Deploy Okta Verify to Windows devices

You can deploy Okta Verify to Windows endpoints by running a command or by using a device management solution (MDM).

Users can also install Okta Verify app on their devices. See installation instructions for users at Get started with Okta Verify on Windows devices.

Before you begin

When you deploy Okta Verify to Windows devices, users might receive notifications or prompts:

End User License Agreement (EULA) and Crash Reporting notice:

If you use your mobile device management (MDM) software or Microsoft Endpoint Manager (MEM) to deploy Okta Verify, then users don't receive the EULA or Crash Reporting notices. Users must uninstall Okta Verify and reinstall it. The notices appear during reinstallation.
User Account Control (UAC) prompt
- If you use MEM software to deploy Okta Verify, users receive the UAC consent and credential prompts.
- If you use MDM software, users don't receive UAC prompts.

Install Okta Verify by running a command

You launch the Okta Verify installer by running a command:

OktaVerifySetup-x.x.x.x-yyyyyyy.exe <option1Name>=<option1Value> <option2Name>=<option2Value>...

You can pass configuration options and values to enable Okta Verify features. See Okta Verify configurations for Windows devices.

Before you deploy the app with your MDM solution, install Okta Verify locally with specific options and values to validate your configuration.

Deploy Okta Verify using Microsoft Intune

To run the Okta Verify installer in quiet mode, use /q for version 4.0.2 or later. For earlier versions, use /q2.

Use Intune to deploy Okta Verify as a Win32 app and not as a line-of-business (LOB) app.

Prepare Okta Verify for upload.
1. In the OktaAdmin Console, go to SettingsDownloads and download Okta Verify for Windows (.exe).
2. Convert Okta Verify into the .intunewin format. See Prepare Win32 app content for upload.
Add, assign, and monitor the Okta Verify deployment. See Add, assign, and monitor a Win32 app in Microsoft Intune.
1. Go to the Microsoft Endpoint Manager admin center.
2. Go to AppsAll appsAdd.
3. On the Select app type pane, under the Other app types, select Windows app (Win32).
4. Click Select.
5. On the Add app pane, click Select app package file.
6. Click the browse button and select the Okta Verify installation file with the .intunewin extension. For example, OktaVerifySetupx.x.x.x-yyyyyyy.intunewin.
7. Click OK.
8. On the App information page, add the details for your app.
9. On the Program page, configure the app installation and removal commands for the app:
  - Install command: Enter OktaVerifySetup-x.x.x.x-yyyyyyy.exe /q OrgUrl=https://{org}.org.com. There are other possible configurations. See Okta Verify configurations for Windows devices.
  - Uninstall command: Enter OktaVerifySetup-x.x.x.x-yyyyyyy.exe /uninstall /q
  - Install behavior: Use the default setting System.
  - Device restart behavior:
10. Click Next.
11. On the Requirements page, specify the requirements that devices must meet before the app is installed and click Next:
  - Operating system architecture: Select the architectures needed to install the app.
  - Minimum operating system: Select Windows 10 1709.
12. On the Detection rules page, configure the rules to detect the presence of the app and click Next. You can choose to add multiple rules:
  - Rules format: Select Manually configure detection rule.
  - Path: C:\Program Files\Okta\Okta Verify
  - File or folder: OktaVerify.exe
  - Detection method: Select File or folder exists.
  - Associated with a 32-bit app on 64-bit clients: Keep the default value No.
13. On the Dependencies page, keep the default values and click Next.
14. Skip the Supersedence (preview) page. Click Next.
15. On the Review + create page, review your input. Confirm that you configured the app information correctly.
16. Click Create to add the app to Intune.

Deploy Okta Verify using MEM software

Installation occurs at the system level. User-based installation isn’t supported.

Copy the file Okta Verify Setup file to your MEM server.
In the Configuration Manager console, go to Software LibraryApplication ManagementApplications.
On the Home tab, in the Create group, select Create Application.
On the General page of the Create Application Wizard, select Automatically detect information about this application from installation files. Specify the following information:
- Type: Select Windows Installer (*.exe).
- Location: Browse to the Okta Verify Setup file.
Click Next.
Follow the on-screen prompts.
On the General information page, enter application details so that you can sort and find it in the Configuration Manager console:

Name: Enter a name.
Installation program: Specify the installation program, using one of the following flag options:
- Don't specify installer flags:
  OktaVerifySetup-x.x.x.x-yyyyyyy.exe /q
- Specify installer flags. In the following examples, square brackets ("[" and "]") indicate optional parameters. For flag and value options, see Okta Verify configurations for Windows devices.
  OktaVerifySetup-x.x.x.x-yyyyyyy.exe -q [<Flag_1>=<Value_1>] [<Flag_2>=<Value_2>] [...]
  Example: OktaVerifySetup-x.x.x.x-yyyyyyy.exe -q OrgUrl=https://ORGNAME.oktapreview.com

Click Next.
On the Summary page, confirm the settings and complete the wizard.
In the center pane of the Applications list, right-click the app and select Deploy.
Follow the prompts in the Deploy Wizard.

Configure Okta Verify to work in a proxy-enabled environment

When you deploy Okta Verify in a proxy-enabled environment, an extra configuration step is required to allow automated updates.

You can configure proxy settings during installation using a ProxyURL or a ProxyPacLocation argument, depending on your environment. You can also configure Okta Verify to allow automated updates.

For a proxy server, enter these parameters:

OktaVerifySetup-x.x.x.x-yyyyyyy.exe

ProxyURL=https://proxy.sample.com:3888