Entrust

Release 3.1

Knowledge-based authentication (AAAS-7057)

Knowledge-based authentication (KBA) (also known as question-and-answer authentication) allows a user to authenticate to their SAML application account by providing the correct answer to preregistered questions. KBA can be used to complete first or second factor authentications. If the resource rule of an application is configured to require KBA as the First Step authenticator, the Second Step must be set to "None".

Users can choose between SMS and email OTP delivery during authentication (AAAS-7568)

A user can now choose between receiving their OTP by email or SMS when completing an OTP authentication challenge. OTP by SMS can only be selected if a mobile device number has been registered to that user's profile. Either of these delivery methods can be used to authenticate to an IntelliTrust or application account.

Download gateway instance TLS certificate from IntelliTrust account (AAAS-7810)

Previously users could only export a gateway instance TLS certificate by browsing to the IdentityGuard agent of that instance and downloading the certificate. With this release, the TLS self-signed certificate is created to IntelliTrust and downloaded to the gateway during registration. If the gateway is re-registered onto a new gateway appliance, the existing SSL certificate is not replaced. Users with access can download the certificate from the Gateway Instance page on their IntelliTrust account. They can then import the certificate into their RADIUS or IdentityGuard application and successfully configure the application with IntelliTrust.

Company name of account can be modified post-creation (AAAS-8440)

The company name of an IntelliTrust account can be changed after the account has been created. The name can be changed from the account's Theme page on the Administrator portal. Only users with a role granting Edit-level access to the Theme page can modify the company name. Changing the company name of a Service Provider's account does not change the company name of any held tenant accounts.