Install the RADIUS Windows agent
During this step we install the Windows RADIUS agent.
- When installing the RADIUS server agent, you must be signed in to an account that either has both Read-only Admin and App admin roles, or has the Super admin role.
- Use a dedicated service account to authorize RADIUS server agents. This ensures that the API token used by the RADIUS server agent isn't tied to a user account that could be deactivated when the user leaves the organization.
- Give appropriate admin permissions to service accounts used for RADIUS server agents. See Administrators permission table (MFA section).
-
From your Administrator Dashboard, select .
-
Scroll to Okta RADIUS Server Agent (EXE) and click Download Latest.
-
Run the installer. Click Next on each of the initial, Important Information, and License Information screens.
-
Choose a location for the Installation folder and click Install.
-
On the Okta RADIUS Agent Proxy Configuration screen, you can optionally enter your proxy information. Click Next.
-
On the Register Okta RADIUS Agent screen, enter the complete URL for your org (for example, https://mycompany.okta.com). For testing in your preview org, you can enter the URL for your Okta Preview Sandbox org (for example, https://mycompany.oktapreview.com).
- Click Next to continue to an Okta Sign In page.
- Sign in to the service-specific Okta account.
- Click Allow Access.
- Click Finish to complete the installation.
If during the agent installation you encounter Error code 12: Could not establish trust relationship for the SSL/TLS service channel, ensure that you are running the latest version of the agent as older agent versions do not support TLS 1.2.
- Configure a RADIUS app in Okta, which includes the RADIUS agent port, shared secret, and advanced RADIUS settings. For more information about configuring RADIUS apps, see RADIUS applications in Okta