The following documentation has been identified to review as part of the preparation needed to perform the upgrade to Okta Identity Engine (OIE).

NOTE: Additional Okta features may require reconfiguration or be disabled in order to complete the upgrade.

Applies To

• Okta Identity Engine (OIE)
• NOTE: This requires a product called “Multi-Org Deployment” or using “Org Creator APIs”.
• Warning: This org is a parent org and cannot be upgraded to OIE until all the children are upgraded. x child org(s) have not upgraded to OIE yet.
• PARENT_CHILD_ORG_UPGRADE
• Upgrade Eligibility: Eligible - Okta Assistance Required.

Solution

How does this blocker impact the upgrade to OIE?

This is a "Parent” org, used as a template to generate child orgs. There are still remaining child orgs that have not been upgraded to OIE.  
 

How to remediate this blocker?

All “child orgs” must be upgraded or disconnected from the parent prior to the parent org. Once this is complete, the parent can be upgraded.
 

Post-Upgrade Notification

Once upgraded, all orgs will be created on the Okta Identity Engine base platform.

Please review the org creation process to ensure all the default sign-in policies meet the requirements.

• Post Upgrade to the “Parent" org, the default sign-in policy of created orgs will be “Any 2 Factors”
• In "Classic" (prior to Identity Engine Upgrade) the default policy was password only. This was intentional to default to a more secure policy posture; allowing the administrators to either add an additional rule or assign applications to the respective assurance policy on creation.