Release 5.2

August 2019

IntelliTrust ISAPI Filter integration (AAAS-17586)

A new application template has been added to the Applications page for IntelliTrust ISAPI Filter.

On-demand sync (AAAS-17155)

The Users list page has been enhanced to allow syncing individual users from a directory on-demand. This feature makes it easier to add and update individual users without having to wait for a full directory sync to complete.

Unlink directory user (AAAS-16766)

The Users list page has been enhanced to allow unlinking a user account from its directory. This feature allows administrators to remove problem accounts that are no longer in Active Directory but are still synchronized in IntelliTrust.

Directory User Desynchronization Policy (AAAS-15944)

The Directory configuration now allows administrators to configure what action should be taken on user accounts in IntelliTrust that are no longer found in the directory or no longer match the filters. Administrators can choose to delete the user, convert the user to a local user, or convert the user to a local user and disable the user account.

AD password change (AAAS-16376)

This release includes the ability for users to change their AD password when it has expired or if the administrator has set the password to require a change. When the user logs in with their old password, they will be prompted to enter both current and new password in order to access IntelliTrust.

UI Enhancement (AAAS-16826)

The following enhancements have been made to the UI:

• The Users List unlock action has been enhanced to show the user's locked authenticators.
• The Grid Cards table has been enhanced to allow bulk grid card printing. Administrators can optionally choose to include the user ID when printing assigned grid cards.

Changes to IntelliTrust APIs

The following things have been changed in the Administration API.

The following additions have been made to the User object returned from IntelliTrust by various operations:

• A new value EXTERNAL has been added to the type attribute. If a user has the externalId attribute set, the user will have type EXTERNAL.
• A new attribute externalSource has been added to user. It can be set using the user create and modify operations and is returned in the User model. The intent of this attribute is to describe the source of the user when the user is managed externally.
• New attributes directoryId and directoryName have been added. If set, these values specify the UUID and name of the directory from which the user was synchronized if the user was synchronized from a directory. They will be null otherwise.

Because of the non-compatible change to the User type attribute, any API endpoint that returns a User object now has a new v2 version. For example: https://customer.region.trustedaut.com/api/web/v2/userspaged. The APIs with new versions include the following:

• createUserUsingPOST
• userUsingGET
• userByExternalIdUsingPOST
• userByUseridUsingPOST
• usersPagedUsingPOST
• createUsersUsingPOST
• deleteUsersUsingDELETE

A new boolean argument stopOnError has been added to the methods to perform create, delete and update operations on multiple users. If set to true, the operation stops on the first error. As part of this change, new v2 versions of the following APIs have been added:

• createUsersUsingPOST
• deleteUserUsingDELETE
• updateUsersUsingPUT