Integrate Okta with your MDM software

Configure your Mobile Device Management (MDM) software to manage Okta Verify and to install it on end-user devices.

Before you begin

Make sure that your MDM software supports managed app configuration. For best results, integrate with MDM software that support these features:

Use the managed app configuration to configure the key-value pair.
Set Okta Verify to install on end-user devices silently and automatically when they enroll in your chosen MDM software.

If you're configuring your MDM software to deploy Okta Verify to Android devices, make sure that Okta Verify is installed in the work profile of the device.

Start this task

This section provides high-level integration instructions for MDM software, and configuration tips for some MDM software solutions. For detailed instructions, see the documentation provided by your MDM software solution.

Configure your MDM software to manage Okta Verify and to install Okta Verify on end-user devices that don't have it installed.
Configure the key-value pair, by using your MDM software's managed app configuration as described in their documentation:

Domain: Enter the URL of your Okta org
Key: managementHint
Value: Enter the Secret Key value that you saved during the Configure Device Management for mobile devices procedure.

The key-value pair is case-sensitive.

Configuration tips

Use these tips to configure the key-value pair in MDM software applications. MDM software configurations can change. Therefore, Okta recommends that you always consult your MDM software solution's documentation.

MDM software	Platform	Configuration tips
VMware	Android	For how to add, assign, and manage Okta Verify with Workspace ONE UEM, perform the procedures as described in the following Workspace ONE UEM documentation: Add Assignments and Exclusions to your Android Applications Configure the following settings: App Delivery Method: Automatic Managed Access: Enable For more configuration settings, see Managed app configurations for Android devices.
iOS	In Add Application: Platform: Apple iOS Source: Search App Store Name: Enter the name of the app. A search finds the app after you click Next. Details: Keep the defaults, and then click Save & Assign In Assignment: Distribution: Name: Enter a name. Assignment Groups: Specify a group(s). App Delivery Method: Auto Restrictions: Make App MDM Managed if User Installed: Enable Application Configuration: Managed Access: Enable Send Configuration: Enable Click +Add and configure settings: Configuration Key: managementHint Value Type: String Configuration Value: Enter the Secret Key that you generated in the previous procedure STEP 2 – Enable Management Attestation for your org. For more configuration settings, see Managed app configurations for iOS devices.
Microsoft Intune	Android	To manage Okta Verify with Microsoft Intune for Android devices, perform the procedures as described in the Microsoft Intune document Add app configuration policies for managed Android Enterprise devices. Device enrollment type: Managed devices Associated App: Okta Verify Configuration settings format: Use configuration designer Username (string): Enter your username for your Okta org

MDM software

Platform

Configuration tips

VMware

Android

For how to add, assign, and manage Okta Verify with Workspace ONE UEM, perform the procedures as described in the following Workspace ONE UEM documentation:

Add Assignments and Exclusions to your Android Applications

Configure the following settings:

App Delivery Method: Automatic
Managed Access: Enable
For more configuration settings, see Managed app configurations for Android devices.

iOS

In Add Application:

Platform: Apple iOS
Source: Search App Store
Name: Enter the name of the app. A search finds the app after you click Next.
Details: Keep the defaults, and then click Save & Assign

In Assignment:

Distribution:
- Name: Enter a name.
- Assignment Groups: Specify a group(s).
- App Delivery Method: Auto

Restrictions:

Make App MDM Managed if User Installed: Enable

Application Configuration:

Managed Access: Enable
Send Configuration: Enable
Click +Add and configure settings:

Configuration Key: managementHint

Value Type: String

Configuration Value: Enter the Secret Key that you generated in the previous procedure STEP 2 – Enable Management Attestation for your org.
For more configuration settings, see Managed app configurations for iOS devices.

Microsoft Intune

Android

To manage Okta Verify with Microsoft Intune for Android devices, perform the procedures as described in the Microsoft Intune document Add app configuration policies for managed Android Enterprise devices.

Device enrollment type: Managed devices
Associated App: Okta Verify
Configuration settings format: Use configuration designer
Username (string): Enter your username for your Okta org

Next steps (mandatory)

Configure an SSO extension on iOS devices