Okta is an identity management and single sign-on cloud provider. Okta supports multi-factor authentication through multiple mechanisms, but at my site, only the proprietary Okta Verify smartphone app was supported.

Thankfully, Okta Verify operates via the ‘industry standard Time-Based, One-Time Password Algorithm (TOTP)’, and so can be used with standard TOTP applications, such as Google Authenticator and FreeOTP, though gaining the means to do so is slightly obscure.

To use Okta Verify with a third-party TOTP app, proceed through the multi-factor authentication opt-in process as usual, acting as if you have installed the Okta Verify app.

Image Image Image Image

Image

Once reaching the ‘Scan barcode’ step, ignore the barcode as this is in a non-standard format that cannot be used by standard TOTP apps. Instead, click the ‘Can't scan?’ option and select ‘Setup manually without push notification’. This will reveal the TOTP secret key.

Image

Enter the secret key into your TOTP app as usual. For FreeOTP, tap the ‘key with a plus’ button from the menu bar. For the issuer (first box), enter any text. For the account (second box), enter your username/email. For the secret, enter the secret key shown in Okta.

Leave the remaining options at the defaults. This should be TOTP, 6 digits, SHA1.

Image

You can now use the newly-added key to generate a six digit code and finish setting up Okta multi-factor authentication.

Image

The same key can be used in the TOTP app when signing in with Okta.