Configure BeyondTrust PowerBroker Password Safe to Interoperate with Okta via RADIUS

Okta and BeyondTrust interoperate through either RADIUS or SAML 2.0. For each Password Safe deployment, you can assign one or more authentication providers. Each RADIUS authentication profile maps to to a group of users via a filter (All Users, All Local Users, All Domain Users, Domain Contains, etc). Using RADIUS, Okta’s agent translates RADIUS authentication requests from BeyondInsight, the BeyondTrust web application and console, into Okta API calls.

This guide details how to configure BeyondTrust PowerBroker Password Safe to use the Okta RADIUS Server Agent.

If you want to integrate with Okta via SAML 2.0, add the BeyondTrust SAML app in Okta by navigating to the Applications tab, select Applications > Add Application, search for BeyondTrust, then click Add.

For the BeyondInsight SAML configuration, see the instructions on your Okta Admin Console on the Sign On page for the BeyondInsight configuration.

There are five parts to the configuration, including optional settings and troubleshooting help; a list of additional resources is also provided.