Add device posture IdP guide

[brentschaus-okta]

Description:

• What's changed?
  Adds a new guide, Configure a device posture IdP, for integrating an external SAML/OIDC device posture IdP with Okta and managing it through the Device Integrations API.

  New guide (/docs/guides/device-posture-idp/) covers:

  • The Device Integrations API read + lifecycle operations — list, retrieve, activate, and deactivate the Device Posture Provider integration (com.okta.deviceidp / metadata.type: DEVICE_IDP).
  • Consuming device posture signals in a device assurance policy via thirdPartySignalProviders.devicePostureIdP (managed / compliant).
  • The SAML assertion and OIDC data contracts (the urn:okta:saml:2.0:DevicePosture namespace, request/response examples, the required IsManaged fact, the AuthnFailed error, and the OIDC device_context claim).
  • Behavioral guidance: highest-priority app sign-in rule for redirect, and the password-before-redirect global session policy behavior.

  To avoid duplication, the guide delegates IdP creation to the existing add-an-external-idp / identity-providers guides and delegates device assurance policy basics + app sign-in rule setup to device-assurance-policies. Uses scoped OAuth 2.0 access tokens (okta.deviceIntegrations.manage, okta.deviceAssurance.manage, okta.policies.manage) throughout — no SSWS. Registered in guides/index.md and navbar.const.js.

  Cross-links added from related docs so the new guide is discoverable:

  • device-signal-collection-policies: the Device posture IdP list item now offers both the Admin Console help topic and the new API guide.
  • device-assurance-policies: a Next steps link for using external device posture signals.
  • concepts/policies: a note that device assurance can use signals from an external device posture IdP.

• Is this PR related to a Monolith release?
  The feature went GA in 2025.07.0. This is post-GA documentation, so it isn't gating an upcoming release. Documented as GA (<ApiLifecycle access="ie" />, no EA tag).

Resolves:

• OKTA-953417

Netlify Preview Link:

Netlify preview

[okta-prod-github-app]

Acrolinx score

A minimum Acrolinx Score of 80 is required. The total score is an average of the subscores.
Select Total score to review the Acrolinx scorecard for your article. Try to increase your individual scores, for example: Correctness. Your content will be clearer and more consistent.

Article	Total score Required:80	Word and phrases (Brand, terms) Preferred: 80	Correctness (Spelling, grammar) Preferred: 80	Clarity (Readability) Preferred: 80	Inclusive language (+ accesibility) Preferred: 80
✅ packages/@okta/vuepress-site/docs/concepts/policies/index.md	86	80	87	65
✅ packages/@okta/vuepress-site/docs/guides/device-assurance-policies/main/index.md	88	100	73	73
✅ packages/@okta/vuepress-site/docs/guides/device-posture-idp/index.md	100	100	100	100
✅ packages/@okta/vuepress-site/docs/guides/device-posture-idp/main/index.md	89	100	100	52
✅ packages/@okta/vuepress-site/docs/guides/device-signal-collection-policies/main/index.md	83	100	100	26
✅ packages/@okta/vuepress-site/docs/guides/index.md	87	67	80	78

Successfully checked 6 of 6 documents.
See summary in Content Analysis Dashboard

Reopen the pull request or push new changes to check again.

Depending on the Acrolinx server configuration, the
links expire after some time and you must have a login for the
Acrolinx server to access them again.