Demo Video of Okta device Trust integrated with Intune for Windows 10. This is a new unmanaged Windows 10 device being taken out of the box, Azure joined and enrolled into Intune with the device trust certificates and Okta Verify installed automatically.
Back-end setup:
- Okta Identity Engine tenant
- Intune
- Intune added as MDM provider within Okta leveraging Okta CA with Intune profiles – Documentation
- Okta Verify added to Intune – .msi downloaded from Okta administrator console. Uploaded as line of business app in intune.
- O365 dev tenant federated to Okta
- Dev Salesforce added to Okta
- Okta App level policy added to Salesforce – Registered/Managed devices only
Flow:
- New Windows 10 Machine – Signed in with Azure username (provisioned with Okta)
- User then prompted to authenticate with Okta
- Machine runs through default setup questions
- User then prompted to setup Windows Hello
- User prompted to setup a PIN
- Okta Verify then prompts to install automatically – pushed from Intune
- Edge then opened by user and navigates to Okta
- User then clicks Fastpass
- Accepts prompt to open Verify
- User runs through Verify registration
- Registers with Username and Password
- Prompted for additional factor
- Accepts MFA prompt
- Prompted to enable Windows Hello in Okta Verify
- Registration complete
- Navigates back to Okta and secure app (Salesforce)
- Verify loads automatically and prompts for Windows hello
- Authentication complete.
Sales Engineer specialising in Unified Endpoint Management (UEM) and Identity Management.
Technical Expertise:
o Okta – Identity Management – Providing single sign on services to applications
o VMware Workspace ONE – Configuring and managing AirWatch components across all device types.
o Digital Transformation – Helping organisations implement and deploy a modern strategy for UEM
o Networking – VPN, DNS, DHCP
o Device Management – macOS, iOS, Android, Windows and Rugged Devices
o Cloud Solutions – Azure, Office 365, Identity Providers, VMware AirWatch
o Server – Windows Server, Active Directory, Exchange