Deploy Desktop MFA for Windows to your endpoints

Use your MDM solution to deploy the Okta Verify package that you downloaded from the Admin Console to your Windows endpoints. For more details, see Add a Windows line-of-business app to Microsoft Intune in the Microsoft documentation.

To enable online MFA methods, use these command-line parameters:

ORGURL: Okta org URL.
CLIENTID: This is the client ID that you saved on the Desktop MFA app integration General tab. See Create and configure the Desktop MFA app integration.
CLIENTSECRET: This is the client secret that you saved on the Desktop MFA app integration General tab. See Create and configure the Desktop MFA app integration.
SKU: SKU=ALL

Example: OktaVerifySetup--x.x.x.x-yyyyyyy.exe SKU=ALL ORGURL=https://customerorg.oktapreview.com/ CLIENTID=xxxxxxxx CLIENTSECRET=xxxxxxxx

When Okta Verify is installed with SKU=ALL, the Windows Credential Provider is hidden during user sign in.

You can use Windows command-line options to adjust the parameters of your installation. For example, add /q to run the installer in quiet mode. This hides the interface during installation. The end user doesn't receive prompts or messages, and can't cancel the installation.

Okta Verify updates automatically when new releases are available. See Okta Verify for Windows release notes for the latest features, improvements, and fixes.

Next steps

Configure Desktop MFA policies

Enable self-service password reset

Windows Desktop MFA user experience

Support your Desktop MFA users