How to configure OAuth 2.0 with OpenID Connect

Enhance security

Workforce productivity increases when employees can securely access their desktops and applications from their chosen device at the times and places they choose to work.
But when having virtualized applications or remote access tools enabled, we are required to take security measures like multifactor authentication.

How to set up Okta OAuth 2.0 with OpenID Connect protocol

In this quick tutorial, we will show how to properly configure Okta OAuth 2.0 MFA for Thinfinity Remote Desktop Server v4.0 and Thinfinity VirtualUI v2.5.
NOTE: Find a guide to configure Okta OAuth 2.0 with SAML here.
Navigate to your Okta space (or start a free trial to test this feature), go to the Applications tab, and create a new application using the “Create New App” button:
How to configure okta
2) Select OpenID Connect as the Authentication Method:
How to configure okta
3) Give the application a name, and type in the URL you use to reach Thinfinity. Then press “Save”.
How to configure okta
4) You should be redirected to the Application Settings. In here, press the “General” button, and edit the “Login information”.
Configure the “Initiate login URI” field, by adding the Thinfinity’s website address and “/Okta” at the end of the URL.
How to configure okta
5) Copy and past both Client ID and Client Secret for future references:
How to configure okta
6) Click on the “Assignments” tab and add your users to the Application:
How to configure okta
7) Now, open either the Thinfinity Remote Desktop Server Manager or the Thinfinity VirtualUI Manager and navigate to the “Authentication” tab. Click on OAuth 2.0 and choose “Other”.
Configure Okta OAuth 2.0 for RDP
Thinfinity Remote Desktop Server Manager:
How to configure okta
Configure Okta OAuth 2.0 for your web apps
Thinfinity VirtualUI Manager:
How to configure okta
8) Enter your Client ID and Client Secret:
How to configure okta
9) Click on the “Server” tab and add the following parameters:
How to configure okta

  • Authorization URL: https://[MyOktaSpace]
  • Parameters: scope=openid+profile&state=okta
  • Token Validation Server URL: https://[MyOktaSpace]
  • Profile Information Server URL: https://[MyOktaSpace]
  • Login username value in returned Json: preferred_username

You’ll also need to change the name of the Authentication Method to “Okta” ( Or to the URL you configure in the Initiate Login URI:
Press “OK” after you finish configuring the Authentication Method.
10) Click on the “Mappings” tab and then press “Add” under the Authentication ID Mask.
Add the email address of the Okta user you want to validate and press “Ok”.
Then, under the “Associated Permissions” field, press on the “Add” button and search for the Active Directory User
Thinfinity Remote Desktop Server:
How to configure okta
Thinfinity VirtualUI:
How to configure okta
After you add the appropriate mappings, click on the “Apply” button.
11) Navigate to the Thinfinity’s landing page, and you should see the “Login With Okta” option listed as an Authentication Method.
How to configure okta
Quick Tip: Learn how to configure Duo 2FA.
Have any questions? Contact us at [email protected] or leave a message on this same post.

Leave a comment

Privacy Preferences
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.