use OKTA to authenticate against Azure IaaS servers Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
christophe lamschristophe lams 

use OKTA to authenticate against Azure IaaS servers


we have a cloud only setup with OKTA for user management and authentication against SaaS applications.
We also have an Azure subscription with some IaaS VMs, these VMs are not joined to a domain.
We would like to have an RPD client published to the OKTA poral that provides access to the VMs and log in with the know OKTA accounts instead of setting up static user/pass for VM access.
I was thinking about adding Azure AD Domain Service to the Azure subscription and add our VMs to this domain and then federate OKTA with this AD, is this possible or are there any other options to make this work?
Chris DoddsChris Dodds
We are doing something similar. You'll need to run the AD agent on at least one of the member servers as there's no way to directly federate to Azure AD that I know of (other than via Office365).
Subhomoy-Admin Chakraverty-AdminSubhomoy-Admin Chakraverty-Admin
Interesting. I am tyring to figure out the same. We use AWS and leverage OKTA SAML integration with AWS to allow access to AWS console via OKTA and leverage IAM roles in AWS to map to AD groups within OKTA. Not sure how to do that in Azure. Seems like Azure is missing the IAM roles piece of AWS which provides a SAML interface. OKTA can be configured as a IDP within AWS. Anyone attempted similar setup with Azure.. 
Ben SabrinBen Sabrin

ScaleFT can be very uesful for managing access for servers in Azure and AWS, and it cleanly integrates with Okta.