Skip to main content
Version: 10.5.0

10.5.1 Release Notes

HYPR 10.5.1 is a Maintenance Release in the 10.5 Enterprise Channel.

The Enterprise Release Channel follows a quarterly upgrade cycle. Maintenance releases contain targeted fixes and minor improvements without schema-breaking changes.

Minimum Supported Versions

Release DateHYPR ProductMinimum RequirementNotes
September 24, 2025HYPR Passwordless for Windows 10.5.0Windows (10 "1803", 11)Reboot required if upgrading from 7.6 or below; Security Key Support for YubiKey 5 Series with firmware 5.X, YubiKey Bio Multi-Protocol Edition, IDEMIA ID-One on Cosmo 8.2, Feitian K9 Plus and K40 Plus and its offshoots
September 24, 2025HYPR Passwordless for Mac 10.5.0macOS (High Sierra, Mojave, Catalina, Big Sur, Monterey, Ventura, Sonoma 14.1 [not 14.0])Security Key Support for YubiKey 5 Series with firmware 5.X and Feitian ePass K9 Plus, K40 Plus and their respective offshoots
October 1, 2025HYPR Mobile App for Android 10.5.1Android 9.0+
October 1, 2025HYPR Mobile App for iOS 10.5.1iOS 12.4+
October 1, 2025HYPR Server 10.5.1Java Development Kit (JDK) 17Upgrade to 7.10 required before upgrading to 8.0.0 or higher
September 24, 2025HYPR SDK for Android 10.5.0Android 9.0+
September 24, 2025HYPR SDK for iOS 10.5.0iOS 12.4+
September 24, 2025HYPR SDK for Java 10.5.0Java Development Kit (JDK) 17+
Backward Compatibility

All HYPR components are fully compatible across the three previous/subsequent minor (X.X) HYPR releases.

Breaking Changes

  • [Control Center] FIDO2 MDS legacy APIs deprecation — with the introduction of granular AAGUID allow/deny controls, legacy metadata management APIs are scheduled to be deprecated beginning in 11.3. Update integrations to the new controls under cc/api/rp/api.

Enhancements

  • [HYPR One App for iOS] Added approval prompt for deep link‑initiated authentication to confirm login attempts and prevent unintended sign‑ins.

  • [Adapt] Feature flag refined so UI and API‑based policy evaluations can run without enabling event ingestion.

  • [Authenticate for Windows] Expanded filtering for password‑based credential providers — admins can add additional provider GUIDs to the filter list to prevent password and third‑party password tiles from appearing when password login is disabled.

  • [Authenticate for Windows] Added option to always enforce passwordless login, hiding password tiles even when no HYPR device is paired.

Events

See Event Descriptions for a list of all HYPR Events and parameters.

Error Messages

To see all HYPR errors by component, see HYPR Error Codes Troubleshooting Table.

APIs

You can find detailed descriptors and other API calls in HYPR's full Postman API set here.

Upcoming Changes

  • [Enterprise Passkey] Third‑party Passkey Provider Support

    • Enterprise Passkey can transform the HYPR One App for Android and iOS into a Third‑Party Passkey Provider, creating a consistent user experience with other passkey providers, either platform or third‑party.
    • Users can use a registered Enterprise Passkey in the HYPR One App through the native passkey support in Android and iOS, enabling native and browser mobile use cases.

  • [Authenticate] [Preview] Single Registration — Certificate Renewal through Control Center

    • Provides administrators with visibility into certificate expiration status and enables automatic certificate renewal for mobile pairings through Control Center.
    • Eliminates manual workstation‑based renewal processes and improves consistency for Single Registration/Web Registration deployments by centralizing renewal.
    • Mobile temporarily holds the current and new certificates and sends both during Unlock until workstation confirms acceptance.
    • Workstation prefers the new certificate when VPN/AD is reachable; otherwise it unlocks with the current certificate and prompts the user to connect VPN and try again.

  • [Authenticate] [Preview] Single Registration — Bi‑Directional

    • Enables both Web‑initiated and Workstation‑initiated Single Registration flows within the same tenant.
    • Establishes scenarios, constraints and UX convergence goals to "pair anywhere, authenticate everywhere," informing future development and demos.

