Changelog
Entries are in timeline order by date, going backwards in time down the page.
10.0.0 - GA 2025-02-12
Enhancements
-
[Adapt] Feature Requests
- [Adapt] Show Logging Only flag value in the Policy details drawer
- [Adapt] Store the OAuth2 CrowdStrike API key in Adapt for calls
- [Adapt] Fixed: CrowdStrike IdP Policy evaluation IdP score check is not working as expected
- [Adapt] Fixed: ZTA policy enhancement fires STORED_API_ZERO_TRUST_ASSESSMENT whenever ZTA score is manually retrieved
- [Adapt] Fixed: Crowdstrike policies allowed=true when unable to obtain score
- [Adapt] Fixed: Logging Only Enabled/Disabled status is not tracked in the Audit Trail
- [Adapt] Fixed: CrowdStrike Signal Handler: Add Bulk API call to cover ZTA machine statuses for user web calls
-
[Adapt] General Improvements
- [Adapt] Consolidate policy evaluation calls in Keycloak Select Login Method module
- [Adapt] Policy assignment event should be tagged as
ADAPT_POLICY_ASSIGNMENT
and should have policyName - [Adapt] Add tests for the Login Limits template
- [Adapt] Create diagrams/documentation notes for Firebase KT
- [Adapt] Fixed: Policy / Handler search doesn't work with ID, works only with name
-
[Adapt] Risk policy chaining PoC
- [Adapt] Composite policy chaining
-
[Adapt] UI/UX Updates
- [Adapt] Decrease width of version selection field
- [Adapt] Run a new signal search on username change
- [Adapt] Enable searching in the Rego editor
- [Adapt] Confirm exit on unsaved changes
- [Adapt] Prompt for configuration Save upon form change
- [Adapt] Add a refresh button for Signal Handler metrics
- [Adapt] Signal Handler metrics: UX feedback points
- [Adapt] Signal Handler metrics: Info icon with rollover text explaining the use and source of the metric
- [Adapt] Fixed: Manual evaluation input gets overridden on evaluation request
-
[Affirm] Feature Requests
- [Affirm] Add
resource
field to OIDC - [Affirm] Add
resource
field to OIDC in the UI - [Affirm] Add an outcome option to redirect on failure
- [Affirm] Add Consent screen
- [Affirm] Add
-
[Affirm] Workflow Friction level for predefined Verification Step templates
- [Affirm] Create the new Friction enum and add it to the UI
- [Affirm] Create workflow defaults by Friction
-
[Affirm; Integrations; Platform - Keycloak] Keycloak, Affirm and Integrations-related tasks
- [Affirm] Add unit tests to
AffirmUserService.kt
- [Affirm] When creating a new workflow, force the user into the full modal
- [Affirm] Add unit tests to
-
[All HYPR] UX/UI component library updates
- [All HYPR] Generate build of component library
-
[Passwordless for Windows] Security Device Enhancements
- [Passwordless for Windows] Show smart card device type at registration
- [Passwordless for Windows] Touch policy for YubiKey (presence verification)
- [Passwordless for Windows] Configurable security device lockout number
- [Passwordless for Windows] Fixed: Not getting firmware version from Feitian keys
- [Passwordless for Windows] Fixed: When Smart Card Pairing Enabled is disabled, we cannot pair an IDEMIA card
-
[Passwordless for Windows] Tech Debt Q1 2025
- [Passwordless for Windows] Change default so
HyprKsp
does NOT do CRL and user account checks - [Passwordless for Windows] Extend copyright year to 2025
- [Passwordless for Windows] Fixed:
HyprServiceInstallError
system environment variable may be set following the Passwordless client installation - [Passwordless for Windows] Fixed: Checking wrong error code after
DiInstallDriver
- [Passwordless for Windows] Change default so
-
[SDK for FIDO2 Web Browser] HYPR FIDO2 Web SDK Improvements 10.0
- [SDK for FIDO2 Web Browser] Consolidate Type imports
-
[Adapt ] Event Handlers Beta
-
[Adapt] Logging facility for Policies
-
[Adapt] Risk and Signal Handler versioning Template [Backend]
-
[Control Center - Integrations] Enterprise Passkey: Third-party passkey provider API for macOS [Alpha]
-
[Mobile App for Android] Current profile improvements:
MachineStatus
and token refresh -
[Mobile App for Android] Hyprlinks: sample code reference app
-
[Mobile App for Android] Provide responses for MASA revalidation
-
[Mobile App for iOS] Update EULA text
-
[Passwordless for Windows] Update EULA text on the workstation client
-
[Platform - Keycloak] Keycloak to send authenticated events
Bug Fixes
-
[Passwordless for macOS] Q2 2025 Security Device Enhancements
- [Passwordless for macOS] Fixed: Cannot set "securityKeyPinComplexity" in hypr.json
- [Passwordless for macOS] Fixed: Passwordless doesn't enforce PIN Complexity
-
[Affirm] Integration Bug Fixes
- [Affirm] Fixed: Control Center UI Verification Flows table Description sort leads to a white screen
- [Affirm] Fixed: Generic error when updating verification flow that isn't assigned an
rpAppId
- [Affirm] Fixed: After the Consent screen, instead of redirecting to chat, it redirects to the Control Center login page
- [Control Center - Integrations] Fixed: Azure: All three transport types are may be successfully disabled
-
[Adapt ] The risk policy name is displayed as 'NA' in the Integrations page when the policy is deleted
-
[Login Limits Policy] The user remains blocked even after the User Blocked Duration is configured
-
[Passwordless - Both] QR_Fallback: QR icon is large in size when compared to the line of text
-
[Passwordless for Windows] Fix warning introduced
9.7.2 - GA 2025-02-07
Enhancements
-
[Affirm] PoC: Helpdesk Support
-
[Affirm] Helpdesk CC UI Changes
-
[Affirm] Helpdesk endpoint details UI
-
[Affirm] Helpdesk endpoint main table UI
-
[Affirm] Helpdesk IdV UI changes
-
[Affirm] Helpdesk PoC - combine/connect the web UI all together
-
[Affirm] Helpdesk scaffolding code for the new endpoint
-
[Affirm] New feature flag for Help Desk functionality
-
[Affirm; Integrations; Platform] Q1/2025 Keycloak, Affirm and Integrations related tasks
-
[Integrations - Entra] Use the Keycloak url from vault
-
[Integrations - Okta] Don't assign an application when adding a device
-
[Mobile App - Both] Make SMS keyword responses adhere to convention (stop, help, etc.)
Bug Fixes
[Entra] Federation: After updating the password of a service account, users can no longer authenticate