Hotfixes
The following lists hotfixes for the Identity Platform version 20.06.
20.06 hotfixes
Release No. | Release Date | Ref ID | Issue / Description |
---|---|---|---|
20.06-5 | 12-Jan-2021 | EE-1803 | Biometric Support – Re-enrollment in the Authenticate app in order to use biometric identification is no longer required. Install this hotfix if you have:
For more information, see Support biometric options in login workflow with Authenticate app. |
EE-1804 | Submit Form Post Issue – The Submit Form Post realm incorrectly removes password data following certain special characters. Install this fix if you have:
| ||
EE-1826 | Transformation Engine Support – Transformation Engine now supports OIDC / OAuth2 workflows. Install this fix if you have:
| ||
EE-1833 | Multiple Workflow Configuration Issues – Resolved issues with setting up a Multiple Workflow Configuration and password throttling validation issue. Install this hotfix if you have:
| ||
EE-1877 | Service Provider Metadata XML Issue – In the New Experience UI, the metadata XML exports in the wrong format. | ||
EE-1989 | Theme Issue with Login – Users can't login with the 2019 theme in Internet Explorer 11 or Office 365 using embedded browser controls. The Submit button stays disabled at login. Install this hotfix if you have:
| ||
EE-2004 | SAML Request Signature Validation Certificate Issue – In certain SAML workflows, signature validation was not successful. Install this fix if you have:
CautionBy installing this hotfix, any expired signing certificate is now enforced by the certificate expiration date. Contact Support to override this setting to allow expired certificates. It requires the following application setting in the web.config:
| ||
20.06-4 | 09-Nov-2020 | EE-1611 | 2016 Theme Support for Biometric MFA – The new Biometric MFA option was not available for use in the 2016 theme option. Install this hotfix if you have:
|
EE-1810 | OIDC Issue – The email_verified claim should be sent as a boolean value. Install this hotfix if you have:
| ||
EE-1860 | Latency Issues – Realms created in the Classic UI are now optimized to reduce latency. Install this hotfix if you have:
| ||
EE-1868 | OIDC Issue – The OIDC algorithm header reverted back to HS256 during product upgrade. Install this hotfix if you have:
| ||
EE-1935 | Security Optimization – Admin API update to data store optimized for security best practices. This hotfix is required for all 19.07.01 deployments. | ||
EE-1966 | Redirect with Token Issue – Redirect with token workflows were intermittently unsuccessful under certain conditions. Install this hotfix if you have:
| ||
Other | Additional logging enhancements and updated SecureAuth branding | ||
20.06-3 | 07-Oct-2020 | EE-1890 | This hotfix includes a file correction to a previous 20.06-2 hotfix addressing this issue: Certificate Issue – For customers upgrading from Identity Platform version 19.07.01 to 20.06, the SHA-1 assertion now verifies correctly. This hotfix is required for all 20.06 deployments. |
20.06-2 | 02-Oct-2020 | EE-1778 | OIDC / OAuth2 Workflow Session Cleanup – OIDC queries in OAuth workflows now read correctly when a user has two browser tabs open when authenticating into a resource. Install this fix if you have:
|
EE-1890 | Certificate Issue – For customers upgrading from Identity Platform version 19.07.01 to 20.06, the SHA-1 assertion now verifies correctly. This hotfix is required for all 20.06 deployments. | ||
EE-1902 | OIDC / OAuth 2 Issue – Fixes an issue with scope values not rendering correctly on the Post Auth tab for OpenID Connect/OAuth 2.0. Install this fix if you have:
| ||
EE-1928 | Authentication API Improvement – The Authentication API now supports Link-to-Accept via SMS and email as an available multi-factor method MFA option. Install this hotfix if you have:
| ||
20.06-1 | 11-Sep-2020 | EE-1196 | Classic administration realm navigation bar repositions incorrectly after save. |
EE-1524 | Azure AD UPN Domain Check – Resolves issue with unnecessary uppercase and lowercase domain name check in username. Install this hotfix if you have:
| ||
EE-1552 | Push Notification Company Name – In the SecureAuth Authenticate app login request UI, the configured company name was not accurately displaying. Install this hotfix if you have:
| ||
EE-1600 | Redirect with Token Issue – Redirect with token workflows were unsuccessful. Install this hotfix if you have:
| ||
EE-1607 | International Phone Number Issue – Ten-digit International phone numbers were automatically being prepended with “1”, making those numbers unusable for MFA. Install this hotfix if you have:
| ||
EE-1660 | Password Throttling Validation Issue – Users passwords not always validated when using Password Throttling feature. Install this hotfix if you have:
| ||
EE-1684 | Database Logging Issue – Database logs experiencing a table lock stopped writing new log entries. Install this hotfix if you have:
| ||
EE-1692 | Chrome 404 Error on Manage Accounts Page – Chrome browser would give a 404 error to users on the Manage Accounts (help desk) page if the page timed out and user logs back in, whereas other browsers would redirect them back to the page after authentication. Install this hotfix if you have:
| ||
EE-1707 | Corrupted CyberArk Username – When using CyberArk for the directory credentials, the username would become corrupted during simultaneous connections. Install this hotfix if you have:
| ||
EE-1739 | Theme Issues for Realm Pages – Pages in the realm root were not rendering correctly when using the 2019 theme. Install this hotfix if you have:
| ||
EE-1749 | Admin Console Issue – Admin console may not load after reboot.
| ||
EE-1772 | Error Verbiage Improvements – In OAuth flow, if the authorization code ID and saved code ID do not match, it displayed the error message, "this code has already been used" which is misleading. Error message now reads as "Authorization Code does not match or has already been used". Install this hotfix if you have:
| ||
EE-1774 | Biometric Method Issue – For a Mobile Login (Push Notification) method involving any biometric as the Request Type in the Classic IdP Experience, some configuration fields are greyed out. Install this hotfix if you have:
| ||
EE-1781 | Transformation Engine Issue – Resolves issue in which the Transformation Engine did not work correctly when used with WS-Federation. Install this hotfix if you have:
| ||
EE-1608 | Resetting IIS Settings – After making changes to IIS and then changes to the SecureAuth Web Admin, the changes made in IIS were reverted to the previous configuration. Install this hotfix if you have:
| ||
EE-1619 | Invalid SQL Password Issue – Password data was cut off in the database when using encrypted password format, resulting in an invalid user password at login. Install this hotfix if you have:
| ||
EE-1680 | Debug Log Cleanup – Debug logs required changes. This hotfix is required for all 20.06 appliances. | ||
EE-1683 | SecureAuth Identity Platform was not able to effectively retrieve the email address from the Azure AD data store. Install this hotfix if you have:
|