What's New more...

• Facebook Account Provider

  Upgraded to version 1.12 of Facebook Graph API

• Exclude Account Providers per App

  It is now possible to exclude Account Providers per App. Those Account Providers (logon methods) can not be used to logon to the App.

• Reporting

  Added report for administrator that provides information on 2-factor options set by users.

• Create SAMLP Account Provider from Metadata url

  Configuration of the Identity Provider part of a SAMLP Account Provider can now be done by specifying the metadata url of the Identity Provider.

• Reset 2-factor authentication app

  Administators can now reset the 2-factor authentication when a user loses his/her device where the app was configured.

• OAuth 2.0/OpenID Connect

  The Identity Hub now supports Proof Key for Code Exchange (PKCE)

• Two factor authentication

  If two factor authentication is required at tenant level and if an Account Provider is performing two factor authentication, it is now possible to avoid consecutive two factor authentication.

• New mobile phone number field for User Profile

  On the profile page the user can now add a mobile phone number

• Default Twilio SMS Provider Service

  The Identity Hub can now send SMS text messages. This is implemented using an exten-sibility model. For the moment there is one out-of-the-box SMS service provider Twilio (see https://www.twilio.com/)

• Mobile phone number verification

  Users can now verify their mobile phone number using the verification link on their profile page or on the profile security information page.

• Custom SMS Provider Service

  For on-premise installation a custom SMS Provider Service can be developed by the client or U2U Consult.

• Multifactor authentication using SMS

  Multifactor authentication can now be performed via SMS. It requires a configured SMS Service Provider and a verified mobile phone number of the user.

• App SAMLP/WS-FED Metadata Endpoint

  Metadata Endpoint is now available for SAMLP and WS-FED.

• App Claim Mappings

  App claims mappings are now displayed per category

• Reporting

  Added reports for administrators

• OpenID Connect

  Support form_post response mode.

• Custom claims

  For SAMLP and WS-FED Account Providers custom mapped claims can now be passed to applications.

• Two factor authentication

  Mail can now be disabled as two factor authentication option at the tenant level.

• OAuth 2.0

  To support development localhost redirect uri without uri are now supported out of the box for the Implicit Flow.

• Build in Username/Password account provider

  The username/password account provider now supports adding a logo for the login button.

• Office 365 Account Provider

  Roles can now be retrieved and mapped for Office 365 Account Providers.

• User Interface

  Improvements to UI for App and Account Provider.

• SAMLP Account Provider.

  Now support SingleLogoutResponse url's.

• Build in Username/Password account provider.

  Users can now be provisioned by administrators.

• Build in Username/Password account provider.

  A configuration option has been added to prevent users from registering.

• Protocol Endpoints.

  Overview of protocol endpoints has been added to the administrative user interface.

• Users list.

  Users list can now be filtered per account provider.

• Build in Username/Password account provider.

  Users can now be provisioned by administrators.

• Build in Username/Password account provider.

  A configuration option has been added to prevent users from registering.

• Protocol Endpoints.

  Overview of protocol endpoints has been added to the administrative user interface.

• Azure Application Insights support.

  Now supporting Live Metrics.

• Users per role.

  A view has been added that shows a list of users having a role.

• User list has been optimized.

  For tenants with high number of users, the list of users will have better performance.

• SAML-P Account Provider Certificate Rollover.

  The SAML-P Account Provider can now have a secondary token signing certificate for the Identity Provider to support certificate rollover.

• OpenId: Full support for Code Flow and Implicit Flow.
• An option has been added to not use the Live SDK with Microsoft Account Provider.

  To support the new Microsoft Converged applications types.

• 2-factor authentication can now be set as required.

  An option has been added to require 2-factor authentication for the complete tenant.

• Requesting location information on the login page can now be disabled.

  An option has been added to disable requesting and collecting location information.

• Hub or Tenant Admins can now delete a user.

  On the detail page of a user, an admin can choose to delete a user.

• A user can now delete his or her profile.

  A Delete Profile button has been added on the user's profile page.

• Support has been added to the ASP.NET SDK to delete a users profile.

  A method "DeleteProfileAsync" has been added to the class TheIdentityHub.IdentityService.

• Support has been added to the ASP.NET SDK to retrieve the identity id's of merged identities (users profiles).

  When using TheIdentityHub.IdentityService.GetProfileAsync() the result (TheIdentityHub.Profile) has a new property OldIdentityIds.

• The built-in UserName/Password Account Provider now supports requiring an email address