Ross Kirk - 11.07.202220220711

How to Enable Okta Device Trust within Microsoft Intune

Okta has great knowledge base articles which discuss their solution and configuration capabilities. However, I have noticed there is very little guidance available “from the field” for Microsoft Intune.

If you’re new to Microsoft Intune, Nick Thomas’ Ultimate Guide to Microsoft Intune explains what Intune can do for your organisation. For those who have already adopted Microsoft Intune, please continue reading.

The following guide is based on iOS/iPadOS programs; however, this can also be configured for Android by following the same steps within Microsoft Intune.


There are prerequisites required before Okta Device Trust can be implemented.

  • Okta Mobile App: This app delivers Okta’s Single Sign-On (SSO) for iPads, iPhones and Android devices to end-users, providing instant one-click access to all their applications
  • Microsoft Intune License: You’ll need the appropriate Microsoft Intune license so it can be applied to end-users (depending on your organisation’s licensing model)


In order to successfully implement this solution, App configuration policies for Microsoft Intune needs to be configured. You’ll also need to ensure the app is available for integration within Microsoft Intune. To begin:

  1. Go to Microsoft Endpoint Manager admin centre
  2. Select Apps in the left-hand sidebar menu
  3. Select iOS/iPadOS apps
  4. Select +Add
  5. Select app type: iOS store app
  1. Select app type: iOS store app
  1. Once you configure your Assignment requirements you are ready to create the App configuration policy

Creating the App configuration policy   

  1. Go to Microsoft Endpoint Manager admin centre
  2. Select Apps in the left-hand sidebar menu
  3. Select App configuration policies
  4. Select the + Add dropdown and select Managed devices
  1. Create a new App configuration policy. Give it a unique name, description, select your platform (iOS/iPadOS) and your targeted app (Okta Mobile)
  1. Select “Use configuration designer” – there are a series of configuration items that are required. I have detailed them below.
  • The configuration key and value type are the standard items required for all organisations. The configuration value is unique to your organisation. You can get these values from your Okta management portal. This is all case-sensitive.

Select your assignments and you are good to start testing

  • If you want to know any further information around adopting Microsoft Intune and how Insentra can help, our Microsoft FastTrack services may be exactly what you are looking for!

Hopefully this has been informative and helpful! If you need any further clarification or a no-frills chat, contact us at Insentra or read more from me at Insentra Insights.

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?