SecureAuth compatibility guide
Updated July 17, 2023
This topic describes how the releases of SecureAuth products interoperate. Use this information in the following ways:
New customers: Understand how the product releases you're installing interact. Find out about the latest supported devices.
Existing customers: Thinking about upgrading? Ensure that the product release you're considering upgrading to supports all the pieces of your current installation. Find out about the latest supported devices.
Potential customers: Just browsing? Learn about the many different SecureAuth product offerings and the supported releases. Find out about the latest supported devices.
Please contact Support at support.secureauth.com for assistance or with any questions.
Note
SecureAuth is constantly adding support for new browsers and devices to the product. If you do not see the required OS or browser listed here, be sure to visit this document often to see if it has been added.
Products and Components
Supported Windows server operating systems for Identity Platform product new installs and upgrades in hybrid deployments.
Hybrid deployments (Upgrades)
Supported Windows server operating systems for upgrading the Identity Platform in hybrid deployments.
Server operating system | 19.07.01 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|
Windows 2022 | n/a | n/a | n/a | yes | yes | yes |
Windows 2019 | yes | yes | yes | yes | yes | yes |
Windows 2016 | yes | yes | yes | yes | yes | no |
Windows 2012 R2 | Contact SecureAuth Support | Contact SecureAuth Support | no | no | no | no |
Hybrid deployments (New installs)
Supported Windows server operating systems for new installs of the Identity Platform in hybrid deployments.
Server operating system | 19.07.01 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|
Windows 2022 | yes | yes | yes | yes | yes | yes |
Windows 2019 | yes | yes | yes | yes | yes | yes |
Windows 2016 | yes | yes | yes | yes | yes | no |
Windows 2012 R2 | Contact SecureAuth Support | Contact SecureAuth Support | no | no | no | no |
Latest version of the SecureAuth Connector that works with the Identity Platform.
See SecureAuth Connector update for update information.
Identity Platform release | Latest SecureAuth Connector version | Notes |
|---|---|---|
23.07 | 2.0.2 | Identity Platform release 23.07 requires SecureAuth Connector version 2.0.2 or later |
19.07 or later | 1.2.8 | At minimum, Identity Platform release 21.04 or later requires SecureAuth Connector version 1.2.4 Effective June 5, 2023: If you install or update your Connector, you must update outbound firewall rules on your server to allow TCP port 5671 to host name "rabbitmq.secureauth.com". Effective September 1, 2023: Any SecureAuth Connector not updated before September 2, 2023 will experience a service disruption with authentication requests. You must have all SecureAuth Connectors updated with outbound firewall rules to allow TCP port 5671 to host name "rabbitmq.secureauth.com". |
Note
For important information about our SecureAuth cloud infrastructure updates, see Critical SecureAuth Connector update for SaaS IdP customers.
Supported browsers to use with the Identity Platform client.
Desktop browser | Browser version | 19.07.01 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
Apple Safari | Latest version | yes | yes | yes | yes | yes | yes |
Google Chrome* | Latest version | yes | yes | yes | yes | yes | yes |
Microsoft Edge** | Latest version | yes | yes | yes | yes | yes | yes |
Mozilla Firefox | Latest version | yes | yes | yes | yes | yes | yes |
*Version 39 and later running on OS X will not work with Java certificate delivery functionality
**Certificate delivery not supported
Supported third-party login devices for end user authentication through the Identity Platform.
YubiKey products | 19.07.01 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|
YubiKey 5 | yes | yes | yes | yes | yes | yes |
YubiKey 5 Nano | yes | yes | yes | yes | yes | yes |
YubiKey 4 | yes | yes | yes | yes | yes | yes |
YubiKey 4 Nano | yes | yes | yes | yes | yes | yes |
YubiKey Neo | yes | yes | yes | yes | yes | yes |
YubiKey Neo-N | yes | yes | yes | yes | yes | yes |
YubiKey Edge / YubiKey Edge-N | yes | yes | yes | yes | yes | yes |
YubiKey Standard / YubiKey Nano | yes | yes | yes | yes | yes | yes |
Tested FIDO2 devices
SecureAuth Identity Platform release 20.06 and later support the following FIDO2 devices; however, any WebAuthn-compliant device should work for enrollment and authentication on supported browsers.
