Okta MFA for MacBooks
Okta Multi-Factor Authentication (MFA)
Okta MFA Enrollment for MacBooks
Okta Verify for Mac walkthrough video
Please note these directions are to assist in setting up the MacBook as your first device. If you already have a device with Okta installed the directions are similar but you will need your other device with you to get the 8 digit code.
Okta Verify Application Configuration
-
On your MacBook navigate to Finder > Applications and click on the Okta Verify to launch the application. If you cannot locate Okta Verify on your computer, please install the application through Self Service. Please note that you will need to sign-in to Self Services to see Okta. Once Okta Verify is installed and running it will show in the upper right corner on the menu bar.
-
A “Welcome to Okta Verify” screen should open. Click the Get Started button to start the configuration if this is your first device. If you already have a device setup select "Add account from another device" and jump to the section with the same name (after #10)
(Note: If you had previously enrolled your current device you should see the SPPS account when you open the app.)
-
On the “New account” screen. Enter “okta.spps.org” if it doesn’t autofill with this information. Then click the Next button to continue.
-
You will see a screen with information about Touch ID with Okta Verify. It's highly encouraged to setup the Touch ID on your MacBook for quicker and more secure login. The MacBook creates an encrypted math algorithm based on your fingerprint and stores it locally on the device. If you use more than one device you will need to setup your fingerprint on each device. The fingerprint data (or algorithm) is not able to be exported or downloaded.
(If you've already setup the TouchID click the Next button to continue with the setup)
-
Your default browser should open to an Okta sign in page. When prompted enter your email address (firstname.lastname@spps.org). Click the Next button to continue.
(Note: If you have a different device already enrolled Okta will prompt you to verify using that device. If that device is not accessible you will not be able to enroll a new device without it.)
-
Enter your active directory password and click Verify to continue.
-
When you see, allow this page to open Okta Verify, select Allow to continue with the setup.
-
If you already have the Touch ID setup, you will get a prompt to enable Touch ID for your Okta Verify Account. Enable Touch ID to continue with the setup. If you do not have Touch ID setup, you will be prompted to set up the biometric at some point during the process. Here is a walk through guide from Apple for setting up your fingerprint on your MacBook - link to Touch ID guide.
-
When prompted scan your fingerprint to complete the setup. **This configuration allows for the use of Okta FastPass which will allow for quicker and more secure authentication.
Adding an Account from Another Device
-
On the “Welcome to Okta Verify” screen select "Add account from another device" You should see the following screen.
-
On your other device open the Okta Verify App and click on the arrow next to your account. This will open a new window where you can select "Add account to new device".
-
You will be prompted for Touch ID or a password then you should get a QR code with an 8 digit code. Enter the 8 digit code on the new device and press enter.
- After adding the account it will prompt to setup Touch-ID
Post MFA Enrollment Steps
-
On your desktop open a browser and go to okta.spps.org
-
Sign in using your SPPS email firstname.lastname@spps.org and click the Next button to continue.
- Verify with your active directory password and click the Verify button to login.
-
You will be prompted for a biometric. After verifying your identity, you will be brought to the Okta dashboard and should see the SPPS MFA Test App.
-
When you select the SPPS MFA Test App it will launch in your browser. You should see your first and last name, along with your email. This is how easy it will be to open applications using Okta in the future.
-
Technology Services will be working to add Google and Office 365 to Okta to create a quick access dashboard for SPPS applications.
Additional Configuration for Okta Verify
- We highly encourage configuring and additional device as a backup should you not have your laptop or computer such as your iPad, work phone, or personal phone.
-
On your desktop open a browser and go to Okta.spps.org and if you are not logged in use your firstname.lastname@spps.org email address and active directory password.
-
In the top right corner click on your name to bring up the menu and then select Settings.
-
Select the Setup another button on the Okta Verify line underneath Security Methods to start the additional Okta Verify enrollment steps. This is also where one can add and remove devices should you get a new computer, iPad or phone.
-
You will be prompted to “Use Okta FastPass” or Password. Click Select by “Use Okta FastPass” to make the process quick.
- Select Allow to open Okta Verify.
- You will be prompted to scan your fingerprint just like you were during the desktop application setup. Scan your fingerprint to continue the setup.
-
At this point follow the Okta MFA Enrollment for iPads and Phones Guide starting at Step 5. You will need to have the Okta Verify app installed on your phone. Okta Verify should be pushed out to all staff iPads, however, if it is not there you can install the app from self-service.
