Overview

This release includes several new features, improvements, and bug fixes across administration, authentication, server-side components, and mobile applications.

Highlights:

• Enhanced Enrollment: Enrollment codes can now be sent via SMS, and administrators can generate codes directly from user identity details. Plug & Play SMS integration allows the use of external SMS providers.

• Improved Session Management: The session model has been enhanced to provide clearer information about session steps and evolution.

• Elastic Data Management: Elastic data can now be reindexed through the Admin GUI.

• Precise Location Enforcement: A new "Precise Location Services Required" option is available in Settings / Geolocation (and via mobile_settings.json for older versions), enhancing location security.

• Authentication Delegation: Users can now delegate authentication to other users.

• Mobile Enhancements: Mobile now supports authentication delegation and enforces location permissions when preciseLocationServicesRequired is enabled. UBA (ILP) result display in the authentication success popup can be toggled via Settings / Mobile Client Settings.

• Server-Side Optimization: Lucene indexes have been removed, improving server performance.

New features & improvements:

Administration & Dashboard:

• SMS delivery of enrollment codes.

• Enrollment code generation from identity details page.

• Plug & Play SMS integration.

• Improved session model for clearer session step information.

• Elastic data reindexing via Admin GUI.

• Precise location enforcement (Settings / Geolocation).

Authentication:

• Authentication delegation.

Server-Side:

• Removal of Lucene indexes.

• Biometric data traces are completely removed when the device or account is removed.

Mobile:

• Support for authentication delegation.

• Location permission enforcement when preciseLocationServicesRequired is enabled.

• Configurable UBA (ILP) result display in authentication success popup.

• Increased font size and general UI visibility for Offline PIN authentication.

Bug fixes:

Administration:

• Fixed issue preventing editing of specific subject derived attributes.

• Fixed error preventing deletion of external administrators.

• Fixed UI bug displaying incorrect registration date for users with "Password never expires" set in Active Directory.

Authentication:

• Fixed authentication error when using LDAP Password with "Accept Expired Password" enabled.

Server-Side:

• Improved Forgerock integration, addressing UI and authentication flow bugs.