Enrolling end users in MFA
Previously, we looked at how enrollment with different authenticators works, but let’s take a closer look at it from an end user perspective. We’ll learn this with the help of an example: an end user enrolling in Okta Verify. After a new MFA policy is rolled out, end users will be prompted to enroll in one or multiple authenticators on their next sign-on or when that authenticator is required. Let’s look at how it would work when the user clicks Setup for Okta Verify:
In the first step, the end user will select what device they are using, and then be informed to download the Okta Verify application from the device’s app store. Afterward, with the downloaded app, the user can scan the QR code to connect and register:
Figure 4.41 – Okta Verify download and QR scan step to enroll
Once the code has been scanned, the user is asked to turn on and use biometric options if the device supports fingerprint...
