Release 5.24
New in this release
Entrust Soft Token Improvements
Added cryptographic security for soft tokens.
Domain Controller Certificate Request Review
Domain Controller Certificate Management now displays the certificate request to allow you to confirm the request before you enroll or renew it.
RADIUS Attribute Filtering
IDaaS now supports filters for RADIUS response attributes. When defining a RADIUS return attribute that is returning groups, filters can be used to specify which groups are returned and to return a value other than the group name.
Hide Other Applications Setting
RADIUS applications, IDaaS integrations, and custom applications that use the IDaaS API will now be hidden in My Profile. A new setting has been added in User Portal settings to show them.
Token List Improvements
The following enhancements have been made to the Token List.
- the assigned token list now includes soft tokens.
- an export action has been added to both the assigned and unassigned token lists.
- token reports can be exported from the reports page.
Authenticator List Pages
The authenticator list pages for a user in both the Admin and User portals have been replaced with improved versions.
New SAML Integrations
A new SAML application template has been added for SailPoint.
Fixed in this release
The following issues have been fixed in this release:
- Domain Controller Certificate Management now supports CAs created before release 5.23. (28128)
- The regular expression filters for SAML attributes did not work correctly if the regular expression did not include an end anchor. (27970)
- Generic Device OIDC application should be available for the consumer bundle. (27937)
- The error displayed when a super administrator tries to change their own role has been improved. (27935)
- The create domain controller certificate operation is only supported for PKIaaS CAs. The 2UI now only allows a PKIaaS CA to be selected. (27896)
- The create domain controller certificate UI now validates that the entered name is unique. (27893)
- The default search filter for audits is now shown as a Filter chip in the audit list. (27529)
- Future date options have been added to the expiry date filter of the user location history list. (27197)
- The bulk operation to import Entrust Legacy tokens was not generating audits for the loaded tokens. (26709)
- The IDaaS login page occasionally returns to the userid login page after the userid was entered. (28056)
- When customizing Email messages, the HTML <hr> tag is now allowed. (26811)
- The new user email was sent to a new user even though user creation failed because the user has a duplicate userId or alias. (27890, 27909)
- Access to the Password Reset capability has been added to the Standard bundle. (27964)
- The Entrust IdentityGuard import occasionally failed for very large import files. (28000)
- Performance problems with user sync from Azure AD especially when users are in a large numer of groups have been resolved. (28231)
Changes to Identity as a Service APIs
The following changes have been made to the Administration API.
- the following search criteria have been added to the
unassignedTokenPageUsingPOST
method.- type
- loadDate
- the following changes have been made to the
assignedTokenPageUsingPOST
method.- the method now returns both hard and soft tokens.
- the following search criteria have been added:
- type
- loadDate
- lastUsedDate
- the existing search criteria
state
now includes the new valueACTIVATING
. - the following new orderByAttribute values have been added:
- loadDate
- lastUsedDate
The C# SDKs have been updated to target .NET Standard.
Enterprise Service Gateway Deprecation
Entrust will only support the last four releases of the Enterprise Service Gateway (the current version 5.24 and the three previous releases 5.21, 5.22 and 5.23). Entrust recommends that customers always upgrade their Enterprise Service Gateway to the latest release because each release contains security updates to the Enterprise Service Gateway O/S.