> ## Documentation Index
> Fetch the complete documentation index at: https://docs.strata.io/llms.txt
> Use this file to discover all available pages before exploring further.

# FAQ

Common questions about the Maverics platform organized by topic. Can't find your answer? [Contact support](https://strataidentity.my.site.com/support/s/).

## General

<AccordionGroup>
  <Accordion title="What is Maverics?">
    Maverics is an identity orchestration platform from Strata Identity. It consists of two components: the Orchestrator (a lightweight identity abstraction layer deployed in your infrastructure) and the Console (a cloud-hosted management interface). Together they let you route, translate, and manage authentication across any combination of identity providers, protocols, and applications.
  </Accordion>

  <Accordion title="What identity protocols does Maverics support?">
    The Orchestrator supports OIDC, SAML 2.0, LDAP, HTTP header-based authentication, and the Model Context Protocol (MCP) for AI identity. It can translate between these protocols, so a SAML application can authenticate against an OIDC provider (or vice versa) without application changes.
  </Accordion>

  <Accordion title="What is the Identity Fabric?">
    The Identity Fabric is an architectural pattern where a lightweight abstraction layer (the Orchestrator) sits between applications and identity providers. It decouples applications from specific identity vendors, enabling incremental migration, protocol translation, and policy-based routing without modifying application code.
  </Accordion>

  <Accordion title="Is Maverics open source?">
    No. Maverics is a commercial product. Contact [Strata Identity sales](https://strataidentity.my.site.com/support/s/) for licensing information.
  </Accordion>
</AccordionGroup>

## Getting Started

<AccordionGroup>
  <Accordion title="How do I install the Orchestrator?">
    The Orchestrator is distributed as a single binary and can run on Linux, in Docker containers, or on Kubernetes. Download it from the Console, deploy it to your environment, and point it at your configuration. See the [Quick Start guide](/guides/getting-started/quick-start) for step-by-step instructions.
  </Accordion>

  <Accordion title="Do I need the Console to use Maverics?">
    The Console is the recommended way to use Maverics. It provides visual configuration, centralized deployment management, audit logging, and config bundle publishing with cryptographic signing. While the Orchestrator can technically run standalone with local YAML files, the Console streamlines operations significantly and is how most customers manage their deployments.
  </Accordion>

  <Accordion title="What are the system requirements?">
    The Orchestrator is lightweight and runs on Linux (x86\_64 and ARM64), in Docker containers, or on Kubernetes. Specific resource requirements depend on traffic volume and the number of configured applications.
  </Accordion>
</AccordionGroup>

## Architecture

<AccordionGroup>
  <Accordion title="Where does the Orchestrator run?">
    The Orchestrator runs in your infrastructure -- on-premises, in the cloud (AWS, Azure, GCP), or both. It deploys as a lightweight binary alongside your applications. The Console is always cloud-hosted (SaaS).
  </Accordion>

  <Accordion title="Can I run multiple Orchestrators?">
    Yes. You can deploy multiple Orchestrator instances for high availability, geographic distribution, or workload isolation. All instances are managed from a single Console.
  </Accordion>

  <Accordion title="How does configuration work?">
    Configuration is managed through the Console UI (visual, point-and-click) or YAML files (declarative, version-controlled). Both interfaces configure the same Orchestrator, so changes made in one are reflected in the other.
  </Accordion>

  <Accordion title="What is a Config Bundle?">
    A Config Bundle is a cryptographically signed package of configuration that the Console publishes to Orchestrators. Bundles are signed with ECDSA P-256 and verified by the Orchestrator before deployment, ensuring configuration integrity.
  </Accordion>
</AccordionGroup>

## Security

<AccordionGroup>
  <Accordion title="How are secrets handled?">
    Maverics integrates with external secret providers (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, CyberArk, Conjur, and Delinea). Secrets are never stored in configuration files -- the Orchestrator fetches them at runtime from your chosen provider.
  </Accordion>

  <Accordion title="Is configuration encrypted in transit?">
    Yes. All communication between the Console and Orchestrators uses TLS. Config Bundles are additionally signed (ECDSA P-256) so the Orchestrator can verify they have not been tampered with.
  </Accordion>

  <Accordion title="Does Maverics have compliance certifications?">
    Visit the [Strata Trust Center](https://trust.strata.io) for current certifications, security practices, and compliance documentation.
  </Accordion>
</AccordionGroup>

## Licensing

<AccordionGroup>
  <Accordion title="How is Maverics licensed?">
    Contact [Strata Identity](https://strataidentity.my.site.com/support/s/) for licensing details. Licensing terms depend on deployment scale and use case.
  </Accordion>

  <Accordion title="Is there a free tier or trial?">
    Contact [Strata Identity sales](https://strataidentity.my.site.com/support/s/) to discuss trial options.
  </Accordion>
</AccordionGroup>
