About the Okta RADIUS Server Agent flow
The following diagram describe Okta RADIUS Server Agent authentication low.
- User sends credentials to VPN device connected to Okta via RADIUS
- VPN device forwards user credentials to the Okta RADIUS Server Agent
- Okta RADIUS Server Agent uses Okta APIs to validate credentials
- Okta validates user credentials
- Okta APIs respond with MFA challenge based on configured policy
- RADIUS Server Agent sends challenge to VPN device
- VPN device presents RADIUS challenge to end user
- VPN device sends RADIUS challenge response to Okta RADIUS
- Okta RADIUS sends response to Okta APIs to be validated
- Okta APIs respond with correct/incorrect for the response
- Okta RADIUS sends ACCEPT or REJECT to the VPN device