Version 3.3.38

New Features/Integrations:

Added the ability to disable the custom user profile attribute feature for end-users.
Added the feature to send group attributes in radius applications.
Improved the IDP Session Timeout feature. Added a configurable option under product settings for admins.
Added support for Importing LDAP / AD Groups and Memberships.
Added the ability to configure multiple External OAuth providers.
Added Location Restriction feature.
Added new User Capabilities:

Allow/Disallow end users to Change their Email Addresses.
Allow/Disallow end users to have access to edit profile and Change Password sections.

Added support for IMIS Applications as Identity Provider.
Added support for Microsoft authenticator as an MFA Method.
Added configurable option to ‘Force 2FA on each login attempt’ during SSO or login.

Usability improvements for LDAP Gateway.
Better error messages during LDAP Test Connection.
Fixes around failed password attempts. Now the attempts remaining persist across sessions and browsers.
Fixes around SAML SSO when branding is not set.
UI improvements for custom attributes page.
SMTP Improvements:

Fixes in API/external JWT apps for policy name.
Usability improvements for DB TestConnection.
Fixed password reset link for the branded account during SSO with external IDP/database.
Enable/disable miniOrange Admin Login from specified LDAP User Stores.
Fixes for end user login from self-service console with LDAP gateway.(Cloud only)
Improvements around http post calls.
XXE Injection fixes during SAML SSO.
Authenticated Reflected XSS Via URL Parameter – RelayState.
Improvements for override relay state functionality. Now RelayState will only be. overridden when this option is enabled which wasn’t the case earlier.
Support for TLS 1.2 during SMTP connection.