Hybrid: Getting started

A SecureAuth hybrid deployment is available for new and existing customers, and for air-gapped organizations.

  • New customers: Administrators must use the Identity Platform release 19.07+ workflow to set up a hybrid deployment. The workflow gives context and descriptions for the tasks to be performed, and provides rich information that describes prerequisites and detailed steps.

  • Existing customers: Organizations upgrading from a previous SecureAuth IdP version can see the Upgrading section.

  • Organizations that are air-gapped must use SecureAuth IdP 9.2.x exclusively. Contact SecureAuth Support (1-866-859-1526) or your Customer Success Manager for details.

Upgrading

Organizations currently using SecureAuth IdP can work with the Project Manager to perform an in-place upgrade. Get started by creating a support ticket and selecting I would like to upgrade or migrate to a new Identity Platform version from the "Submit a request" dropdown. A SecureAuth Project Manager will contact you.

Recommended upgrade path with Professional Services

Contact Professional Services to upgrade existing organizations. Professional Services engineers possess the deep product knowledge currently required to seamlessly upgrade organizations to the latest SecureAuth release.

Recommended upgrade path without Professional Services

Organizations that prefer to upgrade on their own and are using SecureAuth IdP 9.3 will have the smoothest experience. Organizations using SecureAuth IdP 9.2 and earlier can upgrade to SecureAuth IdP 9.3 and then upgrade to the Identity Platform release 19.07 and later.

During migration, you can use the Identity Platform New Experience to reconfigure the data stores, or all realms are brought over as Classic Experience realms for releases 9.2 and later. Data stores, application integrations, policies, and all else set up in the release 9.3+ New Experience are also copied into the new instance during the migration process.

End-user workflow

End users can use the MFA methods that you have enrolled them in to log in with a desktop or mobile app.

Before logging in, end users must define answers to security questions, set up a YubiKey device, register a phone number to receive a call or text to obtain passcodes, or set up other MFA methods that allow them to log in. They can follow instructions customized by the administrator and sent to them in email.