❗️

High-Risk Update: Login and Token Endpoint Modifications for Enhanced Security

This update introduces backend changes to the login and token endpoints to enhance our security protocols and improve user interaction, but will not change the end user experience or the integration workflows for the service. We are actively monitoring the system post-release and have a 15-minute rollback plan ready to swiftly address any critical issues. Your immediate reporting of anomalies is crucial to ensuring platform stability and security.

The following changes are included in this release of the Next Identity platform.

Enhancements

Connect

• IDP Enhancements for Journeys Migration: Implemented necessary changes to the Identity Provider (IDP) to facilitate the migration of Journeys endpoints.
• Twilio API SMS Reception Feature: Developed a new snippet using the Twilio API to enable the reception of SMS messages, enhancing communication capabilities within our services.

Bug Fixes

Adopt

• Unable to Add Client: Resolved errors when adding a client, ensuring smooth client management.
• Editing Client Configuration: Fixed errors encountered while editing client configurations for a seamless experience.

Operate

• Secret Key Rotation Error: Fixed errors related to secret key rotation for improved operational efficiency.

Unify

• Token Request Error Fix: Addressed an issue where token requests from the Next Identity Console were returning an error message.
• User Deletion Status Bug Fix: Addressed issues with user deletion status, ensuring accurate account management.
• User Enumeration Error Handling Improvement: Improved error handling in the "Forgot Password" flow to enhance user experience.
• OTP Verification Enforcement Bug Fix: Fixed an issue to enforce OTP verification during sign-in, enhancing account security.