December 2023: This is an Early Access Feature
Introduction
In the latest Early Access Okta Verify Release for (4.8.1) Okta now supports
Push notification (number challenge) for Okta Device Access Desktop MFA.
Users can choose whether to include a number challenge with an
Okta Verify push notification.
The number challenge verifies that a sign-in attempt to an app protected by Okta came from the intended user and not from an unauthorized person.
It presents a number in the Sign-In Widget and pushes a notification to Okta Verify on the user’s mobile device.
Requirements
- Okta Device Access Desktop MFA configured
A step-by-step guide can be found here - Okta Verify Release 4.8.1 (Early Access) deployed
- Number Challenge for Okta Verify configured
Configure Okta Verify Number Challenge
In the Okta Admin Console navigate to Security –> Authenticators
On the Okta Verify line, click Actions –> Edit
Within the Okta Verify menu, scroll down to the Push notification: number challenge and configure and configure it according to your needs/requirements.
In my setup I’ve configured All push challenges, that means the user users receive
a number challenge with all Okta Verify push notifications regardless of risk level.
More information about the various settings can be found here.
Sign in overview
The user needs to sign in to his client with username and password
Now you see a number in the Sign-In screen and a Okta Verify push notification
is sent to the device to the user’s mobile device.
The user selects the number that matches what they see in the Sign-In screen.
Demo
Here you see a quick demo how this new functionality is looking like enjoy 🙂
