Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Release - March 2024

            Modified on Tue, 2 Apr, 2024 at 1:43 AM

            The following release notes summarize the most recent changes performed on the product. 

            Platform/AdminX

            AdminX

            New Features

            Send one-time passcodes to desk phones

            • We now support sending Voice OTPs to landlines with extension numbers. This enables users with desk phones easy access to receiving passcodes. Landlines with extensions can be provided in the one of the following formats: 19856445878x5698  19856445878#5698 , 19856445878x 5698 and other formats

            Send One-time passcodes to multiple phone numbers

            • Users with multiple phone numbers on their account can choose to receive one-time passcodes on any of the available phone numbers. New BlockID attributes ‘mobiles’ & ‘landlines’ allow admins to map the source attribute containing the phone numbers of the users. Mobile numbers can receive text and voice call with their passcode while landlines only support voice calls by default.  
            • Don’t have phone numbers broken down to mobile and landlines? Read more about our ‘User Attribute Transformation’ script below to see how we can solve the problem.

            User Attribute Transformation Script 


            AdminX now allows administrators to create a script that can support transforming an attribute before sending it out in an assertion. This feature can be used for eg. to concatenate user’s attributes, break down multiple phone numbers from a single AD attribute, filter out sensitive AD groups or support required transformations to login to an application.

            • The script utilizes JavaScript to execute transformations at the broker. When transformed by the broker, the new attribute is available at the time of fetching the user, authentication, and access to an application.  

            • Only users with the permission ''USER_TRANSFORMATION_JS_MANAGEMENT’ are allowed to modify the script  

            • When saving the script, admins are required to provide an OTP for additional authentication



            Admin Activity Logging


            The following additional events have been added to enhance our admin activity logging capabilities  

            • E_SP_CREATED: When a SAML/OIDC application is added to the catalog by an admin 
            • E_SP_DELETED: When an application is deleted from the catalog by an admin  
            • E_SP_MODIFIED: When an application is modified by the administrator  
            • E_ADAPTIVEAUTH_MODIFIED: When an adaptive authentication journey has been modified by the administrator.  
            • E_PREFERREDSTORES_MODIFIED: When a new directory is added or removed from the preferred user store by an administrator 
            • E_BRANDING_MODIFIED: When an administrator modified the branding configuration  
            • E_DIRECTORY_ADVANCED_CONFIGURATION_MODIFIED: This event captures any changes made to the user attribute transformation script. 
            Track devices used for Web login 


            The E_LOGIN_SUCCEEDED event has been enhanced to log additional information available at the time of login if a health agent has been installed on the Windows machine. At the time of a login to an application on a browser, the 1Kosmos health agent reports critical information about the device like domain name, Mac address, OS version, etc.  


            Display QR code is adaptative Auth Journey   


            As part of adaptive authentication, QR code is now available as one of the authentication methods. When QR code is enabled as auth method for a user after evaluation of journeys, then the end user will see a new tile displaying ‘Login with QR.’ When scanned using the BlockID Mobile app, the user will be able to be prompted to provide biometrics and subsequently logged in.


            Additional Updates 

            • To handle security vulnerabilities, we are removing our dependency on Tomcat and opting to use OpenJDK-11 to build and run the application.  
            • Performance improvements to address IP Address evaluation for CIDR ranges. Our changes specifically address run-time evaluation of a large set of IP address ranges to be optimized. 
            • Performance improvements to our caching logic 
            • Fixed an issue in which the username is case-sensitive at the time of authentication.  
            • Fixed an issue where user token will not contain the AD groups assigned to a user. 
            • Introduced performance optimizations to support faster load times for the login page.

             

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0