The following table provides information about the availability of JSP-Loginapp features in the Loginapp REST UI and high-level migration hints (where available).
Information about the availability of upcoming releases is indicative and subject to change.
Please note the additional information on discontinued functions (see link below).
Feature | Version | Description and migration hints |
|---|---|---|
Combination of 1st and second factors | 7.1 | Combination of 1st and second authentication factors.  Migration hint Combine corresponding authentication steps in the authentication flow. Examples:
|
User selects 2nd factor | 7.1 | If multiple available, the user selects 2nd factor. Migration hint Use the Selection Step in the authentication flow. If more than one selection option is available (depending on the configured conditions) or if the property Auto Select Only Option is disabled, the end-user has to choose the option to use. |
Remember last user selection | 7.3 | Remember the option selected by the user and store this information. The stored selected option is checked when the end-user is asked to choose an option the next time. Migration hint Use the property Last Selection Repository in the Selection Step. |
Auth method selects 2nd factor | 7.1 | The authentication method stored in the user repository chooses the 2nd authentication factor. Migration hint Use the Selection Step in combination with the Active Authentication Method condition. |
Stealth mode | 7.3 | Do not give away information about which factor failed and protect against user name enumeration. Migration hint Use the check box Prevent User Enumeration in the Authentication Flow. The Loginapp REST UI only supports username enumeration protection. There is no more simulation of second factors. |
Credential-based 2nd-factor selection | 7.3 | By entering a configured keyword (e.g. SMS) instead of an OTP token, the end-user can change the 2nd factor during the login process. Migration hint Switching to different authentication steps can be achieved by displaying buttons (with goto-targets in the REST API) in conjunction with selection. Example with two 2nd factors:
Note that both involved authentication steps must have a Step ID configured. |
Role-based 2nd-factor selection | 7.3 | The end user's set of roles determines the selection the second factor Migration hint Use the Role-Based Tag Acquisition Step to convert roles to tags (if required). In the Selection Step use the Has Tag condition to select the corresponding 2nd-factor flow. |
Display last login timestamp (AI-13510) | 7.5 | Display timestamp of last login after the first authentication step. Migration hint Enable the feature in the authentication flow's Default Authentication Processor. If using the Custom Flow Processors plugin instead, add the plugin Latest Authentication Feedback Processor to enable the feature. |
Feature | Version | Description and migration hints |
|---|---|---|
Step-up authentication | 7.1 | Ask only for 2nd factor if a previous authentication process already verified the first factor. Migration hint Use two separate Authentication Flows (in different Target Applications): one with weak and one with strong authentication. Issue a tag after successful weak authentication (e.g. PASSWORD_VERIFIED). In the strong authentication flow, use this tag as a skip condition for the first authentication step. |
Risk-based authentication (AI-13514) | 7.7 | Omit 2nd authentication factor based on a risk assessment of the user session. |
Remember-me (AI-13101) | 7.6 | Remember-me ("stay logged in") checkbox on login page. The end-user may also choose to log out of all other browsers at the same time. |
Fallback Authenticator (AI-13512) | Partially supported since 7.4 | Fall back to an alternative authentication method if the first method fails. Migration hint The original feature is no more supported but it can be partially covered by the following: In authentication flows, use a Selection step with a condition always choosing intended authentication step. Add a fallback option that is never selected and configure a Goto from former to the fallback authentication step. |
User-based authentication selection (AI-13513) | Partially supported since 7.4 | Choose authenticator based on username. Migration hint The original feature is no more supported but it can be partially covered by the following: Use plugin User Based Selection Password Repository in password checking steps. In authentication flows, use a Selection Step in conjunction with the condition plugin Matching Username. |