Skip to main content
Skip table of contents

2024-09

NOT DEPLOYED / DEPLOYED IN STAGING / DEPLOYED IN PROD

2024.09.23 - My-Access

AWS-PARIS AWS-DUBLIN S3NS

Memority is delivering the foundations of a new access management self-administration service. This update sets the stage for empowering our clients to autonomously manage most standard access configurations.

The current release introduces the core of this new service, offering API-based functionality and configurations menu in the administration portal.

New access management and federation administration features

The new configuration portal will be enabled by default for eligible new tenants. Legacy tenants will have the opportunity to migrate gradually; please reach out to your Customer Success contact for further discussion on this transition.

Federation configuration enhancements

Users can now manage application federations directly within the Memority User Portal, replacing the legacy federation portal. Key enhancements include:

  • Support for importing Service Provider (SP) metadata files.

  • Default OAuth2 scope declaration.

  • Support for simple OAuth2 federations, in addition to OpenID Connect.

  • Federation and authentication debug logs are now accessible via the Memority Admin Portal.

  • Federation-related debug logs are available within the Memority User Portal.

  • Read more…

Administration Enhancements

Administrators can now manage authentication and access configurations directly within the Memority Admin Portal.

Access Management Features

  • Manage access attributes used for authentication or federations.

  • Configure new attribute functions for federations.

  • Global management of OAuth2 configurations (e.g., token format, validity, signing certificate).

  • Session management options (e.g., session timeouts, maximum concurrent sessions per user).

  • Read more…

Authentication Features

  • Support for additional authentication methods: Active Directory, Remote LDAP Directory, OTP via SMS, Helium, Mobile, Kerberos, and Kerberos Opt-in.

  • Management of global WebAuthn configurations, including authenticator types.

  • Customization options for authentication processes (e.g., "Remember Me" option, login flow adjustments).

  • Read more…

Ongoing Feature Integration

While the configuration Portal is steadily evolving, certain advanced capabilities of Memority are not yet fully available within the portal. These will be gradually introduced in future releases.

Others improvements

This release also provide these new features :

  • New access condition based on cookies sent in HTTP headers.

  • New options for displaying the device name on the device registration page for super cookies.

Patches

The release also includes cache and performance improvements.

2024.09.23 - My-Keys

AWS-PARIS AWS-DUBLIN S3NS

This update introduces the addition of HTTP Strict Transport Security (HSTS) and Content Security Policy (CSP) headers to the mobile application backend.

Security improvements

  • HSTS: This header enforces secure connections to our site, ensuring that browsers only communicate over HTTPS. This helps protect against man-in-the-middle attacks and other vulnerabilities related to insecure connections.

  • CSP: This header mitigates the risk of cross-site scripting (XSS) and other code injection attacks by specifying which sources of content are trusted. This reduces the potential for malicious content to be executed in users’ browsers.

2024.09.11 - My-Identity

AWS-PARIS AWS-DUBLIN S3NS

A new CAPTCHA service is now available !

Breaking change regarding Groovy ObjectFinder API.

New features & updates

hCAPTCHA

Memority now offers support for an additional CAPTCHA provider. Each tenant can select either hCAPTCHA or reCAPTCHA as their preferred CAPTCHA service. Read more…

Breaking changes

  • The default projection configuration for ObjectFinder will now return the excerpt

    • Without specific configuration, only excerpt attributes are returned

    • If more fields are required, they must be added in the projection

    • Read more…

Patches

  • The scheduled plan for a tenant's job can no longer be updated through the scheduled job features. All updates must now be made within the policy object configuration.

  • Simplify automatic identifier rules to enhance RegEx configuration. A new built-in rule, UUIDGenerator, has also been added.

  • Other technical and security upgrades

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close