  • [Adapt] HYPR Adapt for Microsoft Edge for Business Integration

    • HYPR Adapt policy risk engine integrates with Microsoft Edge for Business to extend signal collection and exchange with corporate browsers.
    • Provides access to device signals directly through the browser, offering broader coverage by accessing attested information not available from regular web app contexts.

  • [Integrations - Keycloak] OAuth authentication

    • As HYPR adopts OAuth as an authorization mechanism platform‑wide, the Keycloak integration will adopt OAuth exchanges in place of bearer tokens to increase security and flexibility.

  • [Affirm] Deepfake detection & real‑time feedback

    • Additional capabilities beyond Motion — including expanded deepfake detection and richer real‑time capture feedback — planned for later releases.

Bug Fixes

  • [HYPR One App] Improved push‑outage handling — Tap‑for‑Login and pending authentication prompts now appear even when the app is already open, ensuring users can approve sign‑ins during push credential issues or provider outages.

  • [Adapt] Restored ADAPT_LOGGING_ONLY_POLICY_EVALUATION event emission for the Pre‑HYPR Integration evaluation point, matching Pre‑Web Auth, so activity logs and troubleshooting reflect all evaluation stages during upgrades.

  • [Integrations - Keycloak] Fixed: Updating the EAM client secret via the UI now correctly persists to the authenticator configuration; no backend console edits required.

  • [Affirm] Fixed: Decision Maker outcomes now route users with registered devices to the correct device view instead of onboarding.

  • [Affirm] Fixed: Error page visibility — transient error screen now remains visible for 5 seconds to ensure users can read the message before redirect.

  • [Affirm] Fixed: Injectable outcomes now record denial results and reasons in Activity Log (no longer shows N/A).

  • [HYPR One App for iOS] Fixed: Crash when registering via HYPRLinks using the native camera; registration now completes reliably.

  • [HYPR Links] Fixed: Scanning login QR codes with the device’s native camera now triggers authentication after app handoff; web login succeeds without using the in‑app scanner.

Known Issues

  • [Adapt] Upon a cold start of the risk engine (e.g., after an upgrade) blocked policy might not be applied

  • [Authenticate] The HYPR Service does not always restart as intended after resuming from Modern Standby or hibernation, sometimes resulting in multiple restart attempts and network recovery failures

  • [Control Center] Server still sends push notifications with incorrect proxy credentials

  • [HYPR Passwordless for Windows] The text messages in the Windows login screen are replaced with incorrect text by HYPR Passwordless credential provider under certain circumstances

  • [HYPR Passwordless for Windows] If the YubiKey mini-driver is updated by HYPR Passwordless installer, a reboot is required

  • [HYPR One App for iOS] The text below the logo on the home screen still says "True Passwordless Security" and has not been updated to "Identity Assurance"

  • [HYPR One App for iOS] Registration isn't blocked and no alert is displayed when a version enforcement policy is set in Control Center for a future date

  • [Integrations - Okta] The Enroll button is displayed for Control Center admins who are not in the Okta directory

  • [Integrations - Okta] New integrations cannot be added due to 'Default Policy' errors

  • [Integrations - Okta] Users deleted from the Integrations rpApp do not get unassigned from the Okta app

  • [Integrations - Keycloak] Missing HYPR theme in local environment

  • [HYPR One App for iOS] Passkey creation may fail for Entra Federation integration (AccessDenied on creation options); fix targeted for 10.7

  • [HYPR One App for iOS] Two-keys flow: app may not navigate away from My Security Keys after deleting the last passkey; fix targeted for 10.7

  • [HYPR One App for iOS] When two workstations are paired (x509 + Entra hybrid), unlock sometimes fails on both; fix targeted for 10.7

  • [HYPR One App for iOS] Intermittent crash when de-registering WS bubble or web rpApp; fix targeted for 10.7

  • [Control Center] EPK workstation deregistration audit events missing; fix targeted for 10.7