← Back to Recipes

Protect apps with HYPR passwordless authentication

How to orchestrate a secure Passwordless user journey to any application with Maverics.

Read the docsTry this in Maverics
  • No-code passwordless for any app, even those that don’t support modern AuthN
  • Quickly integrate passwordless with your existing IDPs and apps for a frictionless user journey
  • Reduce risk through phased passwordless deployments
Ingredients
MFA PMFA Entra ID (Azure AD) HYPR

A truly passwordless experience made possible by decoupling HYPR from your IDPs.

The recipe diagram

A simple user journey that simply works.

The sequence diagram

How everything comes together to authenticate.

What the user sees

Users love Maverics because adding passwordless authentication eliminates the need to create and remember additional login credentials when they access their applications. Orchestration removes any scary interruption to their expected login experience, and they don’t feel the friction traditionally associated with adding new security services.

  • User navigates to the target app through their existing access workflow and enters their username
  • Maverics checks whether they are in a user population configured for Passwordless authentication
  • Maverics initiates a prompt to the user’s phone to authenticate with HYPR
  • The user completes a passwordless authentication event on their mobile device
  • Maverics collects additional user data, claims, and context
  • On successful HYPR passwordless authentication, the user is able to access target app

What the admin does

Admins love Maverics because they can quickly onboard users and protect apps with Passwordless authentication in a fraction of the time since there is no need to change apps or IDPs. Decoupling authentication from the protected resources through orchestration means that admins don’t have to burden application owners with costly refactoring projects.

  • Login to the HYPR admin console
  • Create a new application in the HYPR control center
  • Generate an API token for the Maverics Orchestrator
  • Copy that token into your configured secret provider
  • Configure the HYPR integration in the Maverics yaml file with your HYPR domain, HYPR app ID, and the secret provider pointer to your stored access token
  • Optionally, customize the login page where users enter their username and the interstitial page that a user sees while they are responding to the HYPR prompt on their device
  • Finally, in any app gateway or authentication provider, name HYPR as the IDP to bring passwordless to your users

See it in action

Protect Apps with HYPR Passwordless Authentication

Interested to see more? We have a full workshop for you!

Watch now

Solve more modernization challenges with ready-to-deploy recipes

Identity Continuity
Active Directory (AD)
Okta
Failover from Okta to on-prem Active Directory (AD)

Keep your critical apps accessible. Use Identity Continuity to allow key users to securely authenticate locally with Keycloak if Microsoft Entra ID ever becomes unavailable.

Identity Continuity
Okta
Entra ID (Azure AD)
Failover from Okta to Microsoft Entra ID

Don’t let Okta take you offline. Use Identity Continuity to allow users to securely authenticate to critical apps with Microsoft Entra ID anytime Okta is unavailable.

Identity Continuity
Keycloak
Entra ID (Azure AD)
Failover from Microsoft Entra ID to on-prem Keycloak

Keep your critical apps accessible. Use Identity Continuity to allow key users to securely authenticate locally with Keycloak if Microsoft Entra ID ever becomes unavailable.

View all recipes

Ready to cook up your perfect identity modernization solution?

Stop juggling disparate identity services. Unleash the power of Strata’s orchestration recipes.
Whether you’re dealing with legacy app modernization or controlling multi-cloud access, Orchestration Recipes have got you covered.

Read the docsTry this in Maverics