Skip to main content
The HYPR connector integrates the Maverics Orchestrator with HYPR passwordless authentication — enabling phishing-resistant, device-based authentication for your applications.
Console terminology: In the Maverics Console, this section is called Identity Fabric. The YAML configuration uses the connectors key to define identity provider integrations.

Overview

The HYPR connector enables passwordless authentication using the HYPR platform. It supports device-based authentication and QR code flows — allowing users to authenticate without passwords using their registered mobile device. The Orchestrator uses OIDC internally, but the Console exposes HYPR-specific configuration fields for the HYPR domain, application, and access token.

Use Cases

  • Passwordless SSO across legacy and modern apps — Replace passwords with HYPR device-based authentication and extend it to applications that lack native HYPR support, unifying passwordless SSO through the Orchestrator
  • Phishing-resistant MFA for IdP consolidation — Add strong, phishing-resistant multi-factor authentication as part of an IdP rationalization strategy, strengthening security posture while reducing reliance on legacy MFA solutions
  • QR code authentication for shared workstations — Enable users to scan a QR code with the HYPR mobile app for fast, secure authentication on shared or kiosk devices where passwords are impractical
  • Zero-trust authentication upgrade — Layer HYPR passwordless authentication into existing identity infrastructure through the Orchestrator, upgrading security without replacing or reconfiguring individual applications

Configuration

To create a HYPR connector in the Maverics Console:
  1. Navigate to Identity Fabric in the Console sidebar.
  2. Click Create and select HYPR.
  3. Enter a Name — this is the friendly name that identifies your provider.
  4. Enter the HYPR Domain — the base domain of your HYPR account (e.g., your-org.hypr.com).
  5. Enter the HYPR App ID — the name of the application as defined in the HYPR Control Center.
  6. Enter the Access Token — an access token configured in the HYPR Control Center. Use the show/hide toggle to verify the value.
  7. Optionally enable QR Authentication to display a QR code that users can scan with the HYPR mobile app. This toggle is off by default.
  8. Optionally set a Status Check URL to monitor the HYPR service status.
  9. Optionally set a Login URL to define a custom endpoint for posting user credentials.
  10. Optionally upload a Custom Login HTML file to customize the login page displayed to users.
  11. Optionally upload a Custom Interstitial HTML file to customize the interstitial page displayed during authentication.
  12. Optionally upload a Custom Error HTML file to customize the error page displayed when authentication fails.
  13. Click Save.

Troubleshooting

  • Verify the HYPR domain is accessible from the Orchestrator host — ensure the domain is correct and reachable
  • Ensure the App ID matches exactly what is configured in the HYPR Control Center — mismatched app IDs cause authentication failures
  • Check that the access token is valid — expired or revoked tokens will prevent the connector from communicating with HYPR
  • QR code not displaying — confirm that the QR Authentication toggle is enabled in the Console or that the equivalent setting is configured in YAML

Identity Fabric

Overview of all identity providers

Generic OIDC

Generic OpenID Connect connector

Okta

OIDC connector for Okta

Microsoft Entra ID

OIDC connector for Microsoft Entra ID