About SAML vs RADIUS User Experience.
Some integrations interoperate with Okta through either RADIUS or SAML 2.0.
The following sections compare the two end-user experiences.
SAML end-user experience
RADIUS end-user experience
There are several advantages to using SAML integrations when available.
- SAML provides a rich, intuitive and consistent login experience. RADIUS interacts with a text-based challenge with inconsistent formatting. Using SAML can reduce user training and support requirements and the consistent sign in experience with SAML makes users less susceptible to phishing attempts.
- SAML integrations provide more security as credentials are exposed to fewer parties.
- SAML integrations run with a simplified infrastructure. The do not require running on-premise agents and require little maintenance. The user agent (web browser, VPN client, etc.) is used to transmit messages in a secure manner; therefore, there is no need for the service provider (firewall or application server) to connect to Okta. Federation is established through a one-time exchange of SAML metadata. This one-time setup establishes trust for ongoing transactions.
- Okta SAML integrations are very robust and include adaptive MFA and provisioning.
The SAML app for Cisco ASA is titled Cisco ASA VPN (SAML).
To use it, add the app, click Sign On in the top menu, and then, click View Setup Instructions for installation instructions tailored to your organization.