Managed devices

You can ensure that devices are managed by an endpoint management tool before end users can access apps from the device.

Devices are managed if they meet these conditions:

• The device is registered (enrolled in Okta Verify).

• A user profile associated with the device is managed by a device management solution.

• The device is configured for device management in Security Device Integrations. Ensure that this is completed before the user authenticates with Okta FastPass.

• The user authenticated with Okta FastPass from the managed device at least once.

For mobile (Android, iOS), a management hint (shared secret) is deployed to the device through a managed app configuration (for example, with VMware Workspace ONE UEM, Microsoft Intune). For desktop (Windows, macOS), management attestation certificates are deployed to the device (for example, with Jamf Pro, Microsoft Intune, VMware Workspace ONE UEM).

Topics

• Management attestation for mobile devices
• Management attestation for desktop devices
• Managed app configurations
• Configure a Certificate Authority (for desktop)