Device Fingerprinting

rshasthry · October 2, 2019, 1:03am

Hi Everyone!

I’m raising a question to understand a bit more about the device fingerprinting in Okta. What detail about the device would Okta essentially store? We are keen to understand the strength of the device check. How difficult it is to break this mechanism?

Responses appreciated!

Thanks,
Ranjini

abroadhurst · October 2, 2019, 8:11am

Hi there,

Here is some information in regards to security: https://developer.okta.com/docs/reference/api/authn/#primary-authentication-with-activation-token

Okta seems to store:

fingerprint
-account being authenticated
-ip address
-location
-whether the authentication was successful

You should see the above information (apart from fingerprint) in your logs when a user is verified. (It should display the MFA factor/how or what the user authenticated against).

This is a very difficult mechanic to break unless the ‘device’ you give your fingerprint/Okta access to is not verified by you or Okta.

system · January 23, 2024, 7:23pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
New Device Detection Questions	4	3893	October 12, 2022
Device Fingerprint API	1	2643	February 12, 2024
OKTA Touch ID or Fingerprint authentication Questions	2	4282	January 23, 2024
Okta ,XSS, tokenstorage Questions	1	3031	January 27, 2024
Authenticate after Create for Trusted application Questions	1	4823	January 12, 2024

Device Fingerprinting

Related topics