Integrate okta with Azure Virtual Desktop for Authentication

Question

Hi,

I am trying to integrate Okta with Azure Virtual Desktop for authentication. Reason for that is to allow external users to access Azure Virtual Desktop. However it didn't found proper way of configuring Okta with Azure Virtual Desktop for authentication.

can someone provide way how to integrate okta with AVD for authentication.

Will using okta with AVD will allow external identities to access AVD ?

Answer 1

Hi Roshan Thamalaka,

Yes, integrating Okta with Azure Virtual Desktop (AVD) will allow external identities to access AVD, but with some important considerations

External Users Can Access AVD via Okta. Okta -> Azure AD Federation

• Configure Okta as a SAML/WS-Fed identity provider in Azure AD
• External users authenticate via Okta but are recognized as federated users in Azure AD
• Microsoft Docs: Set up Okta as a SAML IdP

Azure AD B2B Collaboration

• Invite external users as "Guest users" in Azure AD
• They log in with their Okta credentials
• Microsoft Docs: Azure AD B2B for AVD

Conditional Access Policies

• Apply MFA, device compliance, or location-based restrictions
• AVD Security Best Practices

Limitations & Requirements

Supported Scenarios

Okta workforce identities (employees/contractors)

Okta customers (B2B) via Azure AD guest access

Not Supported

Personal Okta accounts (e.g., "@gmail.com" linked to Okta)

Direct Okta-to-AVD integration (must go through Azure AD)

Now let's talk how to enable access.

In Azure AD:

• Enable External Identities → B2B collaboration
• Add Okta as a federated IdP

In Okta:

• Configure an OIDC/SAML app for Azure AD
• Ensure user attributes (e.g., UPN) map correctly

In AVD:

• Assign external users to AVD app groups
• Verify they appear in Azure AD as "External Users"

As usually try to test with a small group first. Use Azure AD sign-in logs to troubleshoot authentication issues.

Best regards,

Alex

P.S. If my answer help to you, please Accept my answer