Hi Jamf,
we have setup a LDAPS connection from our OKTA instance to Jamf. The reason for this is to have users to authenticate during first iOS enrollement.
This works fine so far, with one minor blocker. Our Okta SSO uses MFA authentication. When the user has setup okta verify push, he will receive a push notification on his other device and the login will complete successfully.
Unfortunately there is no indication on the iphone that a push notifcation is beeing sent, and also there is no way to enter any one time password.
this means if the user doesn't use Okta verify push, but Google Authenticator (our second MFA option), he won't be able to enter the code and therefore sign in and setup will fail.
Bottom line:
Without using okta verify push, the iphone setup is not possible.
Hope this makes sense to you. do you have any idea on what we can do in this situation? Should this be a feature request?
Best, Patrick