Resolved issues
The Identity Platform product release 20.06 includes the following resolved issues.
20.06 resolved issues
Ref ID | Issue |
|---|---|
IDP-7495 | 2016 Light Theme Issue – PIN and KBQ methods did not display on the One-Time Registration Code delivery method page for an application integration created in the New Experience. |
IDP-7509 | OAuth Performance Issue – When a transaction (TRX) failure occurs, the OAuth workflow would slow down significantly, halting many users’ logins. Merged into this release from hotfixes applied in 19.07-1, 9.3.0-11, 9.2.0-30 (EE-1206). |
IDP-7519 | Authenticate App Enrollment Error – URL enrollments would fail on devices using iOS 12+ and when push notifications were not allowed for the application. Merged into this release from hotfix applied in 9.2.0-30 (EE-1275). |
IDP-7574 | Inline Initialization Attribute Clearing – When using Conditional Access for Azure, the Active Directory attribute values that were added during the Inline Initialization self-service process were immediately being cleared. Merged into this release from hotfix applied in 9.2.0-30 (EE-1334). |
IDP-7575 | Last Access Time Issue – For device enrollments (Authenticate app), the enrollment was not replaced when the end user reached the maximum number of enrollments allowed. Merged into this release from hotfix applied in 9.3.0-13 (EE-1355). |
IDP-7589 | Workflow Issue – Workflow initially set up to use Username | Second Factor. Policy assigned to resource changes the default workflow to use any Valid Persistent workflow causes the Public/Private mode option to be incorrectly displayed instead of the Private Only option. |
IDP-7618 | Global Aux ID fields do not display on the Data tab in the on-prem instance. |
IDP-7621 | YubiKey Enrollment with Proxy – YubiKey enrollments were not honoring the proxy settings configured in the realm, which led to user verification failures. Merged into this release from hotfixes applied in 19.07.01-1 and 9.3.0-14 (EE-1434). |
IDP-7627 | Biometric Identification Enrollment – The parameter required to enable the biometric identification authentication method was not included when users would re-enroll the SecureAuth Authenticate app. Merged into this release from hotfix applied in 19.07.01-9 (EE-1605). |
IDP-7641 | API Password Reset – IdM API password reset did not always work if user account was locked. Merged into this release from hotfixes applied in hotfix applied in 19.07.01-8 and 9.3.0-15 (EE-1388). |
IDP-7705 | Help Desk Verification Unmasking – When typing in the help desk verification answer on the Self-service Account Update page, there is now an option to “unmask” the answer, as there is with knowledge-based answers. Merged into this release from hotfix applied in 9.3.0-14 (EE-1442). |
IDP-7735 | Enhancements to User Risk Logging – Enhancements were made to logging for user risk information gathered during adaptive authentication, which provides more clarity. Merged into this release fromhotfix applied in 19.07.01-9 and 9.3.0-14 (EE-1455). |
IDP-7736 | Web.config Updates for SISU – Web.config updates required for SISU to work properly. Merged into this release from hotfix applied in 9.3.0-14 (EE-1475). |
IDP-7762 | WebServices Directory Lookup Update – When using webservices for multi-directory lookup, the profile directory was not pulled from the same realm as the membership. Merged into this release from hotfix applied in 19.07.01-1 (EE-1458). |
IDP-7763 | Inaccurate Anti-forgery Error – During specific workflows and with specific MFA methods, users were receiving an anti-forgery error when they should not have received one. Merged into this release from hotfix applied in 19.07.01-1 (EE-1481). |
IDP-7777 | Transformation Engine Group Handling – Resolves issue in which the Transformation Engine could not correctly filter groups by full and common name when used together. Merged into this release from hotfix applied in 9.2.0-31 (EE-1491). |
IDP-7778 | SAML Request Signature Validation – In certain SAML workflows, signature validation was not successful. Merged into this release from hotfix applied in 19.07.01-8 and 9.3.0-16 (EE-1432). |
IDP-7824 | Auth API Endpoint Issue – When KBQ answer has leading/trailing space, calls to Auth API endpoint returns "Invalid" status. |
IDP-7835 | Updates to Secure Storage – Updates made to Secure Storage to avoid corruption. Merged into this release from hotfix applied in 19.07.01-2 and 9.3.0-15 (EE-1391). |
IDP-7938 | Session Timeout Length – Increased session timeout length to accommodate specific use cases. Merged into this release from hotfix applied in 9.1.0-55 (EE-1511). |
IDP-7939 | IP Evaluation Update – The IP Eval service did not use the appropriate IP address for WS-Trust requests when using a load balancer. Merged into this release from hotfix applied in 19.07.01-2, 9.3.0-15, and 9.2.0-32 (EE-1373). |
IDP-7948 | OIDC Workflow Wipes KBAs – After authenticating in an OIDC workflow with consent storage, users’ knowledge-based answers is no longer deleted from their profile. Merged into this release from hotfix applied in 9.3.0-16 (EE-1540) |
IDP-7993 | Content and Localization Spacing Issue – Resolves issue in which after making customizations that include leading spaces, the spacing presents as expected until content and localization is edited at a later point, where then the spacing is removed. Merged into this release from hotfix applied in 9.3.0-16 (EE-1426). |
IDP-7994 | Inline Password Reset Forced Updates – Resolves issue in which users were being forced to update their password even though their password had not yet expired. Merged into this release from hotfix applied in 9.3.0-16 (EE-1576). |
IDP-8048 | OTP Value Reusability – Resolves issue when using the API OTP validate endpoint, it was possible to reuse the same OTP at a later time. Merged into this release from hotfix applied in 9.1.0-55 (EE-1558). |
IDP-8056 | OIDC Session Cleanup – Resolves issue in which sessions were not properly cleared in OIDC realms, making it impossible to log into multiple clients due to values being cached from the first session. Merged into this release from hotfix applied in 19.07.01-8 and 9.2.0-32 (EE-1583). |
IDP-8499 | Security Fix – Implemented additional input validation to prevent double curly brackets ( {{ or }} ) in form input fields, including the UserID field. Merged into this release from hotfixes applied in 9.1, 9.2, 9.3, and 19.07.01 (EE-1644). |
IDP-8630 | Security Issue – Resolved XSS security vulnerability in path resolution. Merged into this release from hotfixes applied in 19.07.01-14, 19.07-4, 9.2.0-35, and 9.1.0-58 (EE-1815). |
IDP-8633 | Security Issue – Resolved security issue with request parameters. Merged into this release from hotfix applied in 19.07.01-15 (EE-1844). |