Release 5.7.1
Grid Card Enhancements
IntelliTrust now supports the PENDING and CANCELED grid states from Entrust IdentityGuard.
-
A
PENDINGgrid card is a grid card that has not yet been used for authentication. Once the grid card is used for the first time, the state of the grid card automatically changes toACTIVE. -
A
CANCELEDgrid card is a grid card that can no longer be used. When a grid card is canceled it can no longer be unassigned from the user and it can no longer be used for authentication.CANCELEDgrid cards still count toward a user's Maximum Grid Cards policy setting (See Settings -> General).
IntelliTrust now prevents grid cards from being unassigned if the grid card has been used. This prevents used grid cards from accidentally being assigned to another user.
Bulk Operation Enhancements
The following Bulk Operations have been enhanced:
Import Users
The Import Users Bulk Operation now supports the following new columns: locked and group.
The locked column supports importing users in the locked state. This column is a boolean value which can be TRUE or FALSE. When this is set to TRUE, all of the user's authenticators will be locked when the user is created. This column is optional. If this value is set to FALSE, is empty, or is omitted, the user will not be locked when created.
The group column supports assigning users directly to a group without having to run a separate User/Group assignment Bulk Operation. If provided, the user will be created and assigned to the specified group. The group must already exist in IntelliTrust. If not, the user will fail to be imported. This column is optional. If the value is empty, or is omitted, the user will not be assigned to a group.
Import Grid Cards
The Import Grid Cards Bulk Operation now supports importing grids in the PENDING and CANCELED states. In addition, this Bulk Operation now supports importing all Entrust IdentityGuard grid states. The Entrust IdentityGuard grid states are converted to IntelliTrust grid states as follows:
| IdentityGuard Grid State | IntelliTrust Grid State |
|---|---|
CURRENT |
ACTIVE |
HOLD |
INACTIVE |
HOLD_PENDING |
INACTIVE |
PENDING |
PENDING |
CANCELED |
CANCELED |
Notes:
- When importing unassigned grid cards, the
statecolumn will be ignored. - When importing grid cards with a state value of
ACTIVE,INACTIVE,CURRENTorHOLD, the last used date is set to a very early date to identify the card as being previously used.
Changes to IntelliTrust APIs
The following API endpoints now have new versions in order to support the new Grid states:
/v2/gridspaged/assigned/v2/users/{userid}/grids/v2/grids/{gridid}/v2/grids/sernum/{sernum}/v2/grids/{gridid}/changestate/v3/users/v3/users/multiple/v3/users/{id}/v3/users/userid/v3/users/externalid/v3/userspaged
The previous version of these endpoints will continue to be supported; however, they will not return the new grid states.
The new APIs will return a Grid object with a State whose values can now also be set as PENDING or CANCELED. Previous APIs will return the value ACTIVE and INACTIVE, respectively, for these.
Get User API
The Get User API now returns detailed lockout information for each authenticator that a user has in the lockoutStatus parameter.
The lockoutStatus for each authenticator contains following information:
- type: The authenticator type.
- remaining: The number of authentication attempts remaining before the authenticator is locked.
- lockoutDate: The date the authenticator was locked.
- lockoutExpire: The date the lockout will expire.
Transaction Details
When using transaction details with OTP or TOKEN authentication, a successful authentication response AuthenticatedResponse will now contain a corresponding TransactionReceipt object.