
How Meridian Bank retired a 14-year-old SSO stack in eleven weeks
A top-20 North American bank moved 84,000 employees and 130 federated partners off homegrown identity infrastructure — without a single failed login day.
A system nobody wanted to touch
Meridian's SSO broker was written in 2011, patched through three acquisitions, and understood — fully — by exactly two engineers. Every partner-bank integration was a bespoke SAML configuration. Every certificate renewal was a change-advisory-board meeting. Regulators had started asking questions the architecture diagrams couldn't answer.
The breaking point was an eleven-hour partner-facing outage in late 2024, caused by an expired signing certificate that the renewal runbook listed as 'automatic'. It wasn't the first. The CISO's office estimated each identity incident cost the bank $400K in operational response alone.
Migration as a sequence, not a cliff
Authr's migration engineering team ran the cutover as 130 small migrations rather than one large one. Each federated partner moved behind a compatibility façade that spoke Meridian's legacy SAML dialect on one side and Authr on the other — meaning partners never changed a line of configuration.
Employee authentication moved org-by-org through Directory Sync, with Authr shadowing the legacy system for two weeks per cohort and diffing every assertion. 41 latent misconfigurations were found and fixed before they became incidents. The legacy broker was powered down eleven weeks after kickoff — three weeks ahead of plan.
What zero incidents actually bought
The headline number is the $3.1M in eliminated run-cost: two full-time maintainers redeployed, a hardware SAML appliance contract cancelled, and an incident-response line item that simply stopped being used.
The quieter win is regulatory. Meridian's auditors now receive hash-chained evidence exports directly from Audit Fabric. What used to be a three-week evidence scramble each exam cycle is now a saved query. The two engineers who understood the old system have been promoted to run the bank's new identity governance program — on top of Authr, not underneath it.
“We migrated 84,000 employees and 130 federated partners off a homegrown SSO stack in eleven weeks. Auth incidents since: zero. Our board asked why we didn't do it years ago.”
RARebecca AlvarezChief Information Security Officer, Meridian Bank
