Active Directory Desktop Single Sign-on

With Desktop Single Sign-on (DSSO), your users are automatically authenticated by Okta when they sign in to your Windows network. Following authentication, users can access applications through Okta without entering additional usernames or passwords. DSSO improves the user experience because users only need to sign in a single time and don't need separate credentials for each application they access through Okta.

Two methodologies are available for DSSO implementation:

  • agentless (recommended)
  • IWA web agent running on premises

If you set up registry keys for Agentless SSO, see Migrate your agentless Desktop Single Sign-on configuration.

Topics