FIDO2 device | Type | Login device | Browser |
|---|---|---|---|
Windows Hello OS | PIN | Windows desktop, laptop | Google Chrome Mozilla Firefox Microsoft Edge |
Windows Hello OS | Fingerprint | Windows desktop, laptop | Google Chrome Mozilla Firefox Microsoft Edge |
Android OS | PIN | Android mobile | Google Chrome Mozilla Firefox |
Android OS | Fingerprint | Android mobile | Google Chrome Mozilla Firefox |
Mac OS | Password | Mac desktop, laptop | Google Chrome |
Mac OS | Fingerprint | Mac desktop, laptop | Google Chrome |
Google Titan Security Key | NFC | Windows desktop, laptop Android mobile | Google Chrome Mozilla Firefox Microsoft Edge* |
Google Titan Security Key | USB | Windows desktop, laptop Android mobile | Google Chrome Mozilla Firefox Microsoft Edge* |
Google Titan Security Key | Bluetooth | Windows desktop, laptop Android mobile | Google Chrome Mozilla Firefox Microsoft Edge* |
YubiKey 5 | USB | Windows desktop, laptop Mac desktop, laptop Android mobile | Google Chrome Mozilla Firefox Microsoft Edge* Apple Safari |
YubiKey 5 | NFC | Android mobile | Google Chrome Mozilla Firefox |
*Supported on Windows desktop / laptop only
Minimum versions of .NET Core and .NET Framework needed to run with the Identity Platform.
Product release | .NET and .NET Core version | .NET Framework version | Note |
|---|---|---|---|
Identity Platform 23.07 | .NET 6 | 4.7.2 or later | Upgrades to the Identity Platform 23.07 release requires .NET 6. SecureAuth Support will work with you on the appropriate updates as part of the upgrade process. |
Identity Platform 22.12 | .NET Core 3.1 | 4.7.2 or later | Upgrades to the Identity Platform 22.12 release requires .NET Core 3.1. SecureAuth Support will work with you on the appropriate updates as part of the upgrade process. |
Identity Platform 22.02 | .NET Core 3.1 | 4.7.2 or later | Upgrades to the Identity Platform 22.02 release requires .NET Core 3.1. SecureAuth Support will work with you on the appropriate updates as part of the upgrade process. |
Identity Platform 21.04 | .NET Core 2.1 | 4.7.2 | |
Identity Platform 20.06 | .NET Core 2.1 | 4.7.2 | |
Identity Platform 19.07 | .NET Core 2.1 | 4.7.1 |
Minimum version of Java needed to run with the Identity Platform.
Product component | Version | 19.07 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
JRE for RADIUS Server for 20.03 or later*** | 11 | yes | yes | yes | yes | yes | yes |
JRE for RADIUS Server 19.06 and 19.09** | 8 | yes | yes | yes | yes | yes | yes |
JRE for RADIUS Server 1.0.1.10** | 8 | no | yes | yes | yes | yes | yes |
Java Certificate Applet*, ** | 8 | yes | yes | yes | yes | yes | yes |
*Google Chrome on OS X versions 39+ are not supported
**JRE version 8 of AdoptOpenJDK
***JRE version 11 of AdoptOpenJDK
List of data stores supported by the Identity Platform for hybrid and cloud deployments.
Supported data stores in hybrid deployments
Supported data stores in the Identity Platform hybrid deployments.
Data store | Data store version | Hybrid* 19.07 | Hybrid* 20.06 | Hybrid* 21.04 | Hybrid* 22.02 | Hybrid* 22.12 | Hybrid* 23.07 |
|---|---|---|---|---|---|---|---|
Active Directory (AD) | Latest version | yes | yes | yes | yes | yes | yes |
AD-LDS | Latest version | yes | yes | yes | yes | yes | yes |
ASPNETDB | Latest version | yes | yes | yes | yes | yes | yes |
Azure AD | Latest version | yes | yes | yes | yes** | yes** | yese |
LDAP | Latest version | yes | yes | yes | yes | yes | yes |
Lotus Domino | Latest version | yes | yes | yes | yes | yes | yes |
NetIQ eDirectory | Latest version | yes | yes | yes | yes | yes | yes |
ODBC | Latest version | yes | yes | yes | yes | yes | yes |
Oracle Database | Latest version | yes | yes | yes | yes | yes | yes |
SecureAuth IdP Web Service (Multi-data Store) | Latest version | yes | yes | yes | yes | yes | yes |
SQL Server | Latest version | yes | yes | yes | yes | yes | yes*** |
Sun ONE (ODSEE) | Latest version | yes | yes | yes | yes | yes | yes |
*Not all directories are supported in the Identity Platform New Experience, but all are supported in Advanced Settings.
