Hotfixes
The following lists hotfixes for the Identity Platform version 20.06.
20.06 hotfixes
Release No. | Release Date | Ref ID | Issue / Description |
|---|---|---|---|
20.06-7 | 25-Mar-2021 | EE-1822 | 2019 Theme Issue - Password Inline Warning – User receives countdown warning that password is about to expire in set number of days and password change is optional. But, the Submit button is not enabled, forcing the user to change their password to proceed with the login workflow. Install this hotfix if you have:
|
EE-2003 | 2019 Theme Issue - Profile Missing page – User with a missing profile is redirected to the profilemissing.aspx page; it doesn't show a Restart Login link. Install this hotfix if you have:
| ||
EE-2045 | FIDO2 Authentication Issue – FIDO2 authentication ignores proxy settings. Install this hotfix if you have:
| ||
EE-2047 | FIDO2 Authentication Improvement – Error handling improvements to user login when user does not have a registered FIDO2 security key. Install this hotfix if you have:
| ||
EE-2100 | FIDO2 Authentication Improvements – Improvements related to FIDO2 authentication include:
Install this hotfix if you have:
| ||
20.06-6 | 08-Mar-2021 | EE-1854 | Web Admin Optimization – Removal of unused code and subfolder from the SecureAuth Identity Platform Web Admin project folder. |
EE-1864 | WS-Federation Update – In realms that use WS-Federation, this update requires allow-listing of URLs for the If a There is also a new optional setting to support allow-listing of more than one URL by using a comma-delimited list. Install this hotfix if you have:
| ||
EE-1897 | Performance Enhancements – Update exception handling to improve system performance during login and enrollment workflows. | ||
EE-1979 | Updates to Audit Logging for SQL – Audit logging updates for SQL data store response times. Install this hotfix if you have:
| ||
EE-2004 | SAML Request Signature Validation Certificate Issue – In certain SAML workflows, signature validation was not successful. Install this fix if you have:
ImportantBy installing this hotfix, any expired signing certificate is now enforced by the certificate expiration date. To override this setting to allow expired certificates, set the following application setting in the web.config:
| ||
EE-2051 | Self-Service Account Update Theme Issue – There were some missing labels on the AccountUpdate.aspx page using 2016 or 2019 Themes. Install this hotfix if you have:
| ||
EE-2060 | Security Optimization – OIDC authorization with PKCE optimized for security best practices. This hotfix is required for all 19.07.01 deployments. | ||
EE-1960 | Hotfix Installer Update – Hotfix installer updates the cloud certificate URL to use | ||
EE-2046 | Hotfix Installer Update – Hotfix installer uninstalls Metricbeat. | ||
20.06-5 | 12-Jan-2021 | EE-1803 | Biometric Support – Re-enrollment in the Authenticate app in order to use biometric identification is no longer required. Install this hotfix if you have:
For more information, see Support biometric options in login workflow with Authenticate app. |
EE-1804 | Submit Form Post Issue – The Submit Form Post realm incorrectly removes password data following certain special characters. Install this fix if you have:
| ||
EE-1826 | Transformation Engine Support for OIDC / OAuth2 Workflows – Transformation Engine now supports OIDC / OAuth2 workflows. Install this fix if you have:
| ||
EE-1833 | Multiple Workflow Configuration Issues – Resolved issues with setting up a Multiple Workflow Configuration and password throttling validation issue. Install this hotfix if you have:
| ||
EE-1877 | Service Provider Metadata XML Issue – In the New Experience UI, the metadata XML exports in the wrong format. | ||
EE-1989 | 2019 Theme Issue with Login Workflow – Users can't login with the 2019 theme in Internet Explorer 11 or Office 365 using embedded browser controls. The Submit button stays disabled at login. Install this hotfix if you have:
| ||
EE-2004 | SAML Request Signature Validation Certificate Issue – In certain SAML workflows, signature validation was not successful. Install this fix if you have:
CautionBy installing this hotfix, any expired signing certificate is now enforced by the certificate expiration date. Contact Support to override this setting to allow expired certificates. It requires the following application setting in the web.config:
| ||
20.06-4 | 09-Nov-2020 | EE-1611 | 2016 Theme Support for Biometric MFA – The new Biometric MFA option was not available for use in the 2016 theme option. Install this hotfix if you have:
|
EE-1810 | OIDC Claim Format Issue – The email_verified claim should be sent as a boolean value. Install this hotfix if you have:
| ||
EE-1860 | Performance Optimizations – Realms created in the Classic UI are now optimized to reduce latency. Install this hotfix if you have:
| ||
