Resolved issues
Latest release version: 19.07.01
The following issues were resolved in the Identity Platform release version 19.07.
[ 19.07 resolved issues] [ 19.07.01 resolved issues ]
19.07 resolved issues
Ref ID | Issue |
|---|---|
IDP-4233 | Device / browser profile matching issue is resolved. |
IDP-4877 | Require Begin Site redirect with a SAML request now works correctly. |
IDP-4878 | Date values are no longer missing on the help desk page for Cert Validation Date and Mobile Validation Date. |
IDP-4959 | OATH Token JSON Encryption Issue – Data is now correctly read when JSON encryption is selected as the OATH token storage method. Merged into this release from a hotfix applied in 9.2.0-20. |
IDP-5210 | Help Desk “Update” User Account – Incorrect profile data is no longer automatically saved since the Update button is now properly disabled. Merged into this release from a hotfix applied in 9.2.0-21. |
IDP-5800 | Data Parsing in SAML Attribute – Data is now correctly parsed when sent in a SAML attribute. Merged into this release from a hotfix applied in 9.3.0-3. |
IDP-5839 | Device Fingerprint Space Issue – The Device Fingerprint cookie name now parses correctly if a space is present in the generated cookie name. Merged into this release from hotfixes applied in 9.3.0-3, 9.2.0-24, and 9.1.0-47. |
IDP-6104 | Transformation Debug Logging – Transformation Engine logging is no longer automatically enabled when Debug logging is enabled, which prevents the potential exposure of sensitive information in the logs. Merged into this release from a hotfix applied in 9.2.0-24. |
IDP-6110 | Passcode Registration Screen – When using the Default theme, the SecureAuth Passcode registration screen now works correctly. Merged into this release from a hotfix applied in 9.3.0-4. |
IDP-6245 | Issue with GlobalSettings missing values is resolved. |
IDP-6252 | Link to Accept SMS issue now works correctly. |
IDP-6254 | Inline Password Reset Issue – Using the 2016 Light Theme, the Inline Password Reset pages now work as expected for all use cases. Merged into this release from a hotfix applied in 9.1.0-48. |
IDP-6266 | Incorrect SMS MFA Option – When users select the SMS OTP option, they no longer randomly receive an incorrect Link to Accept message. Merged into this release from a hotfix applied in 9.3.0-4. |
IDP-6357 | App Enrollment Maintenance – App enrollment for users made on previous versions of SecureAuth IdP work correctly after the upgrade. Merged into this release from a hotfix applied in 9.3.0-5. |
19.07.01 resolved issues
Ref ID | Issue |
|---|---|
IDP-3894 | Resolves issue in preventing malicious URL redirects and ensures that the redirect request is valid. |
IDP-6069 | Application Manager performance improvements in how application templates are loaded. |
IDP-6452 | QR Code Missing Secret – Upon successful login to a QR code app enrollment realm, users are now presented with a correct QR Code when a page is refreshed. Merged into this release from a hotfix applied in 9.2.0-27. |
IDP-6521 | Incomplete Revocation of App Enrollments – User device enrollments that are revoked on the self-service page are correctly removed when the user immediately re-registers the same device. Merged into this release from a hotfix applied in 9.2.0-27. |
IDP-6590 | Mobile Cookie Name – Mobile cookies that include spaces in the name now process correctly. Merged into this release from a hotfix applied in 9.3.0-6. |
IDP-6703 | New userAccountControl Values – SecureAuth IdP now has the most up-to-date userAccountControl values to ensure that certain account statuses are handled appropriately in transactions between LDAP providers and SecureAuth IdP. Merged into this release from hotfixes applied in 9.3.0-7, 9.2.0-28, and 9.1.0-50. |
IDP-6863 | Password Reset LDAP Issue – Administrative Password Reset with History Check functionality now working with LDAP containing protocol requirements. Merged into this release from a hotfix applied in 9.3.0-4. |
IDP-7089 | Logging Updates – Adaptive Authentication logging now correctly writes actual parameters instead of dictionary lines for certain requests. Merged into this release from a hotfix applied in 9.3.0-8. |
IDP-7137 | For cloud customers using the Identity Platform and Login for Endpoints, a new field, OTP Validation Property was added to API Permissions to allow OTP generation by means of SMS, Phone, Email, and Help Desk. |
IDP-7163 | Device Recognition Data Storage Issue – When storing the Device Recognition Profiles (Device Fingerprints) in the SQL data base in JSON format, all data is now correctly stored. Merged into this release from a hotfix applied in 9.1.0-51. |
IDP-7304 | Password Throttling Count Issue – The saved count for Password Throttling now effectively clears the bad password attempts to make way for the valid password entries. Merged into this release from a hotfix applied in 9.3.0-8. |
IDP-7337 | AuthCode Validity Issue – Only one AuthCode can be used in OIDC workflows for a client to obtain an access_token. Merged into this release from a hotfix applied in 9.1.0-52. |
IDP-7339 | QR Code Enrollment False Error – The hotfix resolves an issue where the QR Code App Enrollment page was inaccurately displaying an error (“Invalid Code. Please try again.”), despite successful enrollment. This was caused by double-clicking before the page finished loading. Merged into this release from a hotfix applied in 9.3.0-9. |
IDP-7464 | JWT Token Refresh Issue – Resolved issue where JWT tokens were not accurately refreshing, causing other SecureAuth cloud services, including authentication and adaptive policy checks, to fail. Merged into this release from a hotfix applied in 19.07-1. |
IDP-7435 | Cross-Site Request Forgery Vulnerability – CSRF tokens have been added to the administrative web interface. Merged into this release from a hotfix applied in 9.1.0-53. |
IDP-7305 | Authentication API Updates for User Risk – When using the Authentication API for adaptive authentication, the User Risk feature is now effectively accessed during analysis. Merged into this release from a hotfix applied in 9.2.0-29. |
IDP-7306 | Resolves issue in which there were thousands of EventID="6352" log entries per minute. |
IDP-7508 | Geo-velocity Cloud Communications Error – When comparing previous and current IP addresses, some logins were generating an “unavailable” result. Merged into this release from hotfixes applied in 19.07-1 and 9.3.0-11. |
IDP-7570 | Resolves issue in which Device Recognition workflows were not initiating after adaptive rules in a newly configured Policy. A new rule option, Run DR (run Device/Browser Recognition) was added to the All Other Logins rule. For more information about this rule option, see Adaptive authentication rules settings in a policy. |