Swap On-Prem MFA/RSA SecurID

1. In a browser, navigate to your Okta Org and sign in as an administrator.
2. Click Security > Authenticators.
3. From the Add Authenticator dialog, select either RSA SecurID or On-Prem MFA.

Once added, some Authenticators may be further configured from the list of added Authenticators by clicking Actions > Edit.
See also About MFA authenticators.

1. Enter the following fields:
   • Provider name: This is the name that appears to end users during their login challenge.
   • Username format: Select the format expected by the provider.
     
   • Hostname: The server host name or IP address.
   • Authentication Port: The RADIUS server port (for example 1812).
     This is defined when the On-Prem RADIUS server is configured.
   • Shared Secret: An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server.
2. Click Add.
3. Click Add New Agent. Note the value of the instance ID. You're also provided with a download link for the On-prem MFA agent installer.
   
4. Activate or Deactivate the authenticator as required.
5. Click Save.

1. Enter the following fields:
   • Username format: Select the format expected by the provider.
   • Hostname: The server host name or IP address.
   • Authentication Port: The RADIUS server port (for example, 1812). This is defined when the On-Prem RADIUS server is configured.
   • Shared Secret: An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server.
2. Click Add New Agent. Note the value of the instance ID. You're also provided a download link for the agent installer.
3. Activate or Deactivate as required.
4. Click Save.