v1.3.16 - April 20, 2022

The following enhancements and bug fixes were deployed to the Next Identity platform.

Enhancements

Next Identity Journeys

⭐ Display the fingerprint button only after the device is registered

To improve user experience, the fingerprint button for passwordless authentication is hidden when the device hasn't been registered yet.

⭐ Passwordless Authentication no longer asks for an account

The Passwordless Authentication process no longer asks what device you are using, since this feature currently only supports platform authenticators.

⭐ Ability to use `recaptcha.net` for reCAPTCHA to support global use.

For clients that don't support google.com as the URL for reCAPTCHA admin service, they can now use recaptcha.net.

Next Identity API

⭐ Improved error response for malformed authorization header on calls to `/account/forgot-password` endpoint

Calls to the /account/forgot-password endpoint with malformed authorization headers now return 403 error response.

Bug fixes

Next Identity Journeys

✅ Login using my fingerprint button disappears when Google reCaptcha security error is displayed

Fixed an issue where the Login using my fingerprint button disappears when the reCaptcha security error message appears.

✅ Signout of all devices is not redirecting to app link if there is a defined redirect that is not whitelisted

Fixed an issue where the option to sign out from all devices doesn't redirect to the app_link defined link if the redirect_uri value is not whitelisted.

✅ Incorrect error message when current password is invalid and same as the new password

Fixed an issue where the wrong error message is displayed when the current password entered is invalid and is the same as the new password.

Next Identity API

✅ Unable to change password if password type other than password-bcrypt

Fixed an issue where current passwords that are not bcrypt-hashed fail to be changed.

✅ Having a Google Play Store link as `redirect_uri` value causes error

Fixed an issue where having a Google Play Store link as the redirect_uri value returns an invalid parameters error.

Enhancements

Next Identity Journeys

⭐ Display the fingerprint button only after the device is registered

⭐ Passwordless Authentication no longer asks for an account

⭐ Ability to use recaptcha.net for reCAPTCHA to support global use.

Next Identity API

⭐ Improved error response for malformed authorization header on calls to /account/forgot-password endpoint

Bug fixes

Next Identity Journeys

✅ Login using my fingerprint button disappears when Google reCaptcha security error is displayed

✅ Signout of all devices is not redirecting to app link if there is a defined redirect that is not whitelisted

✅ Incorrect error message when current password is invalid and same as the new password

Next Identity API

✅ Unable to change password if password type other than password-bcrypt

✅ Having a Google Play Store link as redirect_uri value causes error

⭐ Ability to use `recaptcha.net` for reCAPTCHA to support global use.

⭐ Improved error response for malformed authorization header on calls to `/account/forgot-password` endpoint

✅ Having a Google Play Store link as `redirect_uri` value causes error