Skip to main content

Enhancements and fixes

The Identity Platform product release 24.04 includes the following other enhancements and fixes.

24.04 enhancements and fixes

Ref ID

Issue

IDP-900

Hardstop Verbiage Customization – Added key to allow customization of the "Hardstopped by Analyze Engine" message.

To add the new hardstop_message key , you must use the "Update Resource" function on the updatewebconfig page.

Hotfix merge into this release (EE-3393)

IDP-11409

OIDC Endpoint Improvement – Added improvements to consent storage for supporting multiple active tokens during introspection.

Hotfix merge into this release (EE-3264)

IDP-11544

Setting to Pre-Populate Username Field – Added setting to turn on or off the username autofill setting for SP-initiated login workflows.

By default, this setting is turned on. Contact Support to turn this on or off.

Hotfix merge into this release (EE-3202)

IDP-11597

Migration Issue with Profile Datastore – Addressed issue with a SQL profile provider data store not working correctly after a Classic to New Experience realm migration.

Hotfix merge into this release (EE-3196)

IDP-11642

FIPS Compliance on User Handler Web Service Page – Added logic to make EncryptUser.aspx page compliant with FIPS.

Hotfix merge into this release (EE-3258)

IDP-11643 / IDP-11676

Configuration Setting for ACS URL Restriction – Added a configuration setting to turn ON or OFF the ACS URL whitelist enforcement.

Important

See this KB article: How to establish trust for ACS redirects in SP-initiated SAML requests

Hotfix merge into this release (EE-3252 and EE-3302)

IDP-11824

SVG Image Support – Added support for .svg images in Advanced Settings for Company Logo on login pages.

Hotfix merge into this release (EE-3139)

IDP-11868

Password Change on Disabled Accounts Issue – Addressed issue affecting disabled accounts with a Change Password on Next login setting.

Hotfix merge into this release (EE-3320)

IDP-11870

Metadata File Download – The metadata file download in the New Experience now also goes to the root of the application realm.

Hotfix merge into this release (EE-3259)

IDP-11909

SecureStore Issue – Addressed file locking issue with SecureStorageAPI during file sync to secondaries.

Hotfix merge into this release (EE-3335)

IDP-11912

2016 Light Theme Issue – Username + Password login workflow does not work correctly when the user enters their username and presses Enter instead of Tab to the password field.

Hotfix merge into this release (EE-3288)

IDP-11982

Transparent Single Sign-On Issue – Addressed an issue when using custom token user data with a comma which invalidated the TSSO. We utilized the existing Delimiter setting to allow adjustments to parsing the cookie data with a delimiter known not to clash with user data.

Hotfix merge into this release (EE-3292)

IDP-12102

MFA Method Order Improvement – Added improvement to retain the RegMethodOrder value in the web.config after you make a change in the New Experience.

Hotfix merge into this release (EE-3318)

IDP-12103

CyberArk Credentials Issue – Addressed issue with not being able to save the CyberArk Vault username in the Advanced Settings.

Hotfix merge into this release (EE-3317)

IDP-12110

SMS Issue with OTP – Addressed an issue where OTPs were sent as voice messages instead of SMS. This happened when using Voice/SMS combo option for Phone MFA method in themes 2013 and 2016 Light.

Hotfix merge into this release (EE-3362)

IDP-12120

AD LDS Data Store Issue – Addressed a test connection issue for the AD LDS data store in the New Experience.

Hotfix merge into this release (EE-3360)

IDP-12186

Update Web.Config Issue – Added logic to preserve unique modifications running the update for the web.config file.

Hotfix merge into this release (EE-3361)

IDP-12214

OIDC Realm Issue – Addressed issue for an edge case between OIDC Consent + Windows SSO + Transformation Engine.

Hotfix merge into this release (EE-2542)

IDP-12275

Security Issue – Security improvements for managing UserExchange Web Service for Custom application integrations.

Hotfix merge into this release (EE-3373)

IDP-12278

ASP.NET Issue – Added improvement to async in ASP.NET targeting dynamic IP blocking.

Hotfix merge into this release (EE-3385)

IDP-12279

AppSetting to Extend SAML Attribute Limit – Added the ability to extend the SAMLAttrCountLimit appsetting value to more than the default 10 attributes in a SAML assertion.

You can change the SAMLAttrCountLimit value to a number greater than 10. Then, you must include the following appsetting values for each additional attribute.

string attributeName = Tools.ReadAppSettings("SAMLAttr" + i + "Name"); 
string attributeFriendlyName = Tools.ReadAppSettings("SAMLAttr" + i + "FriendlyName"); 
string attributeFormat = Tools.ReadAppSettings("SAMLAttr" + i + "Format"); 
string samlAttributeValue = Tools.ReadAppSettings("SAMLAttr" + i + "Value"); 
string matchExpression = Tools.ReadAppSettings("SAMLAttr" + i + "FilteredGroup");

Note: At this time, this is a manual setting. There will be a UI update coming in a future hotfix.

Hotfix merge into this release (EE-3397)

IDP-12280

Authentication Issue – Addressed an issue with random authentication errors.

Hotfix merge into this release (EE-3391)

IDP-12294

CyberArk Username Issue – Addressed issue with not saving the CyberArk username in the Advanced Settings (on the Data tab for Datastore connection settings).

Hotfix merge into this release (EE-3380)

IDP-12372

Include OATHOTP.aspx Page – This new post-authentication page will generate the TOTP for all the user’s enrolled devices.

Hotfix merge into this release (EE-3411)

In this section: