8.7.0 Release Notes
HYPR 8.7.0 is an Enterprise Channel Release.
The Enterprise Release Channel caters to customers requiring a less frequent cadence of upgrades, specifically on a quarterly basis, thereby allowing them more time to adapt and implement changes without disrupting their business operations.
The Standard Release Channel is designed for customers who are equipped to accommodate monthly updates, providing regular and more frequent access to new features and improvements. All Standard Release features are available in the next scheduled Enterprise Release.
Minimum Supported Versions
| Release Date | Product/Version | Platform | Notes |
|---|---|---|---|
| December 6, 2023 | HYPR Passwordless for Windows 8.7.0 | Windows (10, 11) | Reboot required if upgrading from 7.6 or below; Security Key Support for Yubikey 5 Plus and Feitian ePass K9 Plus, K40 Plus and their offshoots |
| December 6, 2023 | HYPR Passwordless for Mac 8.7.0 | macOS (High Sierra, Mojave, Catalina, Big Sur, Monterey, Ventura) | Security Key Support for Yubikey 5 Plus and Feitian ePass K9 Plus, K40 Plus and their respective offshoots |
| December 6, 2023 | HYPR Mobile App for Android 8.7.0 | Android 8.0+ | |
| December 6, 2023 | HYPR Mobile App for iOS 8.7.0 | iOS 12.4+ | |
| December 6, 2023 | HYPR Server 8.7.0 | Server | Upgrade to 7.10 required before upgrading to 8.0.0 or higher |
| December 6, 2023 | HYPR Android SDK 8.7.0 | Android 8.0+ | |
| December 6, 2023 | HYPR iOS SDK 8.7.0 | iOS 12.4+ |
All HYPR components are fully compatible across the three previous/subsequent minor (X.X) HYPR releases.
New Features
Early Release: [HYPR Mobile App - Both; HYPR SDK for Android; HYPR SDK for iOS]
Bluetooth/Bluetooth Low Energy (BLE) and WiFi Support for Enterprise Passkey for Entra on Windows 10
Both Android and iOS devices can now pair and authenticate via a Windows 10 workstation using Bluetooth/BLE radio or using the same WiFi network as the workstation. If enabled, HYPR will offer users the choice between Bluetooth and WiFi connections to complete an Enterprise Passkey pairing or authentication.
[Control Center - HYPR Adapt] HYPR Adapt Is Now Administered in Control Center
HYPR's risk engine, HYPR Adapt, is now available in the Control Center Standard left navigation menu, and can be enabled or disabled using a toggle on the linked page.
[HYPR Mobile App - Both; HYPR Passwordless - Both] HYPR Enterprise Passkey for Entra now accounts for multiple devices or workstations for a single user
HYPR Enterprise Passkey for Entra now accounts for the user's FIDO2 username possibly differing from the HYPR QR code pairing username, thereby allowing for multiple devices and to be registered on the same account.
[HYPR Passwordless for Windows] Support for YubiKey Bio Security Keys
Yubikey Bio security keys can now be used for HYPR Passwordless authentication at the workstation. See Supported Platforms for a full list of supported cross-platform security keys.
Enhancements
- [Control Center] Signals now are recorded in Audit Trail Events
- [Control Center - Integrations] General improvements to SAML messages security
- [HYPRspeed] Desktop SSO support for web username aliases
- [HYPRspeed] Desktop SSO status endpoint now returns the username requested by the web
- [HYPR Mobile App for Android; HYPR SDKs for Android; HYPR Mobile App for iOS; HYPR SDK for iOS]
Send location signals from the mobile during HYPR Passwordless Unlock
Events
MACHINE_SIGNAL_RECEIVEDhas been added to the list of Events to handle machine signals from the API endpoint/rp/wsapi/signal; it is comparable toDEVICE_SIGNAL_RECEIVED, which handles similar data for devices- The following Risk Engine (HYPR Adapt) Events have been added:
ADAPT_POLICY_EVALUATIONADAPT_CREATE_POLICYADAPT_UPDATE_POLICYADAPT_DELETE_POLICY
See Event Descriptions for a list of all HYPR Events and parameters.
Error Messages
- 1201086-1201089: Errors related to the HYPR Adapt risk engine.
- 1207xxx: Identity Verification Services Errors
- 1208xxx: HYPR Certificate Authority Services Errors
- 1030014-1030018: Enterprise Passkey Error Codes
To see all HYPR errors by component, see HYPR Error Codes Troubleshooting Tables.
