Manual Chapter : Creating a virtual server for Okta API

Applies To:

Show Versions Show Versions


  • 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Manual Chapter

Creating a virtual server for Okta API

You create a virtual server to act as the traffic destination address. Then you associate both a per-session policy and a per-request policy (properly configured using Okta MFA) with the virtual server. Requests coming in are protected using two levels of authentication: first at login and second Okta MFA.
If you have already created a virtual server, simply open it to make sure that the fields required to implement MFA with Okta Factor API are set correctly.
  1. On the Main tab, click
    Local Traffic
    Virtual Servers
    The Virtual Server List screen opens.
  2. Click
    The New Virtual Server screen opens.
  3. In the
    field, type a unique name for the virtual server.
  4. For the
    Destination Address/Mask
    setting, confirm that the
    button is selected, and type the IP address in CIDR format.
  5. In the
    Service Port
    field, type
    or select
    from the list.
  6. From the
    HTTP Profile (Client)
    list, select
  7. For the
    SSL Profile (Client)
    setting, from the
    list, select
    , and using the Move button, move the name to the
  8. From the
    Source Address Translation
    list, select
    Auto Map
  9. If you have several servers that host your backend applications, you may want to set up load balancing and create a pool. If you do, you should specify the
    Default Pool
    in the Resources section.
  10. In the Access Policy area, from
    Access Profile
    , select the access policy you created, and which performs the primary authentication.
  11. From
    Per-Request Policy
    , select the per-request policy you created for Okta API.
  12. Optional: Customize other settings as needed, or use the defaults.
  13. Click
The virtual server is created with the access policies and appropriate settings for Okta MFA.
You should send traffic to test the login process.