Deploy Desktop MFA to your Windows endpoints

After you download the Okta Verify package from the Admin Console, use your MDM solution to deploy it to your Windows endpoints.

Okta Verify updates automatically when new releases are available. See Okta Verify for Windows release notes.

For more details, see Add a Windows line-of-business app to Microsoft Intune in the Microsoft documentation.

Procedure

To enable online Desktop MFA methods, call the Okta Verify setup executable with these command-line parameters:

ORGURL: The full URL of your Okta org.
CLIENTID: The Client ID that you saved from the General tab of the Desktop MFA app. See Create and configure the Desktop MFA app for Windows.
CLIENTSECRET: The Client Secret that you saved from the General tab of the Desktop MFA app.
SKU: SKU=ALL

If you install Okta Verify with SKU=ALL, then the Windows Credential Provider is hidden when the user signs in.

You can also use Windows command-line options to adjust the parameters of your installation. For example, to run the installer in quiet mode, add the /q option. This hides the interface during installation. The end user doesn't receive prompts or messages, and can't cancel the installation.

Example

OktaVerifySetup--x.x.x.x-yyyyyyy.exe SKU=ALL ORGURL=https://customerorg.oktapreview.com CLIENTID=xxxxxxxx CLIENTSECRET=xxxxxxxx

Next step

Configure and deploy Desktop MFA policies for Windows