Free Edition
What is MDM?
Enterprise Mobility Management
Mobile Device Management
Mobile Application Management
Mobile Security Management
Mobile Email Management
Mobile Content Management
BYOD
Compliance
- CJIS
- HIPAA
- ISO
- PCI
- GDPR
Awards & Reviews
Supported Platforms
- iOS
- Android
- Windows
- macOS
- Chrome OS
- Android Enterprise
- Samsung Knox
Related Products

How to attain Okta Device Attestation for iOS devices?

Managed devices should be attested by Okta for provisioning SSO extension with Okta and Okta Device Trust. Attestation can be achieved for iOS devices by configuring a managed app with a management hint (shared secret) that is sent to the device through Mobile Device Manager Plus .

Overview

To ensure an iOS device is managed, Okta checks if it has a secret hint. To obtain the secret hint, the administrator or technician must first add Mobile Device Manager Plus to Okta and get the secret hint. Then this secret hint should be added to the MDM App configuration, and the app should be distributed to the managed device(s). Learn more about secret hint by visiting Okta's documentation on Managed app configurations for iOS devices.

Follow the detailed steps specified below to configure Okta Device Trust for iOS devices

Step 1: Add Device Management Platform in Okta :

Login to Okta portal, and under Security, go to Device Integrations and click on Add Platform.
Okta > Security > Integrations > Add Platform

Then in the Device integrations choose the platform as iOS. After that click Next to proceed.

Step 2: Getting Secret Hint from Okta :

Copy the Secret key and the organisation URL (from the top right corner of the Okta dashboard). Then specify ManageEngine as the name of your device management provider.
For the enrollment link, add the self enrollment link from the MDM console and click Save. You can access the self enrollment link by navigating to the Enrollment tab under Enrollment > Self Enrollment .
Next an XML file should be configured to upload as app configurations.

In the XML codes shown above, replace the Paste_your_org_url_here string with the Org URL copied from Okta , and replace the Paste_your_secret_hint_here string with the secret hint copied from Okta.
Once the organisation URL and secret hint are pasted in the codes, save this configuration as an XML file.

Step 3:Distribute Okta Verify app to the devices :

The next step is to distribute the Okta Verify app to the devices. For iOS, the app can be added using ABM server tokens or using the App Store in the MDM App repository. For adding configuration to the app follow the steps below:

In the MDM console,go to the App Repository by navigating to Device Mgmt > App Repository.
Select and choose the Okta Verify App.

Then choose Configurations and upload the XML file.
Click Save and then distribute the app to all the devices you want to bring under management.
For successful device attestation, the user should add their account to Okta Verify and then sign up at least once with their organisation credentials.