Okta On-Prem MFA agent (including RSA SecurID)
The Okta On-Prem MFA agent (formerly named the RSA SecurID agent) acts as a RADIUS client and communicates with your RADIUS enabled on-prem MFA server, including RSA Authentication manager for RSA SecurIDs. This allows your organization to leverage second factor challenges from a variety of on-premises multifactor authentication tools.
To sign in, end users must use an RSA hardware dongle device or soft token to generate an authentication code to sign into your org. The numbers are generated using a built-in clock and the card's factory-encoded random key. The Okta On-Prem MFA agent (formerly named the RSA SecurID agent) acts as a RADIUS client and will communicate with your RADIUS enabled on-prem MFA server, including RSA Authentication manager for RSA SecurIDs.
If you are currently using the RSA SecurID agent (v. 1.1.0 or below), you should upgrade to the latest version of the On-Prem MFA agent at your earliest convenience. For the latest version and version history, see Okta On-Prem MFA Agent Version History.
Before setting up the On-Prem MFA agent within Okta, set up the RADIUS server settings for your secure OAuth vendor.
The Okta On-Prem MFA agent can be installed on the following:
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
|Download the agent||
|Add and configure On-Prem MFA/RSA SecurID||
|Disable SSL Pinning||
|Install On-Prem MFA agent
|Configure high availability||