APIs
- The originating HYPR version has been added to each API call
- [Signals API]
[/rp/wsapi/signal](https://www.postman.com/hyprcorp/workspace/hypr-s-public-workspace/request/20355028-98261147-c0ba-4b47-8064-d2879ad7c221)has been added to handle workstation signal data - [FIDO2 RP API] The default value for the
transportsattribute in the/fido2/assertion/optionsResponse Body has been changed to an empty set; and thetransportsattribute is now astringdata type /rp/deviceapi/settingsobjectserverConfignow includes awhiteLabelUrlsarray containing string values of other acceptable names for the Control Center server- Control Center Users calls controlling individual RP Application user authenticator locked state (
/cc/api/user/lockand/cc/api/user/unlock) have been moved under RP Applications > User Management > Authenticator /rp/api/certificate/and dependent calls have been relocated under RP Applications > Workstation > Certificates
You can find detailed descriptors of these and other API calls in HYPR's full Postman API set here.
Upcoming Changes
HYPR Adapt (Beta)
Create risk-based authentication adaptation for your HYPR users. Limit login frequency and control how long they are resultingly blocked.
Future versions of HYPR Adapt will adapt to behavioral changes such as:
-
Sudden change of location
-
Shifts in the time of authentication compared to established patterns
-
Country deny lists
Watch this space for updates as HYPR Adapt evolves.
HYPR Branding Changes
You may have noticed HYPR content shifting to include a fingerprint theme; likewise, we are changing some of our product names to standardize their labeling. Some are still the old familiar titles you know and love.
We've included the full list of products and features that will be included under the grouping, HYPR Authenticate. HYPR Authenticate includes the suite of components that make up the HYPR system: Control Center (including Integrations and Plugins), HYPR Passwordless, the HYPR Mobile Apps, and the SDKs.
| New HYPR Name | Legacy HYPR Server Name |
|---|---|
| HYPR Cloud | HYPR Cloud |
| HYPR ON Prem | HYPR On Prem |
| RADIUS | HYPR RADIUS Server |
| New HYPR Name | Legacy HYPR Mobile App Name |
|---|---|
| HYPR for iOS | HYPR Mobile App for Android |
| HYPR for Android | HYPR Mobile App for iOS |
| HYPR Enterprise Passkey | HYPR FIDO2 Mobile Authenticator |
| New HYPR Name | Legacy HYPR Workforce Access Client Name |
|---|---|
| HYPR Passwordless for Windows | HYPR Workforce Access Client for Windows |
| HYPR Passwordless for Mac | HYPR Workforce Access Client for Mac |
| New HYPR Name | Legacy HYPR SDK and API Names |
|---|---|
| HYPR SDK for iOS | HYPR SDK for iOS |
| HYPR SDK for Android | HYPR SDK for Android |
| HYPR SDK for Golang | HYPR SDK for Golang |
| HYPR SDK for Java | HYPR SDK for Java |
| HYPR SDK for JavaScript | HYPR SDK for JavaScript |
| HYPR SDK for Python | HYPR SDK for Python |
| HYPR Server APIs | Server API |
| New HYPR Name | Legacy HYPR Integration Name |
|---|---|
| HYPR for Okta | Okta |
| HYPR for Workspace | Google Workspace |
| HYPR for OneLogin | OneLogin |
| HYPR for Azure | Azure |
| HYPR for Ping DaVinci | Ping DaVinci |
| New HYPR Name | Legacy HYPR Feature Name |
|---|---|
| HYPRspeed | Desktop SSO |
| New HYPR Name | Legacy HYPR Plugin Name |
|---|---|
| HYPR for AD FS | AD FS |
| HYPR for Ping Federate | Ping Federate |
| HYPR for SiteMinder | SiteMinder |
| HYPR for ForgeRock | ForgeRock |
Bug Fixes
- [Control Center - FIDO2] Authentication for unknown AAGUIDs is successful
- [Control Center - HYPR Adapt] Updating an existing policy no longer generates a 500 error on the server
- [Control Center - Integrations] Alias support is no longer case-sensitive
- [Control Center] In the API logging response extra double quotes are no longer added; previously this adversely affected intake of the data
- [Control Center] RP application deletion cascading for
UAFTransactionhas been corrected - [Control Center] Server returns correct error codes (400/500) in response when the properties are tampered with in the install token exchange request
- [HYPR Passwordless for macOS] Audit Trail Event names have been consolidated into a single source file for better accounting
- [HYPR Passwordless for Windows] Quotation marks have been added to the Bonjour service path
- [Platform - Keycloak] QR code authenticator fixed
- [Platform - Keycloak] Keycloak now creates cookies for usernames
Known Issues
There are currently no outstanding Known Issues.