Configure Royal TSX for Okta Privileged Access
Royal TSX is an RDP client available for macOS. You can use Royal TSX to create RDP or SSH connections to servers enrolled with Okta Privileged Access. If Royal TSX is installed, the Okta Privileged Access client automatically routes connections through Royal TSX.
Before you begin
- Download and install Royal TSX.
- Install the following plugins from :
Plugin Description Remote Desktop (based on FreeRDP) Required for RDP connections Terminal (based on iTerm2) Required for SSH connections Web (based on Webkit) Required for connections from a dynamic folder
Configure Royal TSX for gateway connections
If a connection is being routed through a Okta Privileged Access gateway, you need to configure other settings in the Royal TSX client.
This process makes Royal TSX unable to verify if a connection is forwarded directly through the Okta Privileged Access client.
- Open the Royal TSX client.
- In the left panel, open .
- Right-click Remote Desktop Default Settings and select Properties.
- In the left menu, select Advanced, and go to the Authentication tab.
- Enable TLS Encrytpion.
- Click Apply & Close.
Create a dynamic folder for team servers
Dynamic folders allow Royal TSX to automatically add a list of servers that belong to a team. You can use this to start RDP and SSH sessions directly from Royal TSX.
- In Royal TSX, go to .
- Right-click the new document and select .
The Dynamic Folder Settings window appears. - Enter a name and description for the folder.
- Click Dynamic Folder Script.
- In the Interpreter dropdown, select Bash.
- Replace the default script with:sft list-servers-rjson
- Click Apply & Close.
- Right-click the dynamic folder and select Reload.
- If prompted for approval by Okta Privileged Access, click Approve.
Royal TSX populates the folder with a list of available servers. To refresh this list, right-click the folder and select Reload.