Version 4.10.0 Cloud
[Release date: To be announced]
New Features & Improvements:
SSO Enhancements:
- Flexible IDP-Initiated SSO: Added support for passing user attributes in the SSO login URL for IDP-initiated flow in OAuth and passwordless applications.
- Custom SAML Actions: New webhook support for SAML applications to execute custom logic before SAML response attributes are processed.
- OpenID Improvements: Several Improvements to OpenID implicit, client credential, password grant types, introspection endpoints and more.
MFA Enhancements:
- Forced MFA Enrollment: Support to enforce MFA setup on the first login for external IDP initiated login.
- Microsoft Push MFA: Added Support for Microsoft Push as a 2FA Method.
- FIDO Device Management APIs: Added APIs to configure FIDO devices for 2FA remotely.
- Enhanced MFA Security: Added rate limiting for "Resend OTP" flows and invalid MFA attempts.
- Radius Improvements: Added Internationalization Support for RADIUS response messages.
- New Onboarding Options: Added a feature to allow admins to send User activation email to the user’s alternate email address.
EndUser Dashboard Improvements:
- Personalized User Dashboard: End users can now mark apps as favorites for easier access on their dashboard.
UI Improvements:
- Improved Apps Admin UI: Revamped configuration pages for Desktop, Passwordless, JWT, OAuth applications to a consistent, modern interface.
- Improved MFA Configuration Admin UI: Revamped“2FA options for end users” and “Alternate 2FA Login Methods” to a consistent, modern interface.
- Refined Login Policy UI: Updated the UI for App Login Policy pages.
Provisioning Enhancements:
- Active Directory: Improved configuration and provisioning for Active Directory, ensuring more reliable synchronization.
- Custom Provisioning Apps: Now supports importing users.
- Azure AD/Office 365: Now includes support for group provisioning.
Bug Fixes:
- Fallback authentication from Active Directory to miniOrange now works correctly in the broker flow.
- Enabling/disabling users correctly triggers provisioning across all flows.
- Updated several underlying libraries to address security vulnerabilities and improve overall system stability.