Release v2.4.0 - January , 2025
Overview
This release introduces several major features and enhancements designed to improve user authentication and security, streamline admin reporting, and enhance system flexibility.
New Features
Authentication Profile:
We introduce the Authentication Profile feature in the login settings of our Auth application. This new capability streamlines the login experience by dynamically redirecting users to the appropriate login method based on their domain.
Key Highlights:
Domain-Based User Identification: The system identifies the user's domain during login.
Dynamic Redirection: Users are redirected to their respective login pages based on pre-configured settings:
Social Providers: Login via social authentication (e.g., Google).
Auth Classical Login: Standard login with username and password.
Passwordless Login: Secure login without a password, leveraging alternative authentication methods.
Benefits:
Seamless User Experience: Reduces friction in the login process by automatically determining the appropriate authentication method.
Improved Flexibility: Administrators can configure multiple authentication options tailored to user domains.
Enhanced Security: Users are directed to domain-specific, pre-approved authentication flows.
How It Works:
When a user enters their email address on the login page, the system identifies the domain
Based on the configured Authentication Profile, the user is seamlessly redirected to:
Social Provider Login (e.g., Google, Microsoft, etc.)
Auth Classical Login
Passwordless Login
WhatsApp Integration
We are introducing WhatsApp Integration as part of our Multi-Factor Authentication (MFA) settings. This enhancement allows users to leverage WhatsApp for 2-Step Verification, adding convenience and an additional layer of security to the authentication process.
Key Highlights:
WhatsApp as an MFA Option: Users can now receive verification codes via WhatsApp during the 2-Step Verification process.
Enhanced User Convenience: In addition to existing MFA options (e.g., SMS, Email), WhatsApp provides a seamless and widely used communication channel.
Improved Security: Strengthens authentication by offering another secure and trusted verification method.
Benefits:
User-Friendly Experience: Users can receive OTPs directly on their WhatsApp, eliminating reliance on SMS or emails.
Broader Reach: Allows global users to authenticate securely, especially in regions where SMS delivery may be unreliable.
Flexible MFA Options: Administrators can now enable WhatsApp as part of their organization's MFA policy.
How It Works:
Enable WhatsApp MFA: Administrators can configure WhatsApp as an MFA option in the MFA Settings under the Admin Portal.
User Enrolment: During MFA setup, users can select WhatsApp as their preferred 2-Step Verification method and verify their phone number.
2-Step Verification:
During login, users receive a verification code on WhatsApp.
Users enter the received code to complete the authentication process.
Export Option for Reports:
We are implemented the Export Option (Download Report) functionality across multiple pages in the Admin Portal. This feature enables administrators to easily download and analyze critical data in Excel format for streamlined reporting
Pages with the Export Option:
Search User Page:
Login Failure Report
Inactive User Report
Audit Trail Report
Enhancements
Token-Based Webhook Integration:
This modern approach enhances security by encrypting the webhook payload. The API key is not required in this method.
Configuration Steps:
During webhook configuration, choose JWT as the authentication type.
Map a server-to-server client to the webhook.
The client secret key is used to encrypt the request body, and the resulting encrypted payload is sent in the
User-Based Search:
We are introducing the User-Based Search functionality in the Audit Trail Reports. This enhancement allows administrators to efficiently search and filter activities for a specific user, enabling faster access to relevant information and improved system audit capabilities.
Last updated