How to seamlessly failover from your cloud IDP to on-prem Active Directory (AD)

Keep your critical apps accessible. Use Identity Continuity™ to allow key users to securely authenticate with AD when your primary IDP goes offline.

Read the docsTry this in Maverics
  • Protect against natural disasters and network loss. Failover to on-prem AD so users can access local apps when the complete network goes down
  • Protect against vendor failure. Use AD to continue accessing all mission critical apps when your IDP goes offline. Keep using HYPR, Yubikey, or any other modern MFA to secure your app when authenticating a user via AD
  • Seamlessly map common attributes from multiple vendors with the Schema Abstraction Layer™

Don’t get caught with your apps down

Recipe details

This is how everything works together.

Diagram showing Maverics Orchestrator connecting to both a Primary Cloud IDP and a Failover Cloud IDP through a Schema Abstraction Layer for seamless failover from your cloud IDP to on-prem IDP like Active Directory.

Setup details

Just add in your ingredients and deploy.

A web dashboard showing identity services and learning center modules. The left pane lists identity fabrics, while the right pane displays details and options for various identity services, including failover from your cloud IDP to a backup on-prem IDP like Active Directory.

App users don’t care how they authenticate — they care about accessing apps exactly when they need to. Use Identity Continuity™ to give key users access to the mission-critical apps that directly impact business function — during a natural disaster, if your IDP vendor fails, or network disconnects are expected.

  • Familiar login. Users log in via the usual portal and follow the typical app authentication access flow.
  • Invisible redirection. Behind the scenes, Maverics evaluates whether your primary IDP is online and — if not — directs the user to Active Directory.
  • Quick authentication. The user enters their details, gets authenticated and logs in. Everything in the app looks the same as before and access is granted.

Key users will need to access a mission-critical app even when the network is down or your primary cloud IDP vendor can’t be reached. Use Identity Continuity to automatically (or manually) fail over to on-prem AD and allow users to authenticate that way.

  • Define your strategy. Set your primary IDP and configure AD as your secondary IDP to define your failover strategy.
  • Define the attributes your application needs in the Schema Abstraction Layer™. Separately map them to claims available from your primary IDP and Active Directory.
  • Configure continuity. Set health check parameters for triggering failover, simulate outages, and pre-prepare your systems (and users) for any continuity scenarios. Maverics’ hybrid air-gap architecture ensures local orchestrator availability so that identity services are available even in ‘disconnected mode’ when the cloud is inaccessible.

See it in action

Keep mission critical apps on with Identity Continuity

Interested to see more? We have a full workshop for you!

Watch now

Ready to cook up your perfect identity modernization solution?

Stop juggling disparate identity services. Unleash the power of Strata’s orchestration recipes.
Whether you’re dealing with legacy app modernization or controlling multi-cloud access, Orchestration Recipes have got you covered.

Read the docsTry this in Maverics