Skip to main content
Version: 11.1.0

11.1.1 Release Notes

HYPR 11.1.1 is a patch to the 11.1.0 Enterprise Channel Release.

The Enterprise Release Channel follows a quarterly upgrade cycle, ensuring a stable and predictable update process. This schedule provides organizations with ample time to test, adapt, and implement changes while minimizing disruptions to business operations. With each release, customers receive the latest security, performance, and feature enhancements, allowing them to stay up to date with improvements while maintaining operational stability.

Minimum Supported Versions

Release DateHYPR ProductMinimum RequirementNotes
March 27HYPR Passwordless for Windows 11.1.0Windows (10 "2004", 11)Reboot required if upgrading from 7.6 or below; Security Key Support for YubiKey 5 Series with firmware 5.X, YubiKey Bio Multi-Protocol Edition, IDEMIA ID-One on Cosmo 8.2, Feitian K9 Plus and K40 Plus and its offshoots
April 22HYPR Passwordless for Mac 11.1.1macOS (High Sierra, Mojave, Catalina, Big Sur, Monterey, Ventura, Sonoma 14.1 [not 14.0], Sequoia, Tahoe)Security Key Support for YubiKey 5 Series with firmware 5.X and Feitian ePass K9 Plus, K40 Plus and their respective offshoots
April 22HYPR Mobile App for Android 11.1.1Android 9.0+
January 7HYPR Mobile App for iOS 10.7.1iOS 12.4+
April 22HYPR Server 11.1.1Java Development Kit (JDK) 17Upgrade to 7.10 required before upgrading to 8.0.0 or higher
April 22HYPR SDK for Android 11.1.1Android 9.0+
March 27HYPR SDK for iOS 11.1.0iOS 12.4+
April 22HYPR SDK for Java 11.1.1Java Development Kit (JDK) 17+
Backward Compatibility

All HYPR components are fully compatible across the three previous/subsequent minor (X.X) HYPR releases.

Breaking Changes

  • [Control Center] FIDO2 MDS legacy APIs deprecation — Legacy FIDO2 metadata-management APIs are scheduled to be deprecated beginning in 11.3. Customers using these APIs should plan to update integrations to the newer metadata controls and query APIs.

Enhancements

  • [Event Hooks] Event Hooks are now backward compatible with earlier Control Center versions.

  • [Server] Improved performance of the pending users query to reduce database load in large deployments.

Events

The following events were added in this release:

  • AFFIRM_WRITEBACK_TRIGGERED (IDENTITY_VERIFICATION) — A writeback to an external system was initiated following an Affirm identity verification outcome.
  • AFFIRM_WRITEBACK_SUCCESS (IDENTITY_VERIFICATION) — A writeback to an external system completed successfully.
  • AFFIRM_WRITEBACK_SKIPPED (IDENTITY_VERIFICATION) — A writeback to an external system was skipped.
  • AFFIRM_WRITEBACK_FAILURE (IDENTITY_VERIFICATION) — A writeback attempt to an external system failed.
  • AFFIRM_WRITEBACK_EXHAUSTED (IDENTITY_VERIFICATION) — All writeback retry attempts to an external system were exhausted.

See Event Descriptions for a list of all HYPR Events and parameters.

Error Messages

The following error codes were added in this release:

  • 1201099: ADAPT_ALLOWLIST_USER_NOT_FOUND — User not found in the specified application for Adapt allowlist. Verify the username exists in the target application before attempting to allowlist.
  • 1202807: JWT_KC_PROVISIONING_ERROR — JWT Keycloak provisioning failed due to missing or invalid Keycloak configuration. Ensure Keycloak service URL, username, and password are configured.
  • 1207025: TRUSTED_LOCATION_PROBLEM — There was an issue with the trusted location. Ensure the trusted location data is valid and the location exists.

To see all HYPR errors by component, see HYPR Error Codes Troubleshooting Table.

APIs

You can find detailed descriptors and other API calls in HYPR's full Postman API set at https://apidocs.hypr.com/?version=latest.

Bug Fixes

  • [Affirm] Restored requester first name and last name to the Affirm activity log, which had been inadvertently removed in 11.1.0 and caused identification confusion for approvers and analysts.

  • [Affirm] Fixed a session handling issue where using the Login ID step with two concurrent requesters in the same session incorrectly sourced multiple approvers.

  • [Affirm] Fixed an issue where document verification spoofing detection could evaluate an incorrect result value, leading to inaccurate spoofing outcomes.

  • [Affirm] Fixed broken links in the Advanced Customizations section of Control Center.

  • [Affirm] Fixed a minor display issue where styling was not applied to the Login ID field in Affirm workflows created via API.

  • [Enterprise Passkey] Fixed workstation unlock failures when using provisioned HID or IDEMIA smart cards.

  • [Enterprise Passkey] Fixed a UX issue where the fingerprint confirmation screen was not displayed after successful YubiKey Bio security key registration.

  • [Enterprise Passkey / Keycloak] Fixed an issue where Desktop SSO authentication returned an "Unexpected error" for users with Entra federation configured.

  • [Integrations / Okta] Fixed an issue where removing a user's last registered device did not update the user's status in Okta, leaving them incorrectly flagged as active.

Known Issues

  • [Adapt] After a cold start of the risk engine, such as after an upgrade, a blocked policy might not be applied.

  • [Authenticate] The HYPR Service does not always restart as intended after resuming from Modern Standby or hibernation, sometimes resulting in multiple restart attempts and network recovery failures.

  • [Control Center] Server still sends push notifications with incorrect proxy credentials.

  • [Enterprise Passkey / HYPR Passkey] [Unified Single Registration Experience for Enterprise Passkeys] For users with an existing registration created before upgrading to 11.1.0, the save-computer prompt may not appear on the HYPR Mobile App during pairing. To use saved-computer functionality, users need to reregister. This is a beta limitation and planned behavior in a future release is backward compatibility.

  • [Enterprise Passkey / HYPR Passkey] [Unified Single Registration Experience for Enterprise Passkeys] Locking the workstation immediately after saving the computer from the HYPR Mobile App can fail in some environments when there is no valid Windows session entry; a subsequent lock attempt typically succeeds.

  • [Enterprise Passkey / HYPR Passkey] Deregistering a HYPR Passkey from the HYPR Mobile App removes the workstation pairing from the mobile device, but it may not fully remove the associated workstation or web registration from Control Center and related integration records; administrators may need to clean up these registrations manually.

  • [HYPR Mobile App for iOS] The text below the logo on the home screen may still display "True Passwordless Security" instead of "Identity Assurance."

  • [HYPR Mobile App for iOS] Registration may continue without an alert when a future-dated version-enforcement policy is configured in Control Center.

  • [HYPR Passwordless for Windows] Some text on the Windows login screen may appear incorrectly under certain circumstances.

  • [HYPR Passwordless for Windows] If the YubiKey mini-driver is updated by HYPR Passwordless installer, a reboot is required.

  • [Integrations - Okta] The Enroll button may appear for Control Center administrators who are not in the Okta directory.

  • [Integrations - Okta] New integrations may fail to be added because of "Default Policy" errors.

  • [Integrations - OneLogin] Users who are already enrolled may still appear in the integration's User Directory in Control Center.