Deprecation: Admin Step-up Temporarily Reinstated Through End of Year

Based on customer feedback, we have decided to reinstate admin step-up through end of year to give customers more time to configure Time-Based One-Time Passwords (TOTP).

As part of this extension, and to better protect and secure our customer base, we also plan to make changes to how MFA works for elevated users.

In the next few weeks we will be rolling out an update that will prompt all users with elevated permissions who log directly into Identity Security Cloud to configure a Time-Based One-Time password. By end of year step-up will be officially sunset, and elevated users not logging in via an IdP will be required to have TOTP set up before they can log into Identity Security Cloud directly.

This is an update to our previous announcement on Deprecating Strong Authentication:

Hi,

It would be interesting next time to inform before the change occurred. It will avoid to create mess in our environment.

Is it possible to let the choice to activate or not this feature?

For example adding a tick box in the Security Section page.
As explain several times, in our case this feature is preventing our Chinese team to perform their work in SailPoint.
Thanks.
Regards,

The TOTP rollout has happened, after the initial hiccup. It’s now past EOY 2023 (Jan 2024). Is the Admin step-up going to be discontinued?

Yes, it will. I’m preparing another post to detail this, but the plan is to deprecate in sandbox starting Jan 22, and start in prod Feb 5.

Thanks for replying, Tyler

Hi Tyler, it’s Feb 6th now, and I’m still getting admin step-up in our prod tenant. Is the prod rollout complete to all tenants?

HI

I should have been clearer. It’s a phased rollout between Feb 5-8. By Thursday everyone should have it deprecated. I can deprecate it earlier for you, however, if you’d like. Just fill out this form.

Thanks!

Tyler