This screen lists all users who have started to install and setup a Time-Based OTP app on their mobile device in response to a Client MFA prompt.
Status - not verified: shows Client devices that have started the initialization process but not yet verified completion
Status - verified: shows Client devices that have successfully initialized and seeded the authenticator app
Deployment of the app is managed automatically by the Controller and Client. The Client provides links and instructions to guide the user through the process, and displays a QR code to seed the app. The Controller only recognizes that the app has been successfully installed and seeded when the user enters a valid OTP using the app. Until that point, the OTP setup is treated as not yet complete and the seed will be marked as "unverified".
Background information
Learn about device trust, refer to Multi-stage authorization
Learn about how to configure the on-boarding of new devices, refer to Identity Provider Configuration
Learn about the Client on-boarding cookie refer to Device Registration
Action Buttons
Action buttons are accessed by clicking the three dots to the right of each line item in the table or from the <Actions> button within the item. They are contextual, changing depending on the type of item and the state of the item.
Remove Seed. Removing an OTP seed will re-start the OTP initialization process on the user's device. Once the seed is deleted, the OTP initialization will be triggered when the user attempts to access the protected resource.