EE-1868 | OIDC Issue – The OIDC algorithm header reverted back to HS256 during product upgrade. Install this hotfix if you have:
| ||
EE-1935 | Security Optimization – Admin API update to data store optimized for security best practices. This hotfix is required for all 19.07.01 deployments. | ||
EE-1966 | Redirect with Token Issue – Redirect with token workflows were intermittently unsuccessful under certain conditions. Install this hotfix if you have:
| ||
Other | Additional logging enhancements and updated SecureAuth branding | ||
20.06-3 | 07-Oct-2020 | EE-1890 | This hotfix includes a file correction to a previous 20.06-2 hotfix addressing this issue: Certificate Issue – For customers upgrading from Identity Platform version 19.07.01 to 20.06, the SHA-1 assertion now verifies correctly. This hotfix is required for all 20.06 deployments. |
20.06-2 | 02-Oct-2020 | EE-1778 | OIDC / OAuth2 Workflow Session Issue – OIDC queries in OAuth workflows now read correctly when a user has two browser tabs open when authenticating into a resource. Install this fix if you have:
|
EE-1890 | Certificate Issue – For customers upgrading from Identity Platform version 19.07.01 to 20.06, the SHA-1 assertion now verifies correctly. This hotfix is required for all 20.06 deployments. | ||
EE-1902 | OIDC / OAuth 2 Issue – Fixes an issue with scope values not rendering correctly on the Post Auth tab for OpenID Connect/OAuth 2.0. Install this fix if you have:
| ||
EE-1928 | Authentication API Improvement – The Authentication API now supports Link-to-Accept via SMS and email as an available multi-factor method MFA option. Install this hotfix if you have:
| ||
20.06-1 | 11-Sep-2020 | EE-1196 | Realm List Display Issue – Classic administration realm navigation bar repositions incorrectly after save. |
EE-1524 | Azure AD UPN Domain Check – Resolves issue with unnecessary uppercase and lowercase domain name check in username. Install this hotfix if you have:
| ||
EE-1552 | Push Notification Company Name – In the SecureAuth Authenticate app login request UI, the configured company name was not accurately displaying. Install this hotfix if you have:
| ||
EE-1600 | Redirect with Token Issue – Redirect with token workflows were unsuccessful. Install this hotfix if you have:
| ||
EE-1607 | International Phone Number Issue – Ten-digit International phone numbers were automatically being prepended with “1”, making those numbers unusable for MFA. Install this hotfix if you have:
| ||
EE-1660 | Password Throttling Validation Issue – Users passwords not always validated when using Password Throttling feature. Install this hotfix if you have:
| ||
EE-1684 | Database Logging Issue – Database logs experiencing a table lock stopped writing new log entries. Install this hotfix if you have:
| ||
EE-1692 | Chrome 404 Error on Manage Accounts Page – Chrome browser would give a 404 error to users on the Manage Accounts (help desk) page if the page timed out and user logs back in, whereas other browsers would redirect them back to the page after authentication. Install this hotfix if you have:
| ||
EE-1707 | Corrupted CyberArk Username – When using CyberArk for the directory credentials, the username would become corrupted during simultaneous connections. Install this hotfix if you have:
| ||
EE-1739 | 2019 Theme Not Rendering Correctly – Pages in the realm root were not rendering correctly when using the 2019 theme. Install this hotfix if you have:
| ||
EE-1749 | Admin Console Issue – Admin console may not load after reboot.
| ||
EE-1772 | Error Verbiage Improvements – In OAuth flow, if the authorization code ID and saved code ID do not match, it displayed the error message, "this code has already been used" which is misleading. Error message now reads as "Authorization Code does not match or has already been used". Install this hotfix if you have:
| ||
EE-1774 | Biometric Method Issue – For a Mobile Login (Push Notification) method involving any biometric as the Request Type in the Classic IdP Experience, some configuration fields are greyed out. Install this hotfix if you have:
| ||
EE-1781 | Transformation Engine Issue – Resolves issue in which the Transformation Engine did not work correctly when used with WS-Federation. Install this hotfix if you have:
| ||
EE-1608 | Resetting IIS Settings – After making changes to IIS and then changes to the SecureAuth Web Admin, the changes made in IIS were reverted to the previous configuration. Install this hotfix if you have:
| ||
EE-1619 | Invalid SQL Password Issue – Password data was cut off in the database when using encrypted password format, resulting in an invalid user password at login. Install this hotfix if you have:
| ||
EE-1680 | Debug Log Cleanup – Debug logs required changes. This hotfix is required for all 20.06 appliances. | ||
EE-1683 | SecureAuth Identity Platform was not able to effectively retrieve the email address from the Azure AD data store. Install this hotfix if you have:
|