After Okta Verify for Windows is installed on a device, it is automatically updated whenever a newer version of the app is available. In general, new versions of the app are released on a monthly basis to promote new features, enhancements, and bug fixes. These regularly-scheduled feature updates are staggered over a period of seven days. For example, if a new version of Okta Verify is scheduled to be released on January 1, users with the app installed can expect their devices to be updated during the period from January 1 through January 7.
Unlike regularly-scheduled updates, security updates and hot fix releases aren't released on a staggered schedule. Instead, critical updates are deployed to all clients, as needed.
Update devices that are not enrolled
If you have Okta Verify installed on Windows, but don’t expect users to enroll immediately, you can keep the app up-to-date by specifying the OrgUrl option in the managed app configuration used to deploy Okta Verify.
Defer automatic updates
If you want to test new releases of Okta Verify before rolling it out to a larger group, you can defer automatic updates by one to thirteen days past the end date for automated updates. This deferred rollout option is available on Okta Verify for Windows 3.7.1 and later versions.
For new installations, you can defer automatic updates by deploying Okta Verify for Windows with the AutoUpdateDeferredByDays option set to an integer between 1 and 13.
For existing installations, you can manually update the local machine’s registry keys to defer automatic updates. To defer automatic updates for a previously-deployed version of Okta Verify for Windows at scale, you can use the PowerShell New-Item cmdlet to create the new AutoUpdateDeferredByDays registry key and deploy the cmdlet on remote computers using your device management software. For example, add the registry key to existing Okta Verify for Windows installations with a PowerShell command:
New-Item -Path HKLM:\Software\Okta\Okta Verify\AutoUpdateDeferredByDays -Value 13<![CDATA[ ]]>
This example defers the automatic update for 13 days on the computers where the cmdlet is deployed. However, the change to the remote computer's registry only takes effect after restarting Okta Verify on the remote Windows computer.