Before you upgrade to Identity Engine, there are certain configurations you must first set up. These configurations ensure a successful upgrade, so your org has the latest Identity Engine features.
|Update event hook endpoints.||If your org uses an event hook endpoint that depends on the phone number field, update the endpoint to handle its new location.|
|Prepare Okta Mobile users for the upgrade||
Okta Mobile isn't available after the upgrade.
|Disable Okta Mobility Management.||Identity Engine doesn't support Okta Mobility Management.|
|Turn off Device Trust for mobile devices.||Turn off Device Trust on mobile devices|
|Delete IWA routing rules||Okta IWA agent isn't supported.
Delete Integrated Windows Authentication routing rules
Migrate from Integrated Windows Authentication to agentless Desktop Single Sign-on
|Turn off Device Trust for mobile devices.||Follow the migration steps to ensure that Device Trust continues to work after the upgrade.|
|Migrate from the AWS Command Line Interface.||Identity Engine doesn't support older AWS CLI tools. To determine if you use the AWS CLI, search for the following in your System Log (not comprehensive):
If you require CLI access, upgrade using one of the following methods:
|Review SDK documentation.||If your org uses the Okta SDKs for authentication and you're planning to move to Okta FastPass, review the docs:|
|Disable State Token All Flows or ignore the warning.||State Token All Flows (STAF) isn't compatible with Identity Engine. If STAF is enabled in your Classic Engine org, you receive a warning. If you choose to not disable STAF, dismiss this warning and proceed with the upgrade.|
|Prepare Terraform for the upgrade.||
If you use Terraform to manage one or more Okta tenants, ensure that you have the latest version of the Terraform provider and your script files are in sync.