Configure agentless Desktop Single Sign-on

With agentless Desktop Single Sign-on (DSSO), you don't need to deploy IWA agents in your Active Directory domains to implement DSSO functionality. This reduces or eliminates the maintenance overhead and provides high availability as Okta assumes responsibility for Kerberos validation.

Okta automatically fails over to the default sign-on page or the custom error URL if it is available.