Changes between 21.04 and 20.06

Organizations that want or need a cloud or hybrid solution with ease of use at the forefront of the design, will find a lot to like in the SecureAuth® Identity Platform release 21.04. Existing customers will see the new features discussed briefly in the following table.

Admins will use the Identity Platform release 21.04 UI to configure and manage more aspects of the environment than in release 20.06.

The following table maps terms, concepts, and features that you know from using the Identity Platform release 20.06 and earlier to new terms, concepts, and features in the Identity Platform release 21.04.

For a list of all enhancements, updates, and known issues for the current release, see the Release notes.

20.06 and earlier

21.04 and later

Differences

---

SecureAuth Identity Store

A new cloud-hosted solution available for cloud and hybrid implementations, which is a separately licensed product that works with the Identity Platform release 21.04.

Use the SecureAuth Identity Store to add and manage user identities separate from your enterprise data store, such as contractors, temporary or seasonal workers, customers, and partners, that you do not want to add to your data store —Active Directory or Azure AD— for security or cost reasons.

---

SecureAuth Mobile SDK

Our new Mobile SDK helps your organization integrate the sign-in experience between your web application and your mobile application. Trigger push-to-accept and time-based one-time passcodes (TOTPs) to your mobile app so your users continue to use the branded app they know and love, while gaining the security of SecureAuth adaptive authentication layers.

---

Login for Linux

This is a new SecureAuth endpoint configuration option available to add multi-factor authentication for logins on Linux operating systems.

---

Pre-Login Assessment Service

Create a pre-login questionnaire for Login for Windows and Login for Mac to determine user risk before allowing login access. For example, ask COVID-19 health questions to determine user risk and allow or block users from onsite access to a work computer.

Policies

Policies, with support for complex use cases

More security controls in login workflows for complex use cases. Improvements include conditional rule statements (AND, ELSE, OR) in policy configurations to allow, block, or prompt MFA during end user login.

---

Global unique ID (GUID)

This log file improvement helps identify user logins more easily. Each user now will have a GUID, regardless of their login ID. This means if John logs in to one realm as jsmith and then as jsmith@acme.com in another realm, he'll have the same GUID in the transaction logs.

---

FIDO2 WebAuthn PIN support

Updates to the FIDO2 WebAuthn global MFA settings include PIN support. You can require user verification with a PIN on roaming FIDO2 security keys, phones, or laptops for registration and authentication. You can also define how many FIDO2 security keys users can register.

Post Auth

Internal Application Manager

Use the Internal Application Manager to connect a legacy application that was created in the Classic Experience with an authentication policy from the New Experience UI. You can also add new internal applications, like the application portal, password reset, help desk pages, and OIDC integrations, and attach authentication policies all in the New Experience UI.

See About the Internal Application Manager.

Version 1.0 of UI look and feel (19.07); Enhanced UI look and feel (20.06)

New What's New page

The Identity Platform What's New page was refreshed and now has a punchy new graphical and modern look to help you discover new products and features in the 21.04 release.