, 1234, 4321, etc.).
Ask for PIN when user is inactive for Specify how long users can be inactive before they are prompted to enter a PIN.
PIN expires after Specify how long the PIN is valid before it expires.
Screen preview/capture (Android only) When this option is selected, Android device users cannot take screenshots, record videos, or share their screen from within Okta Mobile (other apps are not affected). RequiresOkta Mobile 3.8.0+ for Android. For iOS device users, this option has no effect.
Sign on to SAMLAn acronym for Security Assertion Markup Language, SAML is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). The SAML standard addresses issues unique to the single sign-on (SSO) solution, and defines three roles: the end user, the IDP, and the SP. apps (iOS only) This iOS-specific option allows access to SAML apps in iOS Safari using an iOS Safari extension.