← BACK TO RECIPES

How to add HYPR step-up authentication

Leverage AzureAD as your cloud identity target and add HYPR step-up authentication protection to a protected resource in any app without rewriting the app itself.

  • Quickly deploy HYPR step-up authentication to any protected resource or data
  • No custom code or app rewrites are required to add HYPR step-up authentication
  • Phased deployment reduces risk and supports coexistence of authentication solutions
  • Reduce friction by enrolling users to HYPR within existing authentication flows
Ingredients
Step-up
Azure AD
HYPR
Maverics
Target App
Authentication
Modernization

Leave a real legacy by modernizing authentication architecture before the clock runs out

The recipe diagram

A simple user journey that simply works.

The sequence diagram

How everything comes together to authenticate.

What the user sees

Use Identity Orchestration to deliver smooth consistency.

  • The user navigates to the target application via their traditional access workflow leveraging your existing SSO solution.
  • The user then attempts to navigate to a sensitive resource area within the app that needs to be protected with new step-up authentication.
  • Maverics intercepts the request and directs the user to HYPR to check whether they have previously registered for step-up authentication.
  • If it is the user’s first time accessing that resource, Maverics automates the AzureAD lookup to ensure that they have the appropriate group membership rights for accessing the sensitive data.
  • The first-time user is routed to a new registration page informing them of HYPR protection for the resource location and completes registration and email verification.
  • The next time the user navigates to that protected resource area within the application, HYPR will automatically check their group membership in AzureAD and instruct them to follow the standard HYPR authentication workflow.
  • Note: this recipe can also allow for integration with legacy authentication initiation via NTLM/Kerberos.

What the admin does

Use Identity Orchestration to modernize for good.

  • This recipe demonstrates how you can leverage AzureAD as your cloud identity target and add HYPR step-up authentication protection to a protected resource in any app without rewriting the app itself.
  • Modern authentication solutions like HYPR add the latest FIDO2 passwordless security to protect sensitive business data and resources.
  • Deploying step-up authentication solutions to your applications often requires access to the source code to rewrite the apps.
  • Maverics Identity Orchestration from Strata allows you to quickly and easily deploy no-code HYPR step-up authentication security to any app, data, or resource across your company.

Most users will never know you changed anything

Get your YAML config settings and deploy

Maverics Identity Orchestration works as a simple YAML config: just fill in the blanks and go. There’s no custom code, no rewrites and no long engagements. You may need to make light config adjustments based on your environment, but that’s it. 

Ready to leave this particular legacy in the past? Grab this recipe and modernize.

Download Recipe

Solve more modernization challenges with ready-to-deploy recipes

How to add 1Kosmos passwordless step-up authentication and user registration

Quickly protect any resource with Passwordless MFA (PMFA) and register new users without disruption to the access workflow.

Step-up
1Kosmos
PMFA
Azure AD
Maverics
Passwordless
How to move from OAM to Azure AD

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Azure AD without refactoring your apps.

OAM
Azure AD
Maverics
Target App
Authentication
Modernization
How to move from OAM to Okta

Oracle Access Manager is challenging to maintain and provides limited app protection possibilities. Use this recipe to replace it with Okta without refactoring your apps.

OAM
Okta
Maverics
Target App
Authentication
Modernization
How to move from SiteMinder to Azure AD

SiteMinder’s end of service is coming. Use this recipe to replace it with Azure AD without refactoring.

CA SiteMinder
Azure AD
Maverics
Target App
Authentication
Modernization

View all recipes

Ready to modernize any app in 10 mins?

Let us prove to you how easy this can be and demo a complete app modernization experience in under 10 min.

Book a demo