**Azure AD in Advanced Settings is no longer supported.
***SQL Server 2022 certified for Identity Platform release 23.07.
Supported data stores in cloud deployments
Supported data stores in the Identity Platform cloud deployments.
Data store | Data store version | Cloud 19.07 | Cloud 20.06 | Cloud 21.04 | Cloud 22.02 | Cloud 22.12 | Cloud 23.07 |
|---|---|---|---|---|---|---|---|
AD-LDS | Latest version | no | no | no | no | no | yes |
ASPNETDB | Latest version | no | no | no | no | no | yes |
Active Directory (AD) | Latest version | yes | yes | yes | yes | yes | yes |
Azure AD | Latest version | no | yes | yes | yes | yes | yes |
LDAP | Latest version | no | yes | yes | yes | yes | yes |
Lotus Domino | Latest version | no | no | no | no | no | no |
NetIQ eDirectory | Latest version | no | yes | yes | yes | yes | yes |
ODBC | Latest version | no | no | no | no | no | no |
Oracle Database | Latest version | no | yes | yes | yes | yes | yes |
SQL Server | Latest version | yes | yes | yes | yes | yes | yes*** |
SecureAuth IdP Web Service (Multi-data Store) | Latest version | no | no | no | no | no | no |
Sun ONE (ODSEE) | Latest version | no | no | no | no | no | no |
***SQL Server 2022 certified for Identity Platform release 23.07.
Supported identity types for authentication through the Identity Platform.
Accepted identity types | Identity type version | 19.07 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
SecureAuth Web SSO Token | Latest version | yes | yes | yes | yes | yes | yes |
SAML | Latest version | yes | yes | yes | yes | yes | yes |
OpenID | Latest version | yes | yes | yes | yes | yes | yes |
SecureAuth IWA for Windows SSO** | Identity Platform 22.02 or later | no | no | no | yes* | yes* | yes |
Integrated Windows - NTLM / Kerberos | Latest version | yes | yes | yes | yes | yes | yes |
X.509 Certificate | Latest version | yes | yes | yes | yes | yes | yes |
Common Access Card (CAC) | n/a | yes | yes | yes | yes | yes | yes |
Personal Identity Verification (PIV) Card | n/a | yes | yes | yes | yes | yes | yes |
Smartcard | n/a | yes | yes | yes | yes | yes | yes |
Cisco ISE / pxGrid | Latest version | yes | yes | yes | yes | yes | yes |
*Supported for Active Directory in 22.02 or later.
**Supported for Azure AD using Azure AD Domain Services in 22.12 or later (only in cloud deployments).
Post-authentication actions that can be set up through the Identity Platform.
Post-authentication action | Version | 19.07.01 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
SAML* | Latest version | yes | yes | yes | yes | yes | yes |
OpenID | Latest version | yes | yes | yes | yes | yes | yes |
OpenID Connect (limited profile support) | Latest version | yes | yes | yes | yes | yes | yes |
OpenID Connect (full profile support) | Latest version | yes | yes | yes | yes | yes | yes |
WS-Federation | Latest version | yes | yes | yes | yes | yes | yes |
WS-Trust | Latest version | yes | yes | yes | yes | yes | yes |
Mobile** | Supported iOS / Android versions | yes | yes | yes | yes | yes | yes |
Web Token (FBA) | On supported browsers | yes | yes | yes | yes | yes | yes |
X.509 Certificate (Java and Native) | SecureAuth CA | yes | yes | yes | yes | yes | yes |
OAuth | Latest version | yes | yes | yes | yes | yes | yes |
Forms-based | n/a | yes | yes | yes | yes | yes | yes |
*Limited support on SAML version 1.1
**The mobile app uses a browser for authentication, so multiple mobile apps can read the authentication cookie to enable SSO.
Portfolio products
The following sections describe the SecureAuth Portfolio products, which interoperate with and extend the Identity Platform MFA capabilities for your Windows, Mac, and Linux machines via Login for Endpoints, your iOS and Android devices via the Authenticate app, and your VPN and remote resources via SecureAuth RADIUS.
Lists the supported devices for the SecureAuth Authenticate mobile app.
Supported Android mobile devices
Supported Android mobile devices for SecureAuth Authenticate app.
