Workforce Access 6.2.0

Summary of Changes

HYPR's July release introduces new features for the Workforce Access experience including magic links for user registration, offline mode and other improvements to the Mac client, and much more.

The release also brings significant improvement to end user and support desk troubleshooting. HYPR has expanded on the granularity and messaging of error codes shown to the user, making it easier for a support team to provide resolution steps and improving the chance an end user may not need help at all.

In addition to this, the release brings several UI and bug improvements to previously released capabilities around FIDO2 Webauthn, Security Key login, and the web-based Device Manager.

Lastly, HYPR has synchronized release numbering and compatibility assurance. Monthly releases will have mobile, workstation and server versions synchronized. This time: 6.2.0, next month: 6.3.0. HYPR ensures forward and backward compatibility with 3 prior releases across all components.

Server & Workstation

Magic Link for Registration

Control Center admins are now able to generate magic links which can be provided to an end user for web registration with the Device Manager. Admins can provide this information directly to end users and audit trail logs each time an admin generates a magic link along with detail of the generated request such as username and other system management information.

Expanded FIDO2 Integration

Admins can now configure FIDO2 Webauthn to provide authentication for end users via Keycloak.

Mac Offline Mode

Offline mode is now available to users of the Mac client, bringing feature parity of this capability to all Workforce Access users. Mac users can now authentication on their mobile app to reveal an offline mode PIN which can be entered on a paired workstation to unlock the computer.

Mac Audit Trail and Licensing Update

Audit trail for the Mac brings parity with the experience on Windows OS today. Control Center admins can now view user activity and improve troubleshooting of Mac Workforce Access users. Licensing Update for the Mac now provides users with an improved licensing flow which does not require the previous use of a separate license server provisioned and managed by HYPR. This improves the overall service level coverage and reduces dependencies in new user device pairing.

Enhanced Passwordless Login for Control Center

Admins can now configure a Control Center admin app used for OIDC login to the control center, providing for a True Passwordless login experience to for Control Center users.

Improvements

• Performance tuning continues to be an important focus of the team in this release, raising the number of concurrent and max load connections and improving overall latency and variance.
• Audit trail now reflects Workstation operating system version and version number in common format.
• Audit trail now reflects error code in Control Center UI in standalone field.
• Tooltip text color updated to improve visibility.
• App icon & Favicons updated to latest branding.
• Updated mac "hyprunlock" in residual location to Workforce Access.
• Improved Control Center UI on disable toggle for FIDO2 and populating default URL.
• Updated Device Manager UI inconsistencies including missing help link on certain pages, centered UI elements, success screens, copywriting.
• Updated Security Key removal steps in Control Center UI
• Cookie timeout is now configurable vs. default of 10 minutes.

Bug Fixes

• Resolved a pagination issue in the Audit Trail where selecting any page would break search parameters.
• Resolved a bug in macOS where a user with multiple accounts could log in to either under certain conditions.
• The Audit Trail now captures an event when there is a failure to unpair a security key.
• The Audit Trail event removes excess unaffiliated data of security keys.
• Resolved a bug in which failing to pair a device would prevent subsequent pairing security key.
• Resolved an issue in the Device Manager which prevented registration on Microsoft Edge & Internet Explorer browsers.
• Resolved an issue in the Device Manager around the display order of multiple devices.
• Resolved an issue in the Device Manager where clickable items did not show a pointer cursor.
• Resolved an issue in the Control Center where logging in with invalid credentials would lead to redirection to a login page instead of a failed error message.

Mobile Apps

Error Code Granularity (Android & iOS)

End user experience and admin troubleshooting are greatly improved in this release with the expansion of unique error codes for server generated errors. This improves the root cause analysis of an end user issue and enables greater customization of error messaging to provide end users with remediation steps. More details available here.

Actioning Push Notifications by Opening App Directly (Android now at parity with iOS)

End users who are used to opening their apps directly rather than clicking on a Push notification for an incoming authentication will be able to see the incoming request and complete authentication. Previously, the end user would have to select the push notification even if they subsequently opened their HYPR app.

Support Email Enhancement (Android now at parity with iOS)

Users selecting support to provide information to their support desks can now copy to clipboard in the event that no email client is configured on the device. A user can then paste this information to a notepad or web screen and provide support desks with information verbally including DeviceID, relying party app information and more.

Offline Mode as Bypass Method (Android now at parity with iOS)

End users can now make use of Offline Mode authentication even in the event that a workstation is unlocked. This improves the range of options available to an end user when troubleshooting or in the event of a workstation unlock issue.

Bug Fixes & Improvements:

• Fingerprint authenticator screen on Android is now black background again.
• Warning for deleting a workstation on the mobile app now uses UI text defined on control center.
• Resolved success checkmark overlapping on certain Android devices.
• Resolved complete message display issue on successful transaction.
• Improved iOS email support to display gmail or native iOS mail app client when both are available.
• Improved iOS cleanup operation in the event that user has removed all paired accounts.
• Android 'native' authenticator icon is updated to new device.
• Android now updates status for all machine types to include web and not only workstations.
• iOS now includes a localizable.strings file containing all strings from the iOS SDK.
• iOS now uses the latest versions of xcode and ixguard.