Skip to main content

Changes between 21.04 and 22.02

Organizations that want or need a cloud or hybrid solution with ease of use at the forefront of the design, will find a lot to like in the SecureAuth® Identity Platform release 22.02. Existing customers will see the new features discussed briefly in the following table.

Admins will use the Identity Platform release 22.02 New Experience to configure and manage more aspects of the environment than in earlier releases of the Identity Platform product.

The following table maps terms, concepts, and features that you know from using the Identity Platform release 21.04 and earlier to new terms, concepts, and features in the Identity Platform release 22.02.

For a list of all enhancements, updates, and known issues for the current release, see the Release notes.

21.04 or earlier

22.02 and later

Differences

SecureAuth Identity Store (cloud deployments)

SecureAuth Identity Store (cloud and hybrid deployments)

SecureAuth Identity Store is now supported in Identity Platform hybrid deployments.

Azure Active Directory data store (cloud deployments)

Azure Active Directory (Azure AD) data store (cloud and hybrid deployments)

Azure AD data store is now supported in Identity Platform hybrid deployments.

---

Azure AD, guest account support

Administrators can add a personal guest account in the Azure AD admin portal and have login access through the Identity Platform.

---

Azure AD, regional support

Azure AD data store settings include support for regional instances like Azure China, Azure Germany, Azure U.S. Government, and Azure Public.

Windows SSO (Classic Experience)

Windows SSO integration with SecureAuth IWA (New Experience)

In the Identity Platform, you can now easily set up Windows SSO for your integrated resources. This feature is available in the New Experience and connects with the SecureAuth Integrated Windows Authentication (IWA) service for Kerberos-based authentication.

To learn more, see Windows SSO integration guide.

Policies

Policies, with support for a Redirect To condition rule

On the Authentication Rules tab, the Redirect To rule was added to the list of conditions (Prompt MFA, Skip MFA, or Block). You can use this conditional rule to redirect users to another URL.

Policies

New Login Workflow tab

The Login Workflow setting was moved out of the Multi-Factor Methods tab into its own tab.

Policies

Policies, with support for password conditions

On the Login Workflow tab, you can configure conditions where if the user meets certain conditions, they are not required to enter a password.

For example, you can set a condition that users must authenticate by approving a login notification on their mobile device. If they meet this condition, they are not prompted to enter their password in the login workflow.

Otherwise, if the user tries to authenticate using a different authentication method, they are prompted to enter their password in the login workflow.

---

Active Directory test data store connection

Need to troubleshoot or test your data store connection? In the Identity Platform New Experience, you can now test the Active Directory data store connection in the data store settings.

Available only in Identity Platform hybrid deployments.

---

Delete data store

Do you have a data store in the Identity Platform that you no longer need? In the Identity Platform New Experience, you can now delete a data store.

---

Delete application (realm)

Have an application (realm) that you no longer need in your Identity Platform instance? You can now delete an application that was originally created in the Identity Platform New Experience.

The deletion feature applies only to applications created in the Application Manager, Internal Application Manager, and Login for Endpoints.

Password Complexity (Classic Experience)

Password Policies and Password Deny Lists (New Experience)

In the Identity Platform New Experience, you can create a password policy to define password complexity rules and include deny lists. Deny lists can include words, fragments of words, and symbols not allowed in a user password.

Then, you can attach this password policy to the Password Reset page in the Internal Application Manager.

Application Manager

Application Manager look and feel updates

The Application Manager has a consistent look and feel like the Internal Application Manager.

It now includes a search box, grid view, and sort functionality. The list view also includes the display of the login URL for each application.

---

Dashboard view, Mobile Enrollments

The dashboard view includes metrics about mobile enrollments. You can get insights into the number of mobile devices end users have enrolled to authenticate their access to applications.