After your upgrade to Identity Engine, Okta recommends that you validate specific features. Refrain from modifying any other settings for at least one week to reduce potential conflicts.
If you used Device Trust in Classic Engine, complete this task: Replace Desktop Device Trust with Okta FastPass.
Validate that your org performs as expected after the upgrade is complete:
|General post-upgrade check||Test single sign-on with at least five applications
Test the login flows with test users to validate sign-in experience
Validate that MFA authentication works as expected (such as Email and Phone)
Validate your enabled authenticators at Security > Authenticators
Check global session policy settings. If you select Any factor used to meet the Authentication Policy requirements but clear the Require secondary factor checkbox, adjust the applications that call Okta APIs. They expect a secondary factor.
Check authentication policies for the Okta End-User Dashboard and Okta Admin Console
Verify Device Trust configurations under device integrations
Verify that Global Protect is set to the default browser, not Captive Portal
After a week has elapsed, validate that each action performs as expected:
|One-week validation check||
Changing global session policies. For custom-coded authentication, see Developer Docs for Identity Engine.
Changing authentication policies
Adding or removing new authenticators
Modifying or adding new authenticator enrollment policy
Modifying password recovery options
Enabling new functionality: Okta FastPass, Device Trust v2, Profile Enrollment.