Configure Okta org
Before installing the Okta credential provider for Windows, you must configure:
- MFA factors that include the factor to use for RDP sign in.
- A group for the end users who will authenticate RDP sign ins.
- The Microsoft RDP (MFA) app.
The following sections detail each of these requirements.
Configure factors
To select factors within your Okta org:
- Sign in to your Okta tenant as an administrator.
- In the Admin Console, navigate to Security >Multifactor.
- Select the Factor Types tab.
- Activate factors by selecting a factor and clicking Inactive > Activate.

MFA management is outside the scope of this document. For more information, see MFA.
Configure group
To define groups within your Okta org:
- Sign in to your Okta tenant as an administrator.
- In the Admin Console, navigate to Directory > Groups.
- Click Add Group.
- Click the name of the newly added group and use the various menu items to add members and manage group membership.
User and group management is outside the scope of this document.
For general information see Users, Groups, and Profiles
Configure application
- Sign in to your Okta tenant as an administrator.
- Select Applications > Applications.
- Click Add Application and enter Microsoft RDP (MFA) in the search box.
- On the General tab, assign any desired application label and then add the application.
- Select the Assignments tab.
- Assign the application to groups or individuals as required.
- Save your changes.

Important
RDP can fail with the error message Multifactor Authentication Failed if a user attempts to RDP into a server with the RDP agent installed that does not match an Microsoft RDP (MFA) App username.