Overview of Okta with OAuth, step-up authentication, and RADIUS MFA

You can create a Zero Trust Identity Aware Proxy configuration using Okta and OAuth, with RADIUS MFA. For this scenario, the Zero Trust proxies are Access Policy Managers configured in

Client + Resource Server

configurations. APM is configured as the Authentication Server. RADIUS is used for multifactor authentication in a branch that requires more authentication (for example, an /admin URL). In this scenario, the authentication server uses the Zero Trust Step-Up Authentication feature to provide seamless access across different apps.

To create a configuration for Seamless Auth with Okta, OAuth, and RADIUS MFA, you must complete the following steps.

Create the Okta configuration
Create an Okta OAuth provider
Configure an OAuth client and resource server on APM
Create an allow-all access policy and a per-request policy
Create configuration objects in the per-request policy
Assign the access policy and per-request policy to a virtual server