Resilience documentation

What is Authonomy Resilience?

An availability layer that keeps authentication working when one of your identity providers degrades.

Authonomy Resilience is an availability layer that sits in the authentication path between your applications and your identity providers. When a provider is unreachable — through a provider-side outage, a configuration error, or a loss of connectivity from a site — the resilience layer keeps authenticating, authorizing, and provisioning against the rest of the estate.

It is not an identity provider. It does not replace one. The customer’s existing IdP remains authoritative for the identity population at all times. Authonomy sits alongside it as an availability layer, with a health-aware router selecting the right path for each request.

What it does

The platform routes each authentication request through a priority-ordered set of login methods — your primary IdP, one or more secondary IdPs, and Authonomy’s native authentication as a continuity floor. A health-aware router consults a per-method health monitor and dispatches each request to the first reporting healthy. When no external method is reachable, the ladder resolves to native authentication, which Authonomy serves against credential material registered in the deployment’s credential store.

The same mechanism — router plus priority-ordered ladder, evaluated per request — covers two failure shapes:

Provider-level failover. When a configured upstream provider is having an outage, the router redirects traffic to the next healthy method without the application knowing.

Site-level failover. When an Authonomy instance deployed at a site loses WAN reachability to its external providers, the same router serves the site against the local instance, including the native floor for users enrolled there.

The architectural move underneath both is the same: the failure domain that authentication depends on during a severance becomes the Authonomy instance itself, which sits inside the customer’s zone of control rather than across an unreliable network.

What it doesn’t do

Resilience is an availability layer, not an identity-management platform. It does not provide identity lifecycle management, orchestration across providers as a primary capability, credential vaulting for third-party services, or a cross-instance observability platform. Where the integration surface meets adjacent capabilities, those live elsewhere in the customer’s stack.