Getting started with Okta RADIUS Integrations

Okta provides the ability for organizations to use Okta to manage authorization and access to on-premises applications and resources using the RADIUS protocol. Okta provides a RADIUS Server Agent that organizations can deploy to delegate authentication to Okta. Admins can configure sign-on policies to RADIUS-protected applications just as they would any other application in the Okta Integration Network. Okta has created guides and OIN apps for several commonly-used RADIUS integrations. For all other RADIUS-enabled applications, Admins can use the Okta [generic] RADIUS application.

About the Okta RADIUS Agent and Applications.

The Okta RADIUS Server agent:

  • Is a lightweight program that runs as a system service.
  • Tunnels communication between on-premises services and Okta's cloud service
  • Delegates authentication to Okta using single-factor authentication (SFA) or multi-factor authentication (MFA).
  • Supports the Password Authentication Protocol (PAP).
  • Supports EAP Tunneled Transport Layer Security (EAP-TTLS).
    Currently the Cisco Meraki and Cisco ASA RADIUS apps support configuration for EAP-TTLS.
  • Supports UDP, defaulting to port 1812, using multiple ports simultaneously.