SecureAuth Authenticate App | Android 5.x (Lollipop) | Android 6.x (Marshmallow) | Android 7.x (Nougat) | Android 8.x (Oreo) | Android 9.x (Pie) | Android 10.x (Q) | Android 11.x | Android 12.x | Android 13.x |
|---|---|---|---|---|---|---|---|---|---|
23.03.xx | no | no | no | yes | yes | yes | yes | yes | yes |
22.06.xx | no | no | no | yes | yes | yes | yes | yes | yes |
20.03.xx | no | yes | yes | yes | yes | yes | yes | yes | yes |
19.12.xx | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Supported Android paired watches
Supported Android paired watches for SecureAuth Authenticate app.
SecureAuth Authenticate App | Android Wear OS 1.x | Android Wear OS 2.x | Android Wear OS 3.x |
|---|---|---|---|
23.03.xx | no | yes | yes |
22.06.xx | yes | yes | yes |
20.03.xx | yes | yes | yes |
19.12.xx | yes | yes | yes |
Supported Apple iOS mobile devices
Supported Apple iOS mobile devices for SecureAuth Authenticate app.
SecureAuth Authenticate app | Apple iOS 11.x | Apple iOS 12.x | Apple iOS 13.x | Apple iOS 14.x | Apple iOS 15.x | Apple iOS 16.x |
|---|---|---|---|---|---|---|
23.03.xx | no | no | no | yes | yes | yes |
22.06.xx | no | no | no | yes | yes | yes |
20.03.xx | no | yes | yes | yes | yes | yes |
19.12.xx | yes | yes | yes | yes | yes | yes |
Supported paired Apple Watches
Supported paired Apple Watches for SecureAuth Authenticate app.
SecureAuth Authenticate app | Apple Watch Series 4 | Apple Watch Series 5 | Apple Watch SE 1 (1st gen) | Apple Watch Series 6 | Apple Watch Series 7 | Apple Watch SE 2 (2nd gen) | Apple Watch Series 8 | Apple Watch Ultra |
|---|---|---|---|---|---|---|---|---|
23.03.xx | yes watchOS 5+ | yes watchOS 6+ | yes watchOS 7+ | yes watchOS 7+ | yes watchOS 8+ | yes watchOS 9+ | yes watchOS 9+ | yes watchOS 9.0.1+ |
22.06.xx | yes watchOS 5+ | yes watchOS 6+ | yes watchOS 7+ | yes watchOS 7+ | yes watchOS 8+ | yes watchOS 9+ | yes watchOS 9+ | yes watchOS 9.0.1+ |
20.03.xx | yes watchOS 5+ | yes watchOS 6+ | yes watchOS 7+ | yes watchOS 7+ | yes watchOS 8+ | yes watchOS 9+ | yes watchOS 9+ | yes watchOS 9.0.1+ |
19.12.xx | yes watchOS 5+ | yes watchOS 6+ | yes watchOS 7+ | yes watchOS 7+ | yes watchOS 8+ | yes watchOS 9+ | yes watchOS 9+ | yes watchOS 9.0.1+ |
Other mobile devices
SecureAuth Authenticate app | Chromebook | Android Tablet | Apple iPad |
|---|---|---|---|
23.03.xx | yes Chrome OS (latest version) | yes* | yes* |
22.06.xx | yes Chrome OS (latest version) | yes* | yes* |
20.03.xx | yes Chrome OS (latest version) | yes* | yes* |
19.12.xx | yes Chrome OS (latest version) | yes* | yes* |
*Any Android tablet or Apple iPad is supported, as long as it meets the minimum OS under supported Android and Apple mobile devices listed above.
Login for Endpoint product compatibility for installs on operating systems. And Login for Endpoint compatibility by Identity Platform product release.
Login for Windows with Identity Platform
Login for Windows product support by Identity Platform release.
Login for Windows version | 9.3 | 19.07 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
L4W version 23.07 | no | yes | yes | yes | yes | yes | yes |
L4W version 22.12.xx | no | yes | yes | yes | yes | yes | yes |
L4W version 22.06.xx | no | yes | yes | yes | yes | yes | yes |
L4W version 21.04 | no | yes | yes | yes | yes | yes | yes |
L4W version 20.09.xx | yes | yes | yes** | yes | yes | yes | yes |
L4W version 20.03.xx | yes | yes* | yes | yes | yes | yes | yes |
*Biometric fingerprint recognition requires Identity Platform 19.07.01 or later, using 2019 theme.
