Okta Users Cannot Automatically Log In to Microsoft Teams via IWA
Mar 27, 2026
Okta Integration Network
Okta Classic Engine
Directories
Okta Identity Engine
Overview
When Microsoft Office 365 (O365) is federated with Okta and Integrated Windows Authentication (IWA) is enabled, federated users might be unable to log in to Microsoft Teams automatically and are prompted to enter their credentials manually.
This issue occurs because the IWA Redirect URL is set to HTTP instead of HTTPS. Resolve this issue by updating the IWA Redirect URL to HTTPS in the Okta Admin Console.
Applies To
- Okta Classic Engine
- Okta Identity Engine (OIE)
- Microsoft Office 365 (O365)
- Microsoft Teams
- Integrated Windows Authentication (IWA)
- Okta IWA Agent
Cause
The IWA Redirect URL is configured to use HTTP instead of HTTPS.
Solution
How is the Microsoft Teams automatic login issue resolved?
To resolve this issue, change the IWA Redirect URL from HTTP to HTTPS.
Follow these steps to modify the IWA Redirect URL:
- Go to Security > Delegated Authentication.
- Under the On-Prem Desktop SSO heading, select Edit.
- Select the pencil icon next to each IWA server to modify the IWA Redirect URL for that server, changing HTTP to HTTPS.
- Select Save on the agent configuration screen, and then select Save at the bottom of the On-Prem Desktop SSO section.
NOTE: Okta strongly recommends using Agentless Desktop Single Sign-On (DSSO) to implement DSSO.
