Install the RADIUS LINUX agent

During this step we:

Prepare the environment

  1. Download the RPM installer as noted in the Install the RADIUS LINUX agent section.
  2. If using an Amazon Elastic Compute Cloud (commonly referred to as Amazon EC2) ensure you have all required keys and upload the RPM into the environment.

Validate the download

Check the Downloads page to see this agent's file size and SHA-512 hash. You can use the file size and hash to verify the integrity of the files.

  1. In the Admin Console, go to Settings > Downloads.
  2. Select the Download link next to the RADIUS installer (rpm or deb).
  3. Use one of the following commands to generate the hash on your local machine. Note that you should replace setup with the file path to your downloaded agent.
    • Linuxsha512sum setup.rpm
    • MacOSshasum -a 512 setup.rpm
    • WindowsCertUtil -hashfile setup.exe SHA512
  4. Verify that the generated hash matches the hash on the Downloads page.

Install the agent

Important Note


The following commands must be run as root.

Important Note

RADIUS port is exchanged with the RADIUS agent when the associated RADIUS application is configured. This exchange occurs in the background and no administrator intervention is required.

  1. Login to the computer which will run the agent and open a terminal window.
  2. Become root.

    $ su root
    password:<enter root password>
  3. Install the agent.
    1. Using rpm to install the agent run the command:
      rpm -Uvh OktaRadiusSetupRPM-{M.m.details}.rpm
      • U - install or upgrade

      • v - execute in verbose mode.

      • h - Print hash marks, #, periodically while performing operation

      • M.m.details represents the most recent version of the agent RPM.
        For example: OktaRadiusSetupRPM-2.10.0.rpm

    2. Using debian apt to install the agent run the command: 
      apt install /${PATH_TO_INSTALLER_FILE}/OktaRadiusAgentSetup-{M.m.details}.deb
      • M.m.details represents the most recent version of the agent DEB.
        For example: OktaRadiusAgentSetup-2.10.0.deb

  4. The installer will execute and prompt you to enter the base URL for your Okta organization.
    For example:
  5. The agent will then prompt you to authenticate with your Okta tenant.
    Copy the URL from the agent install window into a web browser.
    The URL will resemble:
  6. In the web browser, you’ll be prompted to authenticate to Okta and authorize the agent.
    Click Allow Access.


    Okta recommends authorizing the agent using a dedicated service account with Super Admin privileges. An API token will be generated for the agent. To learn more about API tokens see API token management.
    Refer to Install the RADIUS LINUX agent for more information.

  7. Return to the Linux terminal window where you should see a message stating the agent was successfully registered.
  8. Configure a RADIUS app in Okta to configure the RADIUS agent port, shared secret, and advanced RADIUS settings .
    For more information about configuring the RADIUS App in your okta tenant please see RADIUS applications in Okta
Important Note

After any upgrade Okta recommends that you always shutdown and restart the RADIUS agent.

Next steps

Configure Proxies