Add a desktop SSO Auth Module

A desktop SSO Auth Module can be used to add a secondary authentication relationship between Access Gateway and a Kerberos instance.

To add a desktop SSO Auth Module:

  1. Add an Auth Module as described in Add an Auth Module and select Desktop SSO.

    After selecting Desktop SSO, the Add New Auth Module page opens, configured for Kerberos.

    An active Kerberos Configuration is required before a Desktop SSO module can be created. See Add Kerberos application for information on adding Kerberos services.

  2. Enter the following details:
    NameName used to identify the Auth ModuleDesktop SSO AM

    Secure LDAP

    When checked, use LDAPS instead of LDAP

    Defaults to unset

    HostURL to LDAP server and


    Port for use with Active Directory


    Bind User

    Username used to perform reads and writes


    Bind User Password

    Bind User Password



    The base DN from which the search is done


    User Search Attribute

    The filter used to match records returned from the Search DN.


    Attributes DN

    Set of attributes returned from Active Directory and sent as SAML attributes to application

    cn, mail, name, userPrincipalName


    Optional. Enter description

    Desktop SSO Auth Module

  3. Click the Not Validated ()button when complete. Okta Access Gateway validates the connection.
    If the validation is successful, the button changes to Valid ().
  4. Click Okay.