**Transactional logging requires Identity Platform 20.06 or later, using the /authenticated endpoint.
Login for Windows installs
Supported Login for Windows product installs on Windows operating systems.
Login for Windows installs on Windows OS | L4W 20.03.xx | L4W 20.09.xx | L4W 21.04 | L4W 22.06.xx | L4W 22.12.xx | L4W 23.07 |
|---|---|---|---|---|---|---|
Windows Server 2022 | no | no | no | no | yes | yes** |
Windows Server 2019 64-bit | yes | yes | yes | yes | yes | yes |
Windows Server 2016 64-bit | yes | yes | yes | yes | yes | yes |
Windows Server 2012 R2 64-bit | yes | yes | yes | yes | yes | yes |
Windows 11 64-bit | no | no | no | yes | yes | yes** |
Windows 10 64-bit | yes | yes | yes | yes | yes | yes** |
Windows 8.1 32-bit / 64-bit* | yes | yes | yes | yes | yes | no |
*Microsoft has reached end of support for Windows 8.1. L4W version 22.12 is the last version supported on Windows 8.1.
**FIDO2 MFA on RDP is only supported on Windows Server 2022, Windows 11, and Windows 10, version 1903 or later.
Login for Mac with Identity Platform
Login for Mac product support by Identity Platform release.
Login for Mac version | 9.3 | 19.07 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
L4M version 22.12.01 | no | yes | yes | yes | yes | yes | yes |
L4M version 22.06.xx | no | yes | yes | yes | yes | yes | yes |
L4M version 21.04 | yes | yes | yes | yes | yes | yes | yes |
L4M version 20.09.xx | yes | yes | yes** | yes | yes | yes | yes |
L4M version 20.03.xx | yes | yes* | yes | yes | yes | yes | yes |
*Biometric fingerprint recognition requires Identity Platform 19.07.01 or later, using 2019 theme.
**Transactional logging requires Identity Platform 20.06 or later, using the /authenticated endpoint.
Login for Mac installs
Supported Login for Mac product installs on macOS.
Login for Mac installs on macOS | L4M 20.03.xx | L4M 20.09.xx | L4M 21.04 | L4M 22.06.xx | L4M 22.12.01 |
|---|---|---|---|---|---|
macOS 13: Ventura | no | no | no | no | Supported and certified |
macOS 12: Monterey | no | no | no | yes | yes |
macOS 11: Big Sur | no | no | yes | yes | yes |
macOS 10.15: Catalina* | yes | yes | yes | yes | yes |
macOS 10.14: Mojave (Liberty)* | yes | yes | yes | yes | yes |
*Apple has deprecated support for these macOS versions.
Login for Linux with Identity Platform
Login for Linux product support by Identity Platform release.
Login for Linux version | 9.3 | 19.07 | 20.06 | 21.04 | 22.02 | 22.12 | 23.07 |
|---|---|---|---|---|---|---|---|
L4L version 22.12 | no | no | no | yes | yes | yes | yes |
L4L version 22.06.xx | no | no | no | yes | yes | yes | yes |
L4L version 21.04 | no | no | no | yes | yes | yes | yes |
Login for Linux installs
Supported Login for Linux product installs on Linux systems.
Login for Linux installs on Linux system | L4L 21.04 | L4L 22.02 | L4L 22.12 |
|---|---|---|---|
Red Hat Enterprise Linux 9.x | no | no | yes |
Red Hat Enterprise Linux 8.1 or later | yes | yes | yes |
Debian 11.x | no | no | yes |
Debian 10 or later | yes | yes | yes |
Ubuntu 22.04.x | no | no | yes |
Ubuntu 20.04 or later* | yes | yes | yes |
*Also supported is a newer Long Term Support (LTS) version
Supported servers
Windows Server 2022
Windows Server 2019
Windows Server 2016
Supported protocols
PAP
PEAP (NetMotion only)
MS-CHAPv2 for Cisco and Netscaler
Identity Platform adaptive authentication IP checking feature
Platform | RADIUS end user IP |
|---|---|
Cisco Systems | Calling-Station-Id |
Citrix NetScaler | Calling-Station-Id |
Juniper Networks | Tunnel-Client-Endpoint |
Palo Alto Networks | Palo Alto-Client-Source-IP |