Release 3.4
OpenID Connect authentication now supported on IntelliTrust (AAAS-3)
IntelliTrust can now be used as an OpenID Connect Identity Provider. OpenID Connect is a lightweight authentication and identity protocol similar in concept to SAML. This release introduces generic support for OpenID Connect integrations as well as a guide for integrating IntelliTrust with SalesForce using OpenID Connect.
Support for Active Directory Lightweight Directory Services (AAAS-9082) (AAAS-9311)
IntelliTrust now supports Active Directory Lightweight Directory Services (AD LDS) as an IntelliTrust synchronization directory. This allows users to be synchronized from AD LDS into IntelliTrust and authenticate user passwords stored in AD LDS.
Support for Desktop IdentityGuard 11.0 (AAAS-8249)
The IdentityGuard Agent in Enterprise Service Gateway version 3.4 has been updated to include support for the V11 APIs required by Entrust Desktop IdentityGuard 11.0. With Desktop IdentityGuard 11 and IntelliTrust, you can now use Email/SMS OTP authentication while online and knowledge-based authentication whiel offline. IntelliTrust requires Entrust IdentityGuard Desktop 11.0 Patch 299835 or later be installed.
Knowledge-based authentication (KBA) now supported for IdentityGuard applications (AAAS-8652)
Applications integrated using the IdentityGuard Agent in the Enterprise Service Gateway can now use Knowledge-based authentication. The application must be connected to an IntelliTrust gateway instance version 3.4 or later and have its resource rule configured appropriately to support knowledge-based authenticators.
Increased administrative role security (AAAS-9357) (AAAS-9452)
IntelliTrust now has increased role security by allowing administrative roles to be restricted from managing accounts with administrative roles. Each role can be given the ability to manage administrators with any role or administrators with specific roles.
Support for Microsoft Office 365 desktop and mobile applications (AAAS-8939)
IntelliTrust now supports the desktop and mobile Microsoft Office applications. The authentication requirements for logging in to the application account are controlled by the resource rule of the O365 application on IntelliTrust. This support leverages the Active Directory Authentication Libraries (ADAL) and integration through SAML to support authentication.
Provision IntelliTrust users on Box and G Suite accounts (AAAS-8659)
IntelliTrust now supports managing users within your Box and G Suite accounts. Actions performed on IntelliTrust users are automatically performed on the users within the Box or GSuite account. Users created, deleted, or modified on IntelliTrust are automatically created, deleted, or modified on Box or G Suite. This allows for the state of IntelliTrust and Box or G Suite users to remain consistent without any administrative overhead.
Unlock mobile smart credential authenticators through facial recognition (AAAS-8946)
IntelliTrust now supports using facial recognition to unlock mobile Smart Credential authenticators instead of using a PIN. Facial recognition is supported in the Entrust IdentityGuard Mobile Smart Credential 3.2 application installed on iOS and Android devices. IntelliTrust includes new Smart Credential authenticator settings that allow administrators to control whether facial recognition is allowed.