Automatic Okta Verify updates on Windows
After Okta Verify for Windows is installed on a device, it's automatically updated whenever a new version is available. Typically, new versions are released monthly to provide new features, enhancements, and bug fixes. The rollout of scheduled releases is staggered over a period of seven days. For example, if a new version of Okta Verify is scheduled to be released on January 1, users can expect the app on their devices to be updated from January 1 through January 7.
Unlike scheduled releases, security updates and hotfixes aren't rolled out on a staggered schedule. Critical updates are deployed to all clients, as needed.
Update devices that aren't enrolled
If you have Okta Verify installed on Windows devices, but don’t expect users to enroll immediately, you can keep the app up to date by specifying the OrgUrl option in the managed app configuration used to deploy Okta Verify.
Defer automatic updates
If you want to test a new release of Okta Verify before you roll it out to a larger group, you can defer automatic updates by one to 13 days. This option is available on Okta Verify for Windows 3.7.1 and later versions.
-
For new installations, deploying Okta Verify for Windows with the AutoUpdateDeferredByDays option set to an integer from 1 through 13.
-
For devices with Okta Verify installed, manually update the local machine’s registry keys.
-
For Okta Verify installed at scale on multiple endpoints, use the PowerShell New-Item cmdlet to create the AutoUpdateDeferredByDays registry key. Deploy the cmdlet on remote computers using your device management software. For example, add the registry key to existing Okta Verify for Windows installations with a PowerShell command:
New-Item -Path HKLM:\Software\Okta\Okta Verify\AutoUpdateDeferredByDays -Value 13
This example defers the automatic update by 13 days on the computers where the cmdlet is deployed. However, the change to the remote computer's registry only takes effect after restarting Okta Verify on the remote Windows computer.
Disable automatic updates
Configure these options:
-
Set AutoUpdateDeferredByDays to the default value 0 (no deferred rollout ), 30 (deferred by one month), 365 (deferred by one year), or 730 (deferred by two years).
-
For AutoUpdatePollingInSecond, use the default 3600 (one hour), or change it to a slightly higher value. For example, 14,400 (four hours) or 86,400 (one day). If you use a high value, you might delay hotfix updates.