Configure Okta FastPass

You can configure Okta FastPass to provide users with a passwordless authentication experience that's phishing-resistant on managed or unmanaged devices.

To sign in with Okta FastPass, users must install Okta Verify and enable Okta FastPass on the device they use to access their Okta-protected apps.

Users of registered devices aren't prompted for a username or password when they try to sign in to their Okta apps. The passwordless experience is controlled by authentication policies.

Procedure

1. Configure a global session policy for Okta FastPass.
2. Enable Okta FastPass.
3. Configure an authentication policy for passwordless authentication with Okta FastPass.
4. Ensure that end users have the latest version of Okta Verify installed on their devices, and that they enroll (add an account) in Okta Verify.
   • For devices that are managed, you can deploy Okta Verify. See the installation options for Android, iOS, macOS, and Windows.
   • For devices that aren't managed, prompt end users to install Okta Verify. See the end-user documentation for Android, iOS, macOS, and Windows.
5. Optional. Configure settings that affect the end user experience:
   • Auto-launch Okta Verify on macOS devices
   • Let users skip the Open Okta Verify prompt

Related topics

Multifactor authentication

Sign-on policies and rules

Okta Expression Language for devices