Set up the Chrome Device Trust connector

Set up the Chrome Device Trust connector to secure access to Okta-protected resources on ChromeOS. The Chrome Device Trust connector can also manage Chrome browsers on Windows and macOS.

Before you begin

Chrome Device Trust must be enabled in the Okta Admin Console.

Add Chrome Device Trust as an endpoint

  1. In the Okta Admin Console, go to Security Device Integrations.

  2. Select the Endpoint security tab, and then click Add endpoint integration.

  3. Select Chrome Device Trust, and then choose the platforms you want to enable the integration for.

  4. Click Save.

  5. On the Chrome Device Trust integration page, the generated settings are displayed. Copy the values in the Login URL pattern and Service account fields on the integration page. These values are unique to your tenant, and are used to link your Okta and Google Workspace accounts.

Integrate the Chrome Device Trust connector

Follow these steps to integrate the connector in Google.

  1. Sign in to your Google Admin console.

  2. Go to Devices Chrome Connectors and click New provider configuration. Scroll down to Okta in the provider list and click Set up.

  3. Enter a Configuration name, and then add the URL Pattern and Service account information from the integration that you created in the Okta Admin Console to the provider configuration. Click Add configuration.

  4. Apply the provider configuration to your Organizational unit. To ensure that the configuration is applied to the appropriate org unit, ensurecheck that the managed browser configuration is mapped to the same org unit.

To avoid authorization and signal errors, ensure the ChromeOS device and user are in the same organizational unit as the Okta provider configuration. For more information, see Manage Chrome Enterprise device trust connectors.

Next steps

Add device assurance policies for ChromeOS and Google Chrome

Create a device assurance policy for managed Chrome browsers

Create a device assurance policy for ChromeOS