About the Okta RADIUS Server Agent flow

The following diagram describe Okta RADIUS Server Agent authentication low.
Diagram of the Okta RADIUS server architecture and flow.

  1. User sends credentials to VPN device connected to Okta via RADIUS
  2. VPN device forwards user credentials to the Okta RADIUS Server Agent
  3. Okta RADIUS Server Agent uses Okta APIs to validate credentials
  4. Okta validates user credentials
  5. Okta APIs respond with MFA challenge based on configured policy
  6. RADIUS Server Agent sends challenge to VPN device
  7. VPN device presents RADIUS challenge to end user
  8. VPN device sends RADIUS challenge response to Okta RADIUS
  9. Okta RADIUS sends response to Okta APIs to be validated
  10. Okta APIs respond with correct/incorrect for the response
  11. Okta RADIUS sends ACCEPT or REJECT to the VPN device