Silently enroll the Okta Privileged Access client

Silent enrollment allows you to automate the enrollment process and add multiple clients to Okta Privileged Access at the same time. This process saves time when deploying a Okta Privileged Access client across an organization. Many Okta Privileged Access teams use device management software like JAMF or SCCM to automate the process of installing and enrolling the client. The specifics of this process depend on the specific organizational requirements for each team.

Start the task

  1. Install the Okta Privileged Access client on all devices.
    See Install the Okta Privileged Access client
  2. Create an enrollment token. See Configure server settings
  3. Save the enrollment token secret to a file on the devices being enrolled.
  4. Enroll the clients by running the following command on each device:
    sft fleet enroll --token-file <path\to\enrollment-token.txt>

Upon success, the clients are enrolled with the team.

Related topics

Use the Okta Privileged Access client