2025-10

NOT DEPLOYED / DEPLOYED IN STAGING / DEPLOYED IN PROD

2025.13.10 - My-Identity

AWS-PARIS AWS-DUBLIN S3NS

This release introduces updates across OAuth2 endpoints, authentication flows, new authentication pages, and configuration management. It includes protocol compliance adjustments, extended logging and validation, UI and translation fixes, as well as technical and security updates.

OAuth2

• Introspect endpoint now returns the exp parameter in seconds instead of milliseconds (RFC 7519 compliance).

• Introspect endpoint now returns the value of the user attribute configured as subject in sub parameter.

• OAuth2 Device Flow pages available in new authentication pages.

Authentication and RBA

• Added support for push mobile authentication as a second factor in authentication mechanisms.

• Added error message when push notification cannot be sent due to backend communication issue.

• Creation or deletion of an authentication mechanism is now automatically reflected in the RBA Risk Correction.

• Fixed authentication means display order.

New Authentication Pages and Translations

• Improved radio buttons and call-to-action buttons.

• Added translation keys for OTP quota messages.

• Added missing translation key on mobile authentication page with generated OTP.

• Supported single quotes in translations.

• Fixed CSS issues on Logout and Authentication Failed pages.

• Fixed typo in WebAuthn default French translation.

• Fixed PasswordLoginFormBeforeButton fragment position.

• Fixed duplicated fragment display.

Memority Portal

• Added federation error logs for bad request parameters.

• Skipped redirect choice page when user has a login task and tries to access the Memority portal.

• Fixed audit event when creating a federation.

Other Improvements

• Minor technical and security upgrades

2025.10.09 - My-Identity

AWS-PARIS AWS-DUBLIN S3NS

This release introduces major improvements to the Segregation of Duties (SoD) process and a brand-new Application Portal

Delivery Timeline

• Staging: 14 Oct 2025

• Production: 22 Oct 2025

New Features and Improvements

Advanced Segregation of Duties (SoD)

Simplify Compliance - Reduce Risk - Stay in Control.

Memority strengthens access governance with a full-featured SoD cockpit to simplify compliance, reduce risk, and keep organizations in control.

Prevent Risky Access

Stop conflicting access combinations before they happen:

• Detect users with conflicting roles (e.g., system admin + internal audit).

• Detect users with both data entry and validation roles in critical processes (e.g., payroll + purchasing) Prevent simultaneous access to incompatible applications.

• Prevent simultaneous access to incompatible applications.

Powerful SoD Cockpit

• Create, detect and manage SoD risks with flexible rules based on roles, applications, categories, or dimensions (region, department, project).

• Flexible enforcement modes:

  • FORBID – block conflicting assignments

  • WARN – alert users without blocking access

  • SIMULATE – preview conflicts before enforcing

Delegated Management & Collaboration

• Assign rule management to application owners or domain managers without losing oversight.

• Users can request multiple roles at once, with real-time conflict detection and visual alerts.

Continuous Monitoring, Remediation & Certification

• Track violations in real-time and export reports (CSV/XLS) showing:

  • Who is involved

  • Which roles or applications caused the conflict

  • Enforcement mode (FORBID, WARN, SIMULATE)

• Remediate risks proactively:

  • Start manual or automated certifications to review and fix violations

  • Apply recertification policies based on violation criticality or business scope

  • Link violations to compensating controls and track mitigation efforts over time

• Keep accepted risks visible, documented, and regularly reassessed to ensure continuous compliance.

Why Teams Will Love It

• Prevent conflicts of interest by securing role assignments.

• Reduce human errors and access risks.

• Simplify audits with clear, actionable reports.

• Actively remediate risks through manual or automatic certification workflows.

• Inform users and approvers in real-time about conflicts.

• Test new rules safely before enforcement for controlled security rollout.

With this release, Memority turns SoD management into a proactive, measurable, and auditable process, giving you complete control over access risks while enabling fast, effective remediation and certification.

Read more…

New Application Portal — A Smarter Way to Manage Your Workspace

We’re excited to announce the launch of our brand-new Application Portal, a redesigned workspace to give users clarity, control, and customization over their applications.

What’s New

• Clearer Access Overview: Instantly see all your current applications and access rights in one simple view.

• Personalized Preferences: Customize the way your portal looks and works — it’s your space, your rules.

• Flexible Icon Arrangement: Drag and drop icons to arrange them in the order that suits you best.

• Folder Creation: Group applications into custom folders to keep everything neatly organized.

• Direct Access Requests: Request new application access directly from the portal in just a few clicks.

Read more…

Patches

• New Radar charts is now available
  Read more…

• New Requester and Subject context is now available in validation rule of a synchronization task
  Read more…

• New support of Sybase ASE SAP database

• App Logs automatically reset to false within one hour of activation.

• SAP ECC role membership enhancements.

• Various security and bug fixes.

• Routine technical updates.