Okta Verify for Okta Identity Engine release notes

You can download the Okta Verify package for Android from these locations:

Google Play Store
Okta Admin Console (SettingsDownloads). The updated package file is available approximately two weeks after the deployment date. See Distributing Okta Android apps outside the Google Play Store.

Deployment date: November 3, 2025

To maintain the security of the Okta service, Okta can automatically prompt users running vulnerable versions of Okta Verify to update the app before restoring access. Okta manages this control for security events, and admins can't configure it. See Okta Verify security updates.
This release also includes internal improvements and fixes.

You can download the Okta Verify package for iOS from these locations:

Deployment date: November 3, 2025

You can download the Okta Verify package for macOS from these locations:

Production deployment: October 21, 2025

Starting with this release, macOS 13 Ventura is no longer supported.
Desktop Password Sync now supports a simplified setup of Apple's Platform Single Sign-on (Platform SSO) during the Automated Device Enrollment process on macOS 26 Tahoe. See Configure Desktop Password Sync for macOS 26.
The OSQueryService binary file used in the advanced posture validation check has been renamed to OktaAuthenticationService. If you have the OSQueryService.xpc file in any automated scripts, update the command with the new name: OktaAuthenticationService.xpc. See Configure advanced posture checks for device assurance.
This release also includes internal improvements and fixes.

You can download the Okta Verify package for Windows from the Okta Admin Console (SettingsDownloads).

Preview deployment: November 17, 2025

This release improves the way screen readers interact with static text within the Okta Verify app. This change provides a better experience for users who rely on accessibility tools.
On systems where Windows Hello wasn't available (such as a virtual machine), the Okta Verify app only displayed the Passcode confirmation toggle when user verification was set to Windows Hello. (OKTA-720210)
After a user rebooted their Windows system, they were prompted for a password during sign-in attempts, even when passwordless authentication was the active multifactor policy. (OKTA-1010475)
On Windows, some Okta Verify users without complete org information on their local device couldn't see their account or enable user verification. Also the device couldn't publish an asynchronous signal for Identity Threat Protection. (OKTA-1024030)
When both the UseDirectAuth and PasswordlessAccessEnabled policies were enabled for use with FIDO2 keys, users who hadn't already signed in received two push notifications during their initial sign-in attempt. (OKTA-1011119)
Users on domain-joined remote machines experienced significant sign-in delays when attempting to use a passwordless flow with Okta Device Access. (OKTA-1012063)
This release also includes internal improvements and fixes.