Active Directory Desktop Single Sign-on

With Desktop Single Sign-on (DSSO), your users are automatically authenticated by Okta when they sign in to your Windows network. Following authentication, users can access applications through Okta without entering additional usernames or passwords. DSSO improves the user experience because users only need to sign in a single time and don’t need separate credentials for each application they access through Okta.

Two methodologies are available for DSSO implementation:

• agentless (recommended)
• IWA web agent running on premises

If you set up registry keys for Agentless SSO, see Migrate your agentless Desktop Single Sign-on configuration.

Topics

• Desktop Single Sign-on prerequisites
• Active Directory Desktop Single Sign-On known issues
• About Active Directory Desktop Single Sign-on and Just-In-Time provisioning
• Identify your Desktop Single Sign-On type
• Configure agentless Desktop Single Sign-on
• Migrate your agentless Desktop Single Sign-on configuration
• Install and configure the Okta IWA Web agent for Desktop Single Sign-on
• Desktop Single Sign-on FAQ
• Desktop Single Sign-on troubleshooting