Add the RADIUS application

During this task we will add the generic RADIUS app, configure properties and assign the app to groups.

Before you begin

  • Ensure that you have the required common UDP port and secret key values available.

Topics

  • Add app
  • Assign app to groups

Add the RADIUS App

Adding the generic RADIUS app is no different than adding any other app in Okta.

  1. In Okta, navigate to Applications > Applications > Add Application, search for Generic RADIUS App, and then click Add Application.
  2. Enter a unique name.
  3. In the Sign On tab provide the following:
    FieldValue

    Authentication

    Checked.

    UDP PortRequired. Typically 1812. Enter the RADIUS application UDP port.
    Secret Key

    Required. Enter the secret key that will be used to encrypt and decrypt the user password.
    Must be identical to that used during the gateway configuration.

    Application username format From the drop-down, select the appropriate username format.
    Important Note

    Important

    The UDP Port and Secret key must match between the app, and the client gateway.

  4. To enable EAP-TTLS:
    1. Scroll to the Authentication Protocol section and click Use EAP-TTLS authentication.
    2. Upload the server certificate chain and private key.
    3. Enter the password used to protect the certificate and key.
      Note: Okta recommends password protecting certificates and keys.
    4. Select the TLS version.
    5. Click Save.
      Authentication Protocol settings for Cisco Meraki application
  5. To enable Authentication With AD UPN or AD Sam Account Name:
    1. if required, select the Sign-on tab.
    2. Scroll to the Advanced RADIUS Settings > Authentication section.
    3. Click Edit.
    4. Check Enable UPN or SAM Account Name Login.
      Note

      Note

      When enabling this setting users assigned this application are required to have their username set to the AD user principal name prior to user assignment to the RADIUS application.

    5. Click Save.
    6. On the Sign-on tab scroll to Settings.
    7. Click Edit.
    8. From the Application username format select Email, so that users are imported with their full username@domain.com value.
    9. Click Save.
  6. Click Done when complete.
  1. From Applications menu, choose Applications.
  2. On the Applications page, click the Add Application button
  3. In the left-side search field, enter the keyword RADIUS.
  4. From the resulting list, choose RADIUS App by clicking the Add button.

    Note: When creating app instances, each app name must be unique.

  5. Follow the prompts to complete app creation.

Add to groups

  1. Ensure the Assignments tab is selected.
  2. Click Assign and select Assign to Groups.
  3. Locate the group you want to assign the application to and click Assign.
  4. Complete the fields in the Assign IMA OIN App name to Groups dialog.
  5. Click Save and go back.

    The Assigned button for the group is disabled to indicate the application is assigned to the group.

  6. Optional. Repeat steps 5, 6, and 7 to assign the application to additional groups.
  7. Click Done.
Tip

Tip

For additional information, including guidance on advanced authentication and adaptive multifactor configuration options, see Using the Okta RADIUS App.