Configure Desktop Password Sync for macOS

Early Access release. See Manage Early Access and Beta features.

Desktop Password Sync for macOS reduces the number of passwords that users need to remember. When Desktop Password Sync is configured and deployed, users are prompted to register the device and link the local account with Okta. Once registration is complete, the local account password syncs with the Okta password, and users can use their Okta password to sign in to macOS.

Set up the Desktop Password Sync app integration in the Okta Admin Console, and then configure the device management profiles in your mobile device management (MDM) solution. You can push the packaged installer to specific users or groups for immediate registration.

Depending on your configuration, the registration flow for Desktop Password Sync enrolls users in Okta FastPass and may enable Touch ID. If Okta FastPass requires biometrics based on your admin and org configurations, users must have Touch ID set up before starting the Desktop Password Sync enrollment flow.

Prerequisites

Ensure that you meet these requirements:

Your Okta Identity Engine org is available.
Your macOS computers are running a minimum of macOS Ventura (13.0). Version 13.5 is recommended for the best user experience.
The Okta Verify authenticator is set up in your org.
Devices must be enrolled in a mobile device management (MDM) software that supports deployment of payloads.
The Desktop Password Sync application is available for your organization. If you can't locate the Desktop Password Sync app in the app catalog, contact your account representative.
Optional: If your org requires biometrics for user authentication, then users must have Touch ID set up before starting the Desktop Password Sync enrollment flow.

Use Okta Verify version 9.1.0 if your org has macOS users that use a system language other than English.

Tasks

Create and configure the Desktop Password Sync app integration
Configure Desktop Password Sync for macOS
Configure device management profiles for Desktop Password Sync

Create and configure the Desktop Password Sync app integration

In the Admin Console, go to Applications Applications Catalog.
Search for Desktop Password Sync and select the app.
Click Add integration. If you get an error message saying This feature isn’t enabled, contact your account representative.
Open Desktop Password Sync from your Applications list to configure it:
- On the General tab, you can edit the application label or use the default label.
- On the Sign on tab, make note of the Client ID. You need this when creating the managed app configuration in your MDM.
- Assign the app to individual users or groups on the Assignments tab. Users must be assigned the app to use Desktop Password Sync.
Click Save.

Download Okta Verify for macOS

Desktop Password Sync is part of Okta Device Access, which uses Okta Verify for device registration and user authentication. In the Admin Console, go to Settings Downloads and download Okta Verify for macOS. If the Okta Device Access product has been enabled for your organization, Desktop Password Sync can be configured and deployed. Contact your account representative for more information.

Next steps

Configure device management profiles for Desktop Password Sync

Troubleshoot Desktop Password Sync for macOS