May 2025: This is an Early Access release Introduction In today's increasingly complex and perilous digital landscape, the concept of Zero Trust has evolved from a security buzzword to a fundamental architectural principle. Organizations are no longer able to implicitly trust any user or device, regardless of their location or network. This paradigm shift demands … Continue reading Fortifying the Zero Trust Framework with Okta Advanced Posture Checks for macOS
Category: Kandji
Okta Device Access – Allowed Factors on macOS
IntroductionPrerequisitesConfigure Allowed Factors MDM policyOmnissa Workspace ONE UEMJamf ProKandjiMicrosoft IntuneDemo Introduction Admins can now control which verification methods users are permitted to authenticate with by configuring a new registry value called AllowedFactors. This provides greater flexibility in managing authentication options within the system. Prerequisites Okta Device Access Desktop MFA configured in your environment Okta Verify … Continue reading Okta Device Access – Allowed Factors on macOS
Desktop MFA Recovery for macOS
August 2024: This is an Early Access Feature IntroductionPrerequisitesEnable Device RecoveryConfigure Device RecoveryOmnissa Workspace ONE UEMJamf ProKandjiMicrosoft IntuneRequest a Device Recovery PINDemo Request a Device Recovery PINCreate Device Recovery PINDemo Create Device Recovery PINDemo Desktop MFA Admin RecoveryConclusion Introduction In today's security-focused environment, Multi-Factor Authentication (MFA) is crucial for protecting user accounts and data. However, … Continue reading Desktop MFA Recovery for macOS
Okta Device Access macOS TOTP account link
IntroductionPrerequisitesCreate / Adjust MDM ProfilesWorkspace ONE UEM ProfileJamf PRO ProfileKandji ProfileMicrosoft Intune ProfileDemo Introduction In Desktop MFA for macOS, admins can now choose between Okta Verify push notification and Okta Verify Time-based One-Time Password as the user verification method used to link an Okta account to the local macOS account.In this blog I will show you … Continue reading Okta Device Access macOS TOTP account link
Desktop Password Sync meets Platform SSO 2.0 and Kandji
October 2024: The Okta application name from "Desktop Password Sync" to"Platform Single Sign-On for macOS"April 2025: Additional app identifier required for the associated domain entry on macOS 15 Sequoia (mobileconfig template was updated) IntroductionPrerequisitesSet up Device Access SCEP certificatesConfigure Okta as a CA for Device AccessKandji SCEP configurationVerify that certificate was installed on deviceUpdate your Kandji Library profilesPlatform … Continue reading Desktop Password Sync meets Platform SSO 2.0 and Kandji
Better together: Okta Device Access and Okta FastPass
IntroductionmacOS Okta Device Access and FastPass experienceEnable Okta FastPassEnroll Okta FastPass on macOSConfigure authentication policiesOkta DashboardApplication PolicyAdditional configurations on macOS DevicesConfigure SSO extension for managed macOS devicesConfigure auto-launch Okta Verify on macOS devicesWindows Okta Device Access and FastPass experienceEnroll Okta FastPass on WindowsSkip the Open Okta Verify prompt Introduction Combining security and user experience sometimes seems to be a … Continue reading Better together: Okta Device Access and Okta FastPass
Okta Device Access with Kandji a step-by step guide
October 2024: The Okta application name from "Desktop Password Sync" to"Platform Single Sign-On for macOS"April 2025: Additional app identifier required for the associated domain entry on macOS 15 Sequoia (mobileconfig template was updated) IntroductionRequirementsOkta Desktop MFA ConfigurationOkta Password Sync (Platform -SSO) configurationPrepare your Kandji environmentEnroll your macOS into KandjiCreate the profile for Desktop MFA Deploy Okta Verify App … Continue reading Okta Device Access with Kandji a step-by step guide