t0y08 (t0y08) asked a question.
can okta pass windows authentication to a cloud based web app that is not in the same domain
Can okta pass windows authentication to a cloud based web app that is not in the same domain to achieve single sign on? The flow for the IWA appears to presume that the desktop user and the web application are in the same domain for windows authentication to work. Or in the second flow diagram that the cloud based web app is getting some SAML token and not a true Windows Authentication token. Is that correct?
Hi,
This depends if the app in question supports Password Sync. Further more when pushing a password Okta will present two options: generate a random one or push the existing Okta password. More details can be found in the below article:
https://help.okta.com/en/prod/Content/Topics/Security/Security_Using_Sync_Password.htm
Thank You,
Alexandru Moraru
Technical Support Engineer