This release includes several new features, improvements, and bug fixes across administration, authentication, server-side components, and mobile applications.
Highlights:
-
Enhanced Enrollment: Enrollment codes can now be sent via SMS, and administrators can generate codes directly from user identity details. Plug & Play SMS integration allows the use of external SMS providers.
-
Improved Session Management: The session model has been enhanced to provide clearer information about session steps and evolution.
-
Elastic Data Management: Elastic data can now be reindexed through the Admin GUI.
-
Precise Location Enforcement: A new "Precise Location Services Required" option is available in Settings / Geolocation (and via
mobile_settings.jsonfor older versions), enhancing location security. -
Authentication Delegation: Users can now delegate authentication to other users.
-
Mobile Enhancements: Mobile now supports authentication delegation and enforces location permissions when
preciseLocationServicesRequiredis enabled. UBA (ILP) result display in the authentication success popup can be toggled via Settings / Mobile Client Settings. -
Server-Side Optimization: Lucene indexes have been removed, improving server performance.
New features & improvements:
Administration & Dashboard:
-
Improved session model for clearer session step information.
-
Precise location enforcement (Settings / Geolocation).
Authentication:
Server-Side:
-
Biometric data traces are completely removed when the device or account is removed.
Mobile:
-
Support for authentication delegation.
-
Location permission enforcement when
preciseLocationServicesRequiredis enabled. -
Configurable UBA (ILP) result display in authentication success popup.
-
Increased font size and general UI visibility for Offline PIN authentication.
Bug fixes:
Administration:
-
Fixed issue preventing editing of specific subject derived attributes.
-
Fixed error preventing deletion of external administrators.
-
Fixed UI bug displaying incorrect registration date for users with "Password never expires" set in Active Directory.
Authentication:
-
Fixed authentication error when using LDAP Password with "Accept Expired Password" enabled.
Server-Side:
-
Improved Forgerock integration, addressing UI and authentication flow bugs.