Configure failover for the Okta IWA Web agent

Fail over settings determine what users experience if your primary Okta IWA Web agent is unavailable. You can check your System Log to see when a fail over occurred and the backup Okta IWA Web agent was promoted.

  1. In the Admin Console, go to Security > Delegated Authentication.
  2. In the On-Prem Desktop SSO area, click Edit.
  3. Under Failover, select a fail over setting:
    • Redirect to backup IWA if primary goes offline - When selected, Okta automatically switches to a healthy IWA Web agent if your primary IWA Web agent goes offline. Your AD Agent checks the health of each IWA Web agent that you have set up.
    • Only redirect to primary IWA agent (default) - When selected, if the primary IWA agent goes offline, users are redirected back to the primary IWA agent when it is brought back online. You would typically select this option if you have not configured a backup IWA Web agent or you do not want to redirect users to a global redirect URL.
    • Only redirect to the following URL - When selected, users are redirected to a URL that you specify. This is typically used to direct to a load balancer.
  4. Click Save.