Skip to main content

9.7.1 Release Notes

HYPR 9.7.1 is a patch to the 9.7.0 Enterprise Channel Release.

The Enterprise Release Channel caters to customers requiring a less frequent cadence of upgrades, specifically on a quarterly basis, thereby allowing them more time to adapt and implement changes without disrupting their business operations.

The Standard Release Channel is designed for customers who are equipped to accommodate monthly updates, providing regular and more frequent access to new features and improvements. All Standard Release features are available in the next scheduled Enterprise Release.

New Section

To enable our customers to be more proactive in anticipating industry changes that affect HYPR architecture and topology needs, we have created the Breaking Changes section of the Release Notes. This section may be updated after the GA Release as information becomes available to HYPR.

Minimum Supported Versions

Release DateHYPR ProductMinimum RequirementNotes
Jan 7, 2025HYPR Passwordless for Windows 9.7.1Windows (10, 11)Reboot required if upgrading from 7.6 or below; Security Key Support for Yubikey 5 Plus and Feitian ePass K9 Plus, K40 Plus and their offshoots
Jan 7, 2025HYPR Passwordless for Mac 9.7.1macOS (High Sierra, Mojave, Catalina, Big Sur, Monterey, Ventura, Sonoma 14.1 [not 14.0])Security Key Support for Yubikey 5 Plus and Feitian ePass K9 Plus, K40 Plus and their respective offshoots
Jan 7, 2025HYPR Mobile App for Android 9.7.1Android 8.0+
Jan 7, 2025HYPR Mobile App for iOS 9.7.1iOS 12.4+
Jan 7, 2025HYPR Server 9.7.1Java Development Kit (JDK) 17+Upgrade to 7.10 required before upgrading to 8.0.0 or higher
Jan 7, 2025HYPR SDK for Android 9.7.1Android 8.0+
Jan 7, 2025HYPR SDK for iOS 9.7.1iOS 12.4+
Jan 7, 2025HYPR SDK for Java 9.7.1Java Development Kit (JDK) 17+
Backward Compatibility

All HYPR components are fully compatible across the three previous/subsequent minor (X.X) HYPR releases.

Enhancements

  • [Adapt] Store OAuth2 CrowdStrike API Key in Adapt for calls

  • [Adapt] Evaluation Points diagrams have been added for clarity

  • [Affirm] Add SMS reference data

  • [Affirm] Configure rate limits

  • [Affirm] Include country calling code in the Events

  • [Affirm] Use the latest pinpoint SDK (version 2)

  • [All HYPR] Use the same traceId for the registration process

  • [Control Center; API] Block or throttle selected Control Center calls

  • [Control Center] Consistent server request logging

  • [Mobile App - Both] QR Code handling of additional parameter: qrpayload

  • [Passwordless - Both] Mitigate workstation Audit call flood

  • [Passwordless - Both] Workstation status warm session cache needs optimization

  • [Platform] Prevent spikes during metadata expiry checks

Events

  • [Events] Standardize Event information requirements

  • [Events] FIDO_ONLY_AUTH and FIDO_ONLY_REG attempts now each have an associated COMPLETE Event

  • [Events] Fixed: Saving Event failure should not fail flows

See Event Descriptions for a list of all HYPR Events and parameters.

Errors

  • [Errors] Fixed: DBMigration service logs should use the 'Info' log level instead of the 'Error' log level

To see all HYPR errors by component, see HYPR Error Codes Troubleshooting Tables.

APIs

  • [API] Enhance API tokens traceability

  • [API] Move security key last used date to batching

You can find detailed descriptors of these and other API calls in HYPR's full Postman API set here.

Upcoming Changes

HYPR Documentation Reorganization In the 10.x series, HYPR Documentation will undergo minor but still notable changes in the way articles are grouped. Instead of adhering to the legacy format mirroring the UI layouts, based on feedback from customers, we are making accommodations in an attempt to better reflect the user's journey.

Bug Fixes

  • [Adapt] Fixed: CrowdStrike IdP Policy: Policy evaluation failed due to error 'failed to create policy evaluation context'

  • [Adapt] Fixed: CrowdStrike policies: allowed=true when unable to obtain score

  • [Adapt] Fixed: Add Bulk API call to cover CrowdStrike ZTA machine status for user web calls

  • [Adapt] Fixed: Crowdstrike IdP Policy evaluation IDP score check is not working as expected

  • [Adapt] Fixed: Signal Handlers: TOR Data Collector handler times out when a signal is triggered

  • [Adapt] Fixed: CrowdStrike ZTA policy: previously generated STORED_API_ZERO_TRUST_ASSESSMENT is not being used for policy eval

  • [Adapt] Fixed: CrowdStrike ZTA policy: Fire INBOUND_EVENT_HOOK whenever ZTA score is manually retrieved

  • [Affirm] Fixed: A blank page appears because of a React error when the user selects a value from the Type dropdown in the Affirm Approver Management page

  • [Affirm] Fixed: Add better logging to Affirm for production releases

  • [Affirm] Fixed: Code Customizations: ACCEPT and CONTENT\_TYPE headers being appended twice

  • [Affirm] Fixed: Results API returns query when invalid/nonexistent workflowId is provided

  • [Affirm] Fixed: Switching the approver to HYPR from Manager is not accepting emails and texts

  • [API] Fixed: /rp/wsapi/securitykey/updatepinreset returns 200 with invalid existingPuk

  • [Control Center - Integrations] Fixed: HYPR Enterprise Passkey: Double user presence (UP) prompt periodically occurs during authentication

  • [Control Center - Integrations] Fixed: HYPR Enterprise Passkey: Unexpected signature counter received

  • [Control Center - Integrations] Fixed: Okta: Two users with same email, only one is able to register with HYPR

  • [Control Center] Fixed: Adding a CC admin user shows on both registered and pending tables

  • [Control Center] Fixed: After successful registration on mobile using passkey, the passkey is not displayed

  • [Errors] Fixed: Remove Error Codes for successful Event logs

  • [Events] Fixed: deviceId is null in Event logs when other device data is known

  • [Mobile App for iOS] Fixed: Web-to-workstation QR Scan to Login fails with 1202006

Known Issues

  • [HYPR Mobile App for iOS] The text below the logo on the home screen still says "True Passwordless Security" and has not been updated to "Identity Assurance"

  • [HYPR Passwordless for Windows] HYPR displays an error when a paired Yubikey Bio MPE has the maximum number of fingerprints stored already

  • [Control Center] Server still sends push notifications with incorrect proxy credentials

Breaking Changes

Android Configuration (Migration from 8.7.X to 9.1.X)

  • Project-wide:

    targetSdk 33 -> 34
    minSdkVersion 23 -> 26
    kotlin version  1.7.22-> 1.9.20

  • gradle-wrapper.properties:

    https\://services.gradle.org/distributions/gradle-7.6-bin.zip -> https\://services.gradle.org/distributions/gradle-8.4-bin.zip

  • project:build.gradle:

    kotlin version  1.7.22-> 1.9.20
    com.android.tools.build:gradle:7.2.2 -> com.android.tools.build:gradle:8.1.4
    com.google.gms:google-services:4.3.14 -> com.google.gms:google-services:4.4.0
    com.guardsquare:dexguard-gradle-plugin:1.3.24 -> com.guardsquare:dexguard-gradle-plugin:9.4.21

  • app:build.gradle:

    • Implementation:

        androidx.appcompat:appcompat:1.5.1 -> androidx.appcompat:appcompat:1.6.1
        com.google.android.material:material:1.7.0 -> com.google.android.material:material:1.10.0
        androidx.lifecycle:lifecycle-process:2.5.1 -> androidx.lifecycle:lifecycle-process:2.6.2
        com.google.code.gson:gson:2.10 -> com.google.code.gson:gson:2.10.1
        org.apache.commons:commons-lang3:3.12.0 -> org.apache.commons:commons-lang3:3.13.0
        com.google.mlkit:barcode-scanning:17.0.0 -> com.google.mlkit:barcode-scanning:17.2.0
        androidx.core:core-ktx:1.9.0 -> androidx.core:core-ktx:1.12.0
        androidx.lifecycle:lifecycle-viewmodel-ktx:2.5.1 -> androidx.lifecycle:lifecycle-viewmodel-ktx:2.6.2
        org.jetbrains.kotlin:kotlin-stdlib-jdk7:1.7.22 -> org.jetbrains.kotlin:kotlin-stdlib:1.9.20
        com.google.firebase:firebase-messaging:23.1.0-> com.google.firebase:firebase-messaging:23.3.1

    • annotationProcessor:

      androidx.lifecycle:lifecycle-common-java8:2.5.1 -> androidx.lifecycle:lifecycle-common:2.6.2

  • You might need to add this (depending on your setup) in app:build.gradle:

    android {
      ...
          compileOptions {
              sourceCompatibility = JavaVersion.VERSION_1_8
              targetCompatibility = JavaVersion.VERSION_1_8
          }
          kotlinOptions {
              jvmTarget = "1.8"
          }
      ...
    }