❗️

High-Risk Update: Log Security and Account Recovery

This update removes additional sensitive data from logs and enables support agents to unpair authenticator apps for account recovery. Please report any issues immediately to ensure platform stability.

🌟

Highlights

This release includes key updates to enhance security, usability, and foundational support for future capabilities:

• Next Identity Vault: Introduced a simplified user storage solution with seamless setup, flexible configurations, and no need for an external database.
• Enhanced Environment Usability: Improved environment and client display in the Application Management View, and added a comment field for audit tracking in secret rotation.
• Notable Bug Fixes: Resolved issues including missing acr and amr values in ID tokens, biometrics registration prompts, and improved error handling for mobile number registration.

The following changes are included in this release of the Next Identity platform.

New Features

⭐ Next Identity Vault: Simplified User Storage Solution

We’ve launched Next Identity Vault, an out-of-the-box solution for storing your application users — no external database or identity provider required.

• Seamless setup: Quickly create a Vault instance with default configurations.
• No database needed: Perfect for applications without an existing database or identity provider.
• Flexible options: Connect to an external database and customize field mappings if needed.

This streamlined solution makes it easier to store, manage, and grow your application user base.

Enhancements

Operate

• Enhanced Environment and Client Display in Application Management View: Improved client and property display by removing verification restrictions and ensuring unique client entries across environments. Environment tabs now respect user permissions, displaying only accessible environments.
• Customer Logo and Name Added to Left Menu: Updated the Application Management View to display the customer’s logo and name in the left-side menu, enhancing clarity and alignment with the existing design.
• Comment Field Added to Secret Rotation Modal: Introduced a comment field in the Secret Rotation modal to enable audit tracking, improving visibility and accountability for rotation actions.
• Updated User Hosted Journeys Design with Edit Profile Action: Redesigned the component layout and enabled the "Run" and "Edit" actions for Edit Profile in supported environments, enhancing usability.
• Unpair Authenticator App via Support Agents: Enabled Support Agents to unpair authenticator apps from customer profiles, helping users regain account access when their authenticator app is inaccessible.

Unify

• Sensitive Information Redacted in Logs: Enhanced log security by removing PII data from request bodies. Logs now only display the uuid where applicable, ensuring sensitive information is protected.
• Seamless Registration for Existing Users: Enhanced the pre-register flow to automatically send invitation emails/SMS to existing users, enabling them to log in with their credentials, reducing manual intervention for admins.

Bug Fixes

Operate

• Onboarding Message Display Issue Resolved: Fixed an issue where users incorrectly saw an onboarding message when accessing client details via the Operate > Clients menu, ensuring consistent client visibility.
• Environment Visibility Fixed in Client Details: Resolved an issue where users with access to all environments could not see uncreated environments. A message now indicates when an environment is not yet available.

Unify

• Improved Error Messaging for Invalid Phone Numbers: Fixed an issue where logging in with an invalid phone number format returned a misleading security error. Users now receive a clear "Invalid Number" message.
• Favicon Load Error Resolved: Fixed an issue where a 403 error was returned when loading the favicon for custom-branded applications, ensuring the favicon loads correctly without errors.
• Biometrics Registration Prompt Fixed: Resolved an issue where enabling Passwordless/Biometrics after selecting "Maybe Later" did not prompt users to register biometrics, ensuring proper setup from the Profile Screen.
• Callout Card Notification Issue Resolved: Fixed an issue where incorrect passwordless notifications appeared on the callout card during mobile number changes, ensuring messages align with the relevant actions.
• Missing acr and amr Values in ID Token Resolved: Fixed an issue where acr and amr values were not included in the ID token response, ensuring complete and accurate token information.
• Redirect Issue After Password Reset Resolved: Fixed an issue where users were not redirected back to the app after resetting their password, ensuring a seamless user experience.
• Incorrect Congratulations Message Fixed: Resolved an issue where the passwordless congratulations message appeared when enabling or disabling 2FA, ensuring it only displays when biometrics are enabled.
• Error Handling Improved for Mobile Number Registration: Resolved an issue where users encountered a 500 error when registering a mobile number that did not match their IP. An appropriate error message is now displayed.