When Okta Administrators access the Okta Admin Console via Deep Link or direct login, they may see the following pop-up notification:
"Bring Your Own Telephony Required for SMS & Voice
Starting at your next renewal, in order to send SMS & voice messages as part of the authentication/account/unlock/password reset process, you must bring-your-own telephony provider via Okta's Telephony Inline Hook."
This article explains what the notification means and what to do about it.
What happened
Okta has officially sunset Phone (including SMS and Voice factors) as a built-in authenticator. This change is now in effect for all tenants — for Okta tenants where licensing is sourced from ZeroTek, enforcement began February 1, 2025. For bring-your-own-license (BYOL) Okta tenants, the change took effect at each org's renewal date.
What this means for MSPs
ZeroTek's best practices have always discouraged MSPs from using Phone (SMS/Voice) as authenticators because they are easily compromised and offer a poor user experience compared to recommended authenticators. Okta is now officially recommending the same for its broader customer base. Learn more about why MSPs should not use SMS or voice as authenticators.
If you have not already moved away from SMS and voice, you have two options:
Switch to recommended authenticators — the preferred path for most MSPs.
Integrate your own telephony provider — if you must continue using SMS or voice, you can integrate your own telephony services with Okta using Okta's Telephony Inline Hook. See Integrating SendGrid and Twilio with Okta for voice and SMS authenticators for step-by-step instructions.
If your Okta org is not currently licensed through ZeroTek and you would like to gain the advantages of ZeroTek's Okta licensing, see Transfer non-ZeroTek Okta licenses to ZeroTek.