.png)
At the end of June 2026, ArcTitan is moving to a new Admin UI with modern OAuth 2.0 sign-in via your chosen identity provider (IDP).
Key information
- ArcTitan is moving to a new Admin UI with modern OAuth 2.0 sign-in via your chosen identity provider (IDP).
- Local ArcTitan usernames and passwords are being retired. Supported IDPs include Microsoft Azure AD, Google, Okta (OAuth 2.0 and SAML), OneLogin, and any Generic OpenID compatible provider.
- General Availability will begin in the week of 29 June 2026 and will be a staggered roll-out: UK → EU → US2 → US.
- There will be no price change.
- There will be no changes to the ArcTitan search experience.
- The change applies to ArcTitan only. WebTitan, SpamTitan and the backup and recovery portfolio are not affected.
Read below for more detailed information.
PAGE CONTENTS
- What is being released?
- Why this change?
- Why does this matter?
- What do I need to do?
- Supported identity providers
- What is not changing in this release?
- Release schedule
- Frequently asked questions
- Key contacts
What is being released?
We are launching a new ArcTitan Admin UI that replaces local username and password sign-in with OAuth 2.0 authentication via your own IDP. The new console will sit alongside the existing Classic Admin area during the transition. Once your cluster is upgraded, the new UI will become the standard administrative interface for ArcTitan.
In this release you will see:
- A redesigned administration console with a role-aware dashboard covering distributors, partners, tenants, active users, storage usage and monthly archive growth.
- OAuth 2.0 sign-in via your existing IDP, with role-based access control (RBAC) at every level of the hierarchy (Super User, Distributor, Partner, Tenant).
- A unified Settings area for branding, authentication configuration, alerts, SMTP and staff members, with role-based visibility on each.
- Coexistence with Classic Admin for archive search. (The search UI is not changing in this release.)
Why this change?
The security model of locally stored usernames and passwords no longer reflects how organizations expect SaaS administration to work. Local credentials expose customers to credential leaks, weak or reused passwords, and limited central control over administrative access.
Routing authentication through your own IDP fixes this. ArcTitan never sees or stores your IDP credentials, and your existing identity controls (SSO, MFA, conditional access) extend directly to ArcTitan administration. The new RBAC model gives Super Users, Distributors, Partners and Tenants the right level of access by default, without local password sprawl.
Why does this matter?
- Stronger security. You can eliminate locally stored passwords and enforce SSO, MFA and conditional access policies on ArcTitan administration.
- Easier management. You'll now have a single sign-in for admins, role-based access at every level, and self-service for Tenant administrators managing user permissions and search settings.
- Better visibility. A redesigned dashboard surfaces the metrics admins use every day, replacing repeated click-throughs in Classic Admin.
- Audit and compliance. These changes satisfy zero-trust mandates and third-party SaaS authentication reviews. This aligns ArcTitan administration with the identity controls you already trust.
- No price change. This is a security and usability enhancement at no additional cost.
What do I need to do?
Your required action depends on how you are currently signing in.
If you already use OAuth in Classic Admin:
No action is required. Your existing IDP configuration carries over to the new Admin UI automatically. This is a zero-touch transition for your environment.
If you currently sign in with a local ArcTitan username and password:
- You will need to configure an identity provider before your cluster's cutover.
- Follow the steps in this article: Configuring OAuth Connection Settings
- A list of supported providers is provided below.
- Your existing local credentials will continue to work temporarily after the upgrade. You will be prompted to migrate to OAuth on first sign-in to the new UI.
- From General Availability onwards (29 June+), no new local accounts can be created.
- If you need help, contact:
- Your CyberSentriq account executive/contact for IDP selection and planning, scheduling for your cluster, and any questions specific to your environment.
- The CyberSentriq Support team for assistance during IDP configuration, sign-in issues during cutover, or any technical problem with the new Admin UI.
If you are an MSP or Partner managing Tenants:
- Confirm that each Tenant has an IDP configured ahead of your cluster's cutover. Tenants without an IDP will be flagged so we can support you with migration.
- Share this notice with your end customers. CyberSentriq can provide template communications and supporting materials on request.
Supported identity providers
- Microsoft Azure AD
- Okta (OAuth 2.0 and SAML)
- OneLogin
- Any Generic OpenID compatible provider
What is not changing in this release?
- archive search UI
- delegation rights (these remain in Classic Admin in this release, and are on the roadmap for a future update)
- pricing
- WebTitan, SpamTitan, backup and recovery
Release schedule
Anticipated rollout dates are as follows:
Milestone | Date |
Customer OAuth onboarding (3 weeks) | w/c 03 June 2026 |
Partner rollout (rolling, per cluster) | w/c 29 June 2026 |
General Availability begins | w/c 29 June 2026 |
Cluster Rollout UK & EU | w/c 29 June 2026 |
Cluster Rollout US2 & US | w/c 6 July 2026 |
Cluster rollout order: UK → EU → US2 → US. Customers on later clusters continue to use Classic Admin and existing authentication until their cluster cuts over; there is no functional impact pre-upgrade. Your CyberSentriq contact will confirm specific dates for your region.
Frequently asked questions
Q. Which CyberSentriq products does this apply to?
A. ArcTitan only. WebTitan, SpamTitan and the backup and recovery portfolio are not affected.
Q. Will I lose access if I haven't moved off local credentials by General Availability?
A. No. Existing local credentials will continue to work temporarily after your cluster's upgrade, and you will be prompted to migrate to OAuth on first sign-in to the new UI. However, no new local accounts can be created from GA onwards, so we strongly recommend configuring an IDP ahead of your cutover.
Q. Will my archive data, retention or configuration be affected?
A. No. This release introduces changes to authentication and the administrative experience only. Archive data, retention settings and existing configuration remain in place.
Q. Are there any changes to how archive searches work?
A. No. The search UI is unchanged in this release; archive search continues in the existing Classic Admin area.
Q. Will delegation rights be available in the new Admin UI?
A. Not yet. Delegation rights remain in Classic Admin and are on the roadmap for a future release.
Q. I'm an indirect Tenant under an MSP. What should I do?
A. Your MSP is responsible for coordinating the change with you. If you do not yet have an IDP configured, contact your MSP for migration support.
Q. Is there a price change associated with this release?
A. No. This is a security and usability enhancement to the existing ArcTitan product at no additional cost.
Q. When does my cluster move over?
A. Cluster cutovers will run in the order UK → EU → US2 → US, beginning the week of 29 June 2026. Your CyberSentriq contact will confirm specific dates for your region.
 1.png)