Configure the Okta Verify authenticator

Okta Verify is an authenticator app developed by Okta. It allows users to confirm their identity when they sign in to their Okta account or access Okta-protected resources.

When you configure Okta Verify, users are prompted to download, install, and set up the app on their device. The user experience depends on which Okta Verify options the admin enables, and how the Okta org's authentication policies are configured.

Okta Verify for macOS and Windows is supported only on Identity Engine orgs.

Add Okta Verify as an authenticator

  1. In the Admin Console, go to Security > Authenticators.
  2. On the Setup tab, click Add Authenticator.
  3. Click Add on the Okta Verify tile.

  4. Review the information message that appears, and then click Add.

  5. Configure Okta Verify options.

Enroll Okta Verify in an authetication enrollment policy

  1. In the Admin Console, go to Security > Authenticators.
  2. On the Enrollment tab, add a new or edit an existing authentication enrollment policy.
    • If you're adding a policy: Click Add a Policy.
    • If you're editing a policy: Select the policy that you want to edit, and then click Edit.
  1. In Effective factors, set Okta Verify to Optional or Required.
  2. Save your changes by clicking Create Policy or Update Policy, as applicable.

  3. To add one or more rules to the policy, see Configure an authentication enrollment policy rule

  4. Configure Okta Verify options.

Configure Risk Scoring

Okta's Risk Scoring capability allows you to increase the level of security that guards sign-ins to your Okta org. When enabled, the Risk Scoring engine assesses sign-in attempts against several criteria, including details about the device and its location. It then assigns a risk level to each Okta sign-in, which can then be used for dynamic responses according to the level of risk assessed. For example, admins might want Okta to prompt users for multifactor authentication if the sign-in is considered high-risk. It's also helpful for strengthening the security of the Number Challenge functionality; see Configure Okta Verify options for details. Admins must activate the Risk Scoring functionality and configure a sensitivity level; see Risk scoring for instructions.

Current limitations

  • The Okta Verify app doesn't enforce user verification for push requests initiated from the Okta Verify app even if user verification is set to Required on the Admin Console.

Related topics

Configure Okta Verify options

Create an authentication enrollment policy

Configure an authentication enrollment policy rule