<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Prevent Not Secure Warning when Using IWA Over HTTP
Oct 28, 2025
Okta Classic Engine
Directories
Overview

Users may see the following warning when attempting to log into Okta using IWA Agent-based DSSO:

The information you're about to submit is not secure 

This article provides steps on how to prevent this message.

Applies To
  • Directories
  • Okta Classic Engine
  • Desktop Single Sign On (DSSO)
  • IWA Agent
Cause

This message is displayed because the agent is configured to send data over HTTP without SSL encryption.

Solution

The recommended solution is to enable SSL encryption for IWA. For instructions on this process, please see How to Enable SSL on the Okta IWA Agent.

If one prefers not to install an SSL certificate, the message can be avoided by following these steps in the Chrome web browser. Steps for configuring different browsers may vary.

  1. Open Chrome, type chrome://flags in the address bar, and press Enter.
    Chrome 

  2. Search for the string "Insecure origins treated as secure" in the search bar.
    Experiments 

  3. Enable the option labeled "Insecure origins treated as secure" and enter the "IWA redirect URL" in the field below.
    Insecure origins treated as secure 

Recommended content

Still looking for help?
Loading
How to Prevent Not Secure Warning when Using IWA Over HTTP