Configure the Okta Verify authenticator
Okta Verify is an authenticator that allows users to confirm their identity when they sign in to their Okta account or access Okta-protected resources. Users can also set up Okta Verify as a third-party authenticator for accessing sites that require multifactor authentication such as GitHub, Facebook, or Google.
When you configure Okta Verify, users are prompted to download, install, and set up the app on their device. The user experience depends on which Okta Verify options that the admin enables, and how the Okta org's authentication policies are configured.
Okta Verify for macOS and Windows is supported only on Identity Engine orgs.
- Supported platforms for Okta Verify
- For user documentation, see Okta Verify for users overview.
- To find out what data types Okta Verify collects, see Data collected by Okta Verify.
- Okta Verify doesn't work during OOBE (Out-of-Box experience) in Windows Autopilot. To enable Autopilot deployments, see Integrate Okta with Windows Autopilot.
Add Okta Verify as an authenticator
- In the Admin Console, go to .
- On the Setup tab, click Add Authenticator.
-
Click Add on the Okta Verify tile.
-
Review the information message that appears, and then click Add.
Enroll Okta Verify in an authentication enrollment policy
- In the Admin Console, go to .
- On the Enrollment tab, add a new or edit an existing authentication enrollment policy.
- If you're adding a policy: Click Add a Policy.
- If you're editing a policy: Select the policy that you want to edit, and then click Edit.
- In Effective factors, set Okta Verify to Optional or Required.
-
Save your changes by clicking Create Policy or Update Policy, as applicable.
-
To add one or more rules to the policy, see Configure an authenticator enrollment policy rule
Configure Risk Scoring
Okta's Risk Scoring capability allows you to increase the level of security that guards sign-ins to your Okta org. When enabled, the Risk Scoring engine assesses sign-in attempts against several criteria, including details about the device and its location. It then assigns a risk level to each Okta sign-in, which can then be used for dynamic responses according to the level of risk assessed. For example, admins might want Okta to prompt users for multifactor authentication if the sign-in is considered high-risk. It's also helpful for strengthening the security of the Number Challenge functionality; see Configure Okta Verify options for details. Admins must activate the Risk Scoring functionality and configure a sensitivity level; see Risk scoring for instructions.