External Authentication Method (EAM) with Okta via Entra ID

How to leverage Okta's Microsoft External Authentication Method application with Entra ID

Tako (Okta AI Agent) Takes a Huge Step Towards Becoming Autonomous

Executive Summary We’re introducing a significant new feature to Tako, our AI agent for Okta, with the addition of secure real-time API query capabilities. This upgrade allows Tako to connect directly with Okta’s APIs, intelligently generating and executing secure code based on natural language questions. Beyond enhancing Tako’s current functionality, these capabilities establish the foundation … Continue reading Tako (Okta AI Agent) Takes a Huge Step Towards Becoming Autonomous →

Smarter Access Control: A Deep Dive into Okta Authentication Policies and Related Elements

>_this article is based on the okta SSO and adaptive MFA License Authentication policies in Okta provide a flexible and powerful way to control how users access applications and services. By defining specific conditions—such as user group membership, device trust level, location, or network—administrators can enforce tailored authentication requirements like multifactor authentication (MFA) or passwordless … Continue reading Smarter Access Control: A Deep Dive into Okta Authentication Policies and Related Elements →

Mastering Okta Device Access: A Comprehensive Guide to Deploying Desktop MFA with Microsoft Intune

RequirementsOkta RequirementsMicrosoft Intune RequirementsOkta Desktop MFA ConfigurationOkta Verify DeploymentConvert Okta Verify into .intunewin PackageDeploy the Okta Verify .intunewin Package in Microsoft IntuneConfiguring Registry Settings for Okta Device Access in Microsoft Intune via a PowerShell ScriptConfigure and deploy Okta Device Access access policiesOkta Device Access - Windows DemosPasswordless LoginOffline login to Windows - Device Access CodeSelf-Service … Continue reading Mastering Okta Device Access: A Comprehensive Guide to Deploying Desktop MFA with Microsoft Intune →

Okta Device Access – FIDO2 security keys for Windows

January 2025: This is an Early Access release IntroductionRequirementsActivating FIDO2 Support for the Desktop MFASet up the FIDO2 (WebAuthn) authenticatorSetting Up FIDO2 Security KeysUser registers YubiKey using the Okta End-User DashboardRegister a YubiKey on behalf of user in the Admin ConsoleAuthentication use casesAuthentication User verification "Disabled"Demo – Desktop MFA FIDO2 YubiKeyAuthentication User Verification “enabled”Demo – Desktop MFA FIDO2 YubiKeyReset a … Continue reading Okta Device Access – FIDO2 security keys for Windows →

Okta Device Access Out-of-the-box enrollment with Jamf Pro

April 2025: Additional app identifier required for the associated domain entry on macOS 15 Sequoia IntroductionRequirementsOktaApple Business Manager (ABM) AccountJamf Pro MDM ConfigurationDemosSecure macOS onboarding and Platform SSO enrollmentJust-in-Time (JIT) local account creation and Desktop MFA enrollmentConfigure Single-Sign-OnOkta ConfigurationJamf Pro ConfigurationConfigure Okta LDAP with Jamf ProOkta ConfigurationJamf Pro LDAP configurationOkta Device Access configurationSet up Device Access SCEP … Continue reading Okta Device Access Out-of-the-box enrollment with Jamf Pro →

Factor Sequencing on OIE: Authentication Method Chains

When OIE was released it championed assurance levels rather than specific authenticators. This provided a better experience for the majority of users and administrators. This ease of use came at the cost of easily being able to specify specific factors or factor orders which some customers required typically for compliance or regulatory reasons. Many of … Continue reading Factor Sequencing on OIE: Authentication Method Chains →

Leveraging Microsoft Authenticator as a Possession Factor with Okta

Please read the disclaimer first before you start implementing the approach DISCLAIMER: Okta Documentation mentions that configuring Microsoft Azure Active Directory (AAD) can't be used as an IDP Authenticator. This article will test that statement hence if you decide to implement this in your own Okta production org/instance and got into any production issues, Okta … Continue reading Leveraging Microsoft Authenticator as a Possession Factor with Okta →

Get your Fact(or)s Straight!

MFA, Passwordless and Phishing Resistance are all terms we are hearing more and more lately. MFA usage has nearly doubled since 2020 according to Okta's recent Secure Sign in trends report discussed here Unfortunately there is a lot of confusion around what these terms and more basic ones like Factors and Authenticators actually represent. This … Continue reading Get your Fact(or)s Straight! →