This article provides instructions for managing the Okta RADIUS Agent in Okta Classic Engine and Okta Identity Engine (OIE), as the management process differs between those two environments.
- Okta RADIUS Agent
Management of the Okta RADIUS Agent settings depends on the Okta environment.
Okta Classic Engine
Administrators open the Okta RADIUS Agent Manager to configure the Shared Secret, RADIUS Port, and Proxy settings. For more details on this workflow, see Manage the Okta RADIUS Agent in Classic Engine.
Okta Identity Engine (OIE)
The Okta RADIUS Agent Manager is not used for configuration. The Okta Admin Console manages the shared secret and port for the RADIUS Application.
Configuration within the specific application or infrastructure typically requires the following:
- Enable RADIUS as an authentication method.
- Specify the hostname or IP address of the Okta RADIUS Server.
- Specify the port, which must match the port selected in the RADIUS App setup in Okta.
- Choose the RADIUS authentication type. The Okta RADIUS Agent only supports Password Authentication Protocol (PAP).
- Select the corresponding checkbox to permit inline Multi-Factor Authentication (MFA) enrollment for end users while they authenticate. If this access is disabled, users with no enrolled MFA factors must enroll in Okta before authenticating.
Related References
For vendor-specific instructions, refer to the relevant documentation for RADIUS setup. Additional details are available in:
