Skip to main content


The following lists hotfixes for the SecureAuth® Identity Platform release 23.07.

23.07 hotfixes

Release No.

Release Date

Ref ID

Issue / Description




Transparent Single Sign-On Issue – Addressed an issue when using custom token user data with a comma which invalidated the TSSO. We utilized the existing Delimiter setting to allow adjustments to parsing the cookie data with a delimiter known not to clash with user data.


CyberArk Credentials Issue – Addressed issue with not being able to save the CyberArk Vault username in the Advanced Settings.


MFA Method Order Improvement – Added improvement to retain the RegMethodOrder value in the web.config after you make a change in the New Experience.


Send FIDO2 Confirmation Email – Added a configuration setting to send a confirmation email to end users when they enroll or remove a FIDO2 authenticator in their profile.

To learn more about configuring this setting, see How to send a confirmation email about a FIDO2 device


Support for Preferred MFA in RADIUS 23.11 – Added support for the Preferred Auto-Submit Method set by an Admin in a policy.

To learn more about Preferred MFA for RADIUS, see SecureAuth RADIUS version 23.11 release notes.




SVG Image Support – Added support for .svg images in Advanced Settings for Company Logo on login pages.


Migration Issue with Profile Datastore – Addressed issue with a SQL profile provider data store not working correctly after a Classic to New Experience realm migration.


Setting to Pre-Populate Username Field – Added setting to turn on or off the username autofill setting for SP-initiated login workflows.

By default, this setting is turned on. Contact Support to turn this on or off.


Conditional Access – Added out of the box integration with Conditional Access and the Identity Platform.

To learn more, see Microsoft Conditional Access Custom Controls integration guide.


FIPS Compliance on User Handler Web Service Page – Added logic to make EncryptUser.aspx page compliant with FIPS.


Metadata File Download – The metadata file download in the New Experience now also goes to the root of the application realm.


HID Hard Token Improvement – Added an optional serial number field for HID hard token enrollments. This is also supported in CSV file uploads.


2016 Light Theme Issue – Username + Password login workflow does not work correctly when the user enters their username and presses Enter instead of Tab to the password field.


Configuration Setting for ACS URL Restriction – Added a configuration setting to turn ON or OFF the ACS URL whitelist enforcement.


Before you install this hotfix, see this KB article: How to establish trust for ACS redirects in SP-initiated SAML requests


Password Change on Disabled Accounts Issue – Addressed issue affecting disabled accounts with a Change Password on Next login setting.


SecureStore Issue – Addressed file locking issue with SecureStorageAPI during file sync to secondaries.