❗️

High-Risk Update: Login Endpoint Parameter & Console User Management Changes

This release introduces a new option in one of the Login endpoint parameters, along with updates to the user management feature in the console, including new roles and changes to the user flow. We are closely monitoring the system post-release and have a 15-minute rollback plan in place. Please report any issues immediately to ensure platform stability.

The following changes are included in this release of the Next Identity platform.

New Features

Operate

⭐ Introduction of Application Management View with Secret Rotation Capability

We’ve introduced the Application Management View in the Next Identity console, designed to give your application managers a focused and streamlined way to manage fully onboarded properties.

• Efficient management: Easily manage properties and clients through a simplified application view.
• Enhanced security: Rotate secrets for each environment with ease and review secret rotation history to strengthen your security.

Learn more about the Application Management View.

⭐ Enhanced Roles and Permissions with Granular Access

We’ve enhanced the Roles and Permissions feature in the Next Identity console, allowing console users to benefit from more granular access controls. This update supports organization-level restrictions — including company, organization, property, and client-level permissions — and environment-specific access controls.

• Granular control: Provide more precise access management for your console users across different levels (company, organization, property, client).
• Flexibility in environments: Adjust permissions based on your operational needs to ensure the right access at the right time.
• Simplified management: Streamline user management and increase security by ensuring users only access the resources they need.

To understand more about this update, explore our guide.

Unify

⭐ Authenticator App Support for 2FA

We’ve added support for Authenticator apps in Next Identity, allowing your application users to enhance their security with Time-based One-Time Passwords (TOTP).

• Boost user security: Provide an extra layer of protection for your application users.
• Flexible setup: Users can quickly configure 2FA with a QR code or setup key.
• More 2FA choices: An additional option alongside email and SMS for added flexibility in securing your users' accounts.

Learn more about the Authenticator App support.

Enhancements

Operate

• Export Settings Feature: Internal users can now export client-level settings through the Internal Settings screen, enabling easier impact analysis.

Unify

• Google and Apple Social Login Support: Enabled integration of Google and Apple social login for external applications, allowing them to manage the social login workflow and create users via the Next Identity API. Learn more about this API.

Bug Fixes

Operate

• Property Filter Misalignment on Environment Switch: Fixed an issue where the Property filter on the Inventory Screen was not properly updating when switching environments.
• Filter Fields Misalignment After Angular Update: Resolved an issue where filter fields on the Inventory Screen were incorrectly aligned to the left after an Angular update.

Unify

• Error During Mobile Number Registration in B2B: Fixed an issue where users encountered an error while registering a new account in B2B apps, preventing SMS delivery and proper account creation flow.
• Social Merge Issue Across Providers: Fixed an issue preventing the social merge feature from associating social accounts with existing user records.
• Client ID Permission Error During User Registration: Resolved an issue where users encountered a permission error message when submitting the registration form.
• Missing en-US Translation Keys Restored: Re-added translation keys that were mistakenly removed, ensuring proper email subject and message translations for user notifications.
• Duplicated Translation Key Removed: Resolved an issue where a duplicate translation key was present, ensuring the correct translation is used.
• Invalid Input Error During Self-Registration for Existing Users: Fixed an issue where users encountered an error message during self-registration when using locales other than en-US.
• Missing Client ID Logic Fix: Resolved an issue where client_id was not fetched from the Basic Authentication header or token when the request body was empty.

General

• Host Resolution Cache Issue: Fixed a problem where host resolution assigned incorrect environment ID and failed to update the remote cache, requiring a service restart.