Deploy Okta Verify to Windows devices
You can deploy Okta Verify to users' devices, or users can install the Okta Verify app themselves. If you don't want users to install the Okta Verify app, then you can deploy it to their devices.
If you specify the OrgUrl option when you deploy Okta Verify to Windows devices, updates are automatically installed. Okta Verify checks the server for app updates. When a new version is available, it's automatically downloaded on the device.
If you don't specify the OrgUrl option, then the app is automatically updated only if the user has an Okta Verify account (active enrollment).
If you don't want to deploy Okta Verify, then users can install the app. See installation instructions for users at Get started with Okta Verify on Windows devices.
Before you begin
When you deploy Okta Verify to Windows devices, users might receive notifications or prompts:
-
End User License Agreement (EULA) and Crash Reporting notice:
If you use your mobile device management (MDM) software or Microsoft Endpoint Manager (MEM) to deploy Okta Verify, then users don't receive the EULA or Crash Reporting notices. Users must uninstall Okta Verify and reinstall it. The notices appear during reinstallation.
-
User Account Control (UAC) prompt
-
If you use MEM software to deploy Okta Verify, users receive the UAC consent and credential prompts.
-
If you use MDM software, users don't receive UAC prompts.
-
Tasks
- Deploy Okta Verify using Microsoft Intune
- Deploy Okta Verify using MEM software
- Configure Okta Verify to work in a proxy-enabled environment
Deploy Okta Verify using Microsoft Intune
To run the Okta Verify installer in quiet mode, use /q for version 4.0.2 or later. For earlier versions, use /q2.
Use Intune to deploy Okta Verify as a Win32 app and not as a line-of-business (LOB) app.
-
Prepare Okta Verify for upload.
-
In the Okta Admin Console, go to Settings > Downloads and download Okta Verify for Windows (.exe).
-
Convert Okta Verify into the .intunewin format. See Prepare Win32 app content for upload.
-
-
Add, assign, and monitor the Okta Verify deployment. See Add, assign, and monitor a Win32 app in Microsoft Intune.
-
Go to the Microsoft Endpoint Manager admin center.
-
Go to Apps > All apps > Add.
-
On the Select app type pane, under the Other app types, select Windows app (Win32).
-
Click Select.
-
On the Add app pane, click Select app package file.
-
Click the browse button and select the Okta Verify installation file with the .intunewin extension. For example, OktaVerifySetupx.x.x.x-yyyyyyy.intunewin.
-
Click OK.
-
On the App information page, add the details for your app.
-
On the Program page, configure the app installation and removal commands for the app:
-
Install command: Enter OktaVerifySetup-x.x.x.x-yyyyyyy.exe /q OrgUrl=https://{org}.org.com. There are other possible configurations. See Managed app configurations for Windows devices.
-
Uninstall command: Enter OktaVerifySetup-x.x.x.x-yyyyyyy.exe /uninstall /q
-
Install behavior: Use the default setting System.
-
Device restart behavior:
-
-
Click Next.
-
On the Requirements page, specify the requirements that devices must meet before the app is installed and click Next:
-
Operating system architecture: Select the architectures needed to install the app.
-
Minimum operating system: Select Windows 10 1709.
-
-
On the Detection rules page, configure the rules to detect the presence of the app and click Next. You can choose to add multiple rules:
-
Rules format: Select Manually configure detection rule.
-
Path: C:\Program Files\Okta\Okta Verify
-
File or folder: OktaVerify.exe
-
Detection method: Select File or folder exists.
-
Associated with a 32-bit app on 64-bit clients: Keep the default value No.
Click Add and enter this information on the Detection rule page and click OK:
-
-
On the Dependencies page, keep the default values and click Next.
-
Skip the Supersedence (preview) page. Click Next.
-
On the Review + create page, review your input. Confirm that you configured the app information correctly.
-
Click Create to add the app to Intune.
-
Deploy Okta Verify using MEM software
Installation occurs at the system level. User-based installation isn’t supported.
- Copy the file Okta Verify Setup file to your MEM server.
- In the Configuration Manager console, go to Software Library > Application Management > Applications.
- On the Home tab, in the Create group, select Create Application.
- On the General page of the Create Application Wizard, select Automatically detect information about this application from installation files. Specify the following information:
- Type: Select Windows Installer (*.exe).
- Location: Browse to the Okta Verify Setup file.
- Click Next.
- Follow the on-screen prompts.
- On the General information page, enter application details so that you can sort and find it in the Configuration Manager console:
- Name: Enter a name.
- Installation program: Specify the installation program, using one of the following flag options:
- Don't specify installer flags:
OktaVerifySetup-x.x.x.x-yyyyyyy.exe /q
- Specify installer flags. In the following examples, square brackets ("[" and "]") indicate optional parameters. For flag and value options, see Managed app configurations for Windows devices.
OktaVerifySetup-x.x.x.x-yyyyyyy.exe -q [<Flag_1>=<Value_1>] [<Flag_2>=<Value_2>] [...]
Example: OktaVerifySetup-x.x.x.x-yyyyyyy.exe -q OrgUrl=https://ORGNAME.oktapreview.com
- Don't specify installer flags:
- Click Next.
- On the Summary page, confirm the settings and complete the wizard.
- In the center pane of the Applications list, right-click the app and select Deploy.
- Follow the prompts in the Deploy Wizard.
Configure Okta Verify to work in a proxy-enabled environment
When you deploy Okta Verify in a proxy-enabled environment, an extra configuration step is required to allow automated updates.
You can configure proxy settings during installation using a ProxyURL or a ProxyPacLocation argument, depending on your environment. You can also configure Okta Verify to allow automated updates.
For a proxy server, enter these parameters:
OktaVerifySetup-x.x.x.x-yyyyyyy.exeProxyURL=https://proxy.sample.com:3888
For proxy auto configuration, use OktaVerifySetup-x.x.x.x-yyyyyyy.exe ProxyPacLocation=<pac-file-location>.