Configure failover for the Okta IWA Web agent

Fail over settings determine what users experience if your primary Okta IWA Web agent is unavailable. You can check your System Log to see when a failover occurred and when promotion of the backup Okta IWA Web agent took place.

  1. In the Admin Console, go to SecurityDelegated Authentication.
  2. In the On-Prem Desktop SSO area, click Edit.
  3. Under Failover, select a failover setting:
    • Redirect to backup IWA if primary goes offline: When selected, Okta automatically switches to a healthy IWA Web agent if your primary IWA Web agent goes offline. Your AD Agent checks the health of each IWA Web agent that you have set up.
    • Only redirect to primary IWA agent (default): When selected, if the primary IWA agent goes offline, users are redirected back to the primary IWA agent when it's brought back online. You would typically select this option if you haven't configured a backup IWA Web agent. You can also select this option if you don't want to redirect users to a global redirect URL. See Configure failover for the Okta IWA Web agent.
    • Only redirect to the following URL: When selected, users are redirected to a URL that you specify. This is typically used to direct to a load balancer.
  4. Click Save.