Use cases for configuring passwordless authentication

This section provides passwordless use cases for three authentication methods:

  1. Medium assurance level: Simple security with one-factor authentication
  2. Medium assurance level: FIDO2 (WebAuthn)
  3. High assurance level: Registered and unmanaged devices with two-factor authentication

Other passwordless experiences

Other Okta features facilitate passwordless authentication but they are outside of the scope of this document.

Enhanced experience using the Okta SSO browser extension Provide Okta Verify-enrolled users an Okta FastPass experience on Safari browsers only if their device is managed and you've configured Apple Extensible Single Sign-On (SSO) in your mobile device management (MDM) solution. The configuration defines extensions for multifactor user authentication on macOS devices enrolled in an MDM solution.
Email Magic Link Create an authentication policy rule to provide an email magic link that your users can click to sign in to an app.
Agentless Desktop Single Sign-On With agentless Desktop Single Sign-on (DSSO), you don't need to deploy IWA agents in your Active Directory domains to implement DSSO functionality. This reduces or eliminates the maintenance overhead and provides high availability as Okta assumes responsibility for Kerberos validation.The same experience can be achieved with Okta FastPass silent authentication flow.