Install Okta RADIUS server agent on Linux
This document describes how to install the Okta RADIUS server agent on Linux operating systems.
The Okta RADIUS server agent delegates authentication to Okta using single-factor authentication (SFA) or multifactor authentication (MFA).
A RADIUS client sends the credentials of a user who's requesting access to the client to the RADIUS agent. Authentication requests are processed based on the org settings:
- If MFA is disabled and the user credentials are valid, the user is authenticated.
- If MFA is enabled and the user credentials are valid, the user is prompted to select a second authenticator. The user selects one and obtains a request for a validation code. If the code is correct, the user gains access.
For information about Okta RADIUS server agent deployment, see Getting started with Okta RADIUS Integrations and RADIUS server best practices. For information about Okta RADIUS integrations, see Okta RADIUS Integrations.
Before you Begin
- You must be able to sign in as root, or be able to execute root-level commands using commands like sudo.
- Sign in to an account that has either of these role assignments when you install the Okta RADIUS server agent:
- The read-only admin and app admin roles
- The super admin role
- Use a dedicated service account to authorize Okta RADIUS server agents.
- Give appropriate admin permissions to service accounts used for Okta RADIUS server agents. See the Multifactor Authentication section in Standard administrator roles and permissions.
- Do proxy configurations only in the agent configuration file.
- Obtain your Okta org URL and admin credentials before installation. The installer prompts you for them.
- Installation on ARM64 infrastructures isn't supported.
Typical workflow
Task |
Description |
---|---|
Download the Okta RADIUS server agent | See Install the RADIUS Linux server agent. |
Enable RADIUS authentication with Okta | Install the Okta RADIUS server agent and configure RADIUS apps in the Admin Console. These apps allow Okta to distinguish between different RADIUS-enabled apps and then support them concurrently. Okta RADIUS apps also let you create policies and assign apps to groups. |
Install the agent | Install the RADIUS Linux server agent |
Configure proxies | Configure proxies |
Configure additional properties | Configure properties |
Restart the agent |
After any upgrade, always stop and restart the Okta RADIUS server agent. See restart in Manage the agent. |
Manage the agent | |
Access and manage log files | Access and manage log files |
Uninstall the agent | Uninstall the agent |