Release 5.7.1
Grid Card Enhancements
IntelliTrust now supports the PENDING
and CANCELED
grid states from Entrust IdentityGuard.
-
A
PENDING
grid card is a grid card that has not yet been used for authentication. Once the grid card is used for the first time, the state of the grid card automatically changes toACTIVE
. -
A
CANCELED
grid card is a grid card that can no longer be used. When a grid card is canceled it can no longer be unassigned from the user and it can no longer be used for authentication.CANCELED
grid cards still count toward a user's Maximum Grid Cards policy setting (See Settings -> General).
IntelliTrust now prevents grid cards from being unassigned if the grid card has been used. This prevents used grid cards from accidentally being assigned to another user.
Bulk Operation Enhancements
The following Bulk Operations have been enhanced:
Import Users
The Import Users Bulk Operation now supports the following new columns: locked
and group
.
The locked
column supports importing users in the locked
state. This column is a boolean
value which can be TRUE
or FALSE
. When this is set to TRUE
, all of the user's authenticators will be locked when the user is created. This column is optional. If this value is set to FALSE
, is empty, or is omitted, the user will not be locked when created.
The group
column supports assigning users directly to a group without having to run a separate User/Group assignment Bulk Operation. If provided, the user will be created and assigned to the specified group. The group must already exist in IntelliTrust. If not, the user will fail to be imported. This column is optional. If the value is empty, or is omitted, the user will not be assigned to a group.
Import Grid Cards
The Import Grid Cards Bulk Operation now supports importing grids in the PENDING
and CANCELED
states. In addition, this Bulk Operation now supports importing all Entrust IdentityGuard grid states. The Entrust IdentityGuard grid states are converted to IntelliTrust grid states as follows:
IdentityGuard Grid State | IntelliTrust Grid State |
---|---|
CURRENT |
ACTIVE |
HOLD |
INACTIVE |
HOLD_PENDING |
INACTIVE |
PENDING |
PENDING |
CANCELED |
CANCELED |
Notes:
- When importing unassigned grid cards, the
state
column will be ignored. - When importing grid cards with a state value of
ACTIVE
,INACTIVE
,CURRENT
orHOLD
, the last used date is set to a very early date to identify the card as being previously used.
Changes to IntelliTrust APIs
The following API endpoints now have new versions in order to support the new Grid states:
/v2/gridspaged/assigned
/v2/users/{userid}/grids
/v2/grids/{gridid}
/v2/grids/sernum/{sernum}
/v2/grids/{gridid}/changestate
/v3/users
/v3/users/multiple
/v3/users/{id}
/v3/users/userid
/v3/users/externalid
/v3/userspaged
The previous version of these endpoints will continue to be supported; however, they will not return the new grid states.
The new APIs will return a Grid
object with a State
whose values can now also be set as PENDING
or CANCELED
. Previous APIs will return the value ACTIVE
and INACTIVE
, respectively, for these.
Get User API
The Get User API now returns detailed lockout information for each authenticator that a user has in the lockoutStatus
parameter.
The lockoutStatus
for each authenticator contains following information:
- type: The authenticator type.
- remaining: The number of authentication attempts remaining before the authenticator is locked.
- lockoutDate: The date the authenticator was locked.
- lockoutExpire: The date the lockout will expire.
Transaction Details
When using transaction details with OTP or TOKEN authentication, a successful authentication response AuthenticatedResponse
will now contain a corresponding TransactionReceipt
object.