<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
Install the RADIUS Windows Agent
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview

This article provides a comprehensive step-by-step review of the installation process of the Okta Windows RADIUS agent.

Applies To
  • RADIUS
  • Windows Operating System
  • Multi-Factor Authentication (MFA)
Solution

When setting up a RADIUS integration, a RADIUS agent that acts as an intermediate between the VPN and Okta must be installed.

  1. The RADIUS Agent can be downloaded from the Okta Admin Dashboard Settings > Downloads

RADIUS agents

  1. After the agent is downloaded, it can be installed.

RADIUS agents

  1. During the installation process, several steps must be confirmed during the installation.

RADIUS agents >RADIUS agents >RADIUS agents 

  1. During the installation process, the location where the agent will be installed must be specified.


RADIUS agents 

  1. If a proxy connection is used, this must be specified during the installation process.

RADIUS agents

  1. The Okta Tenant URL must be specified during the installation process. NOTE: The URL must be complete and the default URL (without -admin and with https://).

RADIUS agents

  1. After the Okta Tenant URL was specified the admin must authenticate in Okta to generate an API Token that will be linked with the RADIUS agent. 

Log in 

NOTE: When installing the RADIUS Agent, log in with an account that has both:

    • Read-only Admin and App admin roles; 
    • or has the Super admin role.

In addition, Okta recommends using a dedicated service account to authorize RADIUS agents. A dedicated account ensures that the API token used by the RADIUS agent is not tied to the life cycle of a specific user account, which could be deactivated when the user is deactivated.
The Okta credentials used in creating the API Token will show as the actor for every authentication event in the System Logs when authenticating with the RADIUS agent

  1. After logging into Okta, they must give permissions to the agent to access Okta and generate the API Token.

RADIUS agents 
 

  1. After allowing access, the installation process will continue. 

RADIUS agents > RADIUS agents 
 

The Warning refers to the agent not accepting any request if there are no RADIUS applications setup in Okta.

NOTE: Please refer to the Typical workflow table in our manual for full instructions on the broader scope of RADIUS deployment options, considerations, and troubleshooting:

Related References 

Loading
Install the RADIUS Windows Agent