2025.07.21 - My-Access
AWS-PARIS AWS-DUBLIN S3NS
This release improves Risk-Based Authentication (RBA) with better error handling, IP checks, network filtering, new admin menu, and fixes bugs for enhanced stability and security.
New Features and Improvements
RBA Fallback for Groovy Failures
Now, if a rule fails at runtime the RBA allows only authentication mechanisms with a level above a configurable threshold (default: 80).New Groovy Context Variable for Client IP Matching
You can now use theREQ.ipcontext variable in RBA rules to check if the client's IP address matches a specific range.Memority Integration Tool supports RBA
You can now configure and deploy on a tenant the RBA service. This feature is currently experimental.
To know more, see Memority Integration Tool.RBA Network filtering
We enabled network filtering for RBA.New Menu Entry for RBA Configuration
A new menu entry called Access Risk is now available in the administration portal to manage the RBA service. Access Risk includes the following sub-entries:
Sub-entries | Description |
|---|---|
Access Risk Corrections | The configuration of the access risk corrections allows the system to:
|
Environment Risk Policy | An environment risk policy is a set of rules that computes the first risk score based on the user’s device (IP address, user-agent, last use date, etc). |
User Risk Policies | A user risk policy is a set of rules based on the Identity’s activities (last authentication date, last location city, etc and the Environment risk. |
Authentication Risk Policies | An Authentication Risk Policy is a set of rules that defines the acceptable authentication mechanisms based on the authentication context. |
Patches and Performance Enhancements
Bug fixes
Fixed publishing of RBA artifacts to Maven Central.
Fixed security vulnerabilities in Groovy scripts.
Fixed an issue to ensure only Groovy scripts can define matching conditions in RBA rules.