Configure Royal TSX for Okta Privileged Access

Royal TSX is an RDP client available for macOS. You can use Royal TSX to create RDP or SSH connections to servers enrolled with Okta Privileged Access. If Royal TSX is installed, the Okta Privileged Access client automatically routes connections through Royal TSX.

Before you begin

  • Download and install Royal TSX.
  • Install the following plugins from Royal TSXPlugins:
    Remote Desktop (based on FreeRDP)Required for RDP connections
    Terminal (based on iTerm2)Required for SSH connections
    Web (based on Webkit)Required for connections from a dynamic folder

Configure Royal TSX for gateway connections

If a connection is being routed through a Okta Privileged Access gateway, you need to configure other settings in the Royal TSX client.

This process makes Royal TSX unable to verify if a connection is forwarded directly through the Okta Privileged Access client.

  1. Open the Royal TSX client.
  2. In the left panel, open ApplicationDefault Settings.
  3. Right-click Remote Desktop Default Settings and select Properties.
  4. In the left menu, select Advanced, and go to the Authentication tab.
  5. Enable TLS Encrytpion.
  6. Click Apply & Close.

Create a dynamic folder for team servers

Dynamic folders allow Royal TSX to automatically add a list of servers that belong to a team. You can use this to start RDP and SSH sessions directly from Royal TSX.

  1. In Royal TSX, go to FileNew Document.
  2. Right-click the new document and select AddDynamic Folder.
    The Dynamic Folder Settings window appears.
  3. Enter a name and description for the folder.
  4. Click Dynamic Folder Script.
  5. In the Interpreter dropdown, select Bash.
  6. Replace the default script with:sft list-servers-rjson
  7. Click Apply & Close.
  8. Right-click the dynamic folder and select Reload.
  9. If prompted for approval by Okta Privileged Access, click Approve.

Royal TSX populates the folder with a list of available servers. To refresh this list, right-click the folder and select Reload.

Related topics

RDP setup

Use the Okta Privileged Access client