Airlock IAM 7.7 - Changelog

The following tables show all the changes from Airlock IAM 7.6 to 7.7.

If not noted otherwise, Loginapp listed features are only available for the Loginapp REST UI and the Loginapp REST API (but not for the JSP-Loginapp).

The change log also includes the changes to the Loginapp REST UI SDK. For older versions, they were kept on separate pages.

Airlock IAM 7.7.1

Bugfixes and improvements

Bugfix

AI-16441

Security update for Apache Tomcat.

Bugfix

AI-16487

Security update for Apache Commons Text.

Bugfix

AI-16491

Flow Visualizer correctly handles flows with multiple identical plugins.

Bugfix

AI-16496

Security update for Java JDK.

Bugfix

AI-16522

Support for reporting to Elasticsearch version 8.

Airlock IAM 7.7

Authentication flows

New

AI-15996

Default step UI for user identification step.

New

AI-16077

Authentication step to check password without username input.

New

AI-13467

Kerberos/SPNEGO authentication step. See Front-Side Kerberos configuration in the Loginapp REST API.

New

AI-13514

Risk-based authentication for authentication flows. See Risk-based authentication in the Loginapp REST API/UI.

New

AI-15901
AI-15909

Risk extraction based on Airlock Gateway's client fingerprinting.

New

AI-15833

Risk extraction based on Airlock Gateway's Anomaly Shield.

New

AI-15693

HTTP Basic Authentication Step.

New

AI-14039

New Email OTP authentication step with support for language-dependent message templates.

New

AI-14445

SAML 2.0 SP support in authentication flows. See SAML SP setup with the Loginapp REST API.

New

AI-13473

Option to lock user based on Airlock Gateway's client fingerprinting. See Client fingerprinting-based lockout.

New

AI-13446

Voluntary password change step for authentication flows.

New

AI-3747

Cronto Digipass online activation.

New

AI-15773

Limited support for the Office Form Based Authentication Protocol (MSOFB) with flows and Loginapp UI. See MS-OFBA configuration for the Loginapp REST UI.

New

AI-16001

Remove flow tags if roles are dropped by Airlock Gateway.

Improvement

AI-13301

Airlock 2FA factor used during login process is now available in identity propagation.

Bugfix

AI-15927

SAML 2.0 SP: accept SAMLResponses with multiple attributes with same name.

Self-registration

New

AI-12474

Airlock 2FA device activation in self-registration flows.

New

AI-15756

SMS resend for phone number verification during self-registration.

New

AI-15739

Improved control over user locking during self-registration.

New

AI-15878

Fixed password handling when using multiple persisting steps in self-registration flows.

New

AI-15764

Fixed phone number uniqueness check in self-registration. Public Self-Services.

Public self-services

New

AI-13448

Public self-service to handle links from verification emails. Emails can be sent from self-registration, public self-services, and Adminapp. See Using the Flow Continuation Step in public self-service flows.

New

AI-15763

Device Token-based identification for public self-service flows.

New

AI-16396

New steps to delete all active OAuth sessions and/or remembered browsers/devices. May be used in public self-services, protected self-services, and authentication flows, e.g., after setting a new password.

Protected Self-Services

New

AI-14778

Self-service for management of logged-in devices. See Browser/Device Management Self-Service (Remember-Me).

New

AI-13544

Activation step for OneSpan DIGIPASS OTP tokens. See Digipass OTP device activation (protected self-service).

New

AI-13573

Account lock self-service. See Lockout Self-Service in the Loginapp REST API/UI.

Improvement

AI-14481

Logout link in the header of Loginapp REST UI.

Improvement

AI-15946

Device token information REST endpoint returns last token usage.

Loginapp Miscellaneous

New

AI-13449

CAPTCHAs for Loginapp REST UI (self-registration, public self-services, User Identification Step). See e.g. CAPTCHAs in the Loginapp REST API/UI.

New

AI-13443

Password repository for password check via RADIUS.

New

AI-15062

"On-behalf login" flow identity propagator (new plugin On Behalf Login Identity Propagation).

New

AI-13077

Support for end-to-end encryption in Loginapp REST UI (REST API was already available in earlier versions). See Password end-to-end encryption configuration in the Loginapp REST API.

Improvement

AI-14067

Support for multiple transaction approval flows. See Transaction approval flow selection.

Improvement

AI-15500

Roles provider-based on delimiter-separated strings.

Improvement

AI-15787

Loginapp UI translations can depend on the tenant ID.

Improvement

AI-14506

Loginapp REST UI translation can reference additional attributes from step responses.

Improvement

AI-15862

Logout actions can depend on Gateway's session termination reason.

Improvement

AI-13264

Multi-file Support for iam-custom.js in Loginapp REST UI SDK.

Improvement

AI-14401

Added logout link to protected self-services pages.

Improvement

AI-16104

UI tenant ID (OAuth / SAML) can be used to select translations.

Bugfix

AI-16160

Fixed handling of Gateway session timeouts. (CASE-33195)

Bugfix

AI-14657

Fixed "on failure" handling in Loginapp REST UI.

Table: Miscellaneous

New

AI-15021

Visualizer for flow configurations in Config Editor. See Flow step plugins in IAM flows.

New

AI-14011

New handler for sending SMS event notifications. See new plugins SMS Event Subscriber (Loginapp) and SMS Event Subscriber (Adminnapp).

New

AI-15967

New event published upon phone number change.

New

AI-11872

Support Swisscom's SMS REST API. See new plugin Swisscom REST SMS Gateway.

New

AI-16373

Config Editor lists plugins to be removed in IAM 8.0 if a corresponding plugin list file is present in the installation folder.

Improvement

AI-16154

Language source for event notifications is now configurable.

Improvement

AI-15882

New set of plugins to authenticate REST clients in Loginapp, Adminapp, and Transaction Approval REST APIs. Support for Client certificates, HTTP Basic Auth, OAuth, SSO Tickets. See Authentication of REST requests.

Bugfix

AI-15895

Include filter parameters in Adminapp JSON API response links.

Bugfix

AI-15170
AI-15811

Failed configuration activations report failure upon fallback to the previous configuration. (CASE-32430)

Bugfix

AI-15499

Fixed transformation of empty context data in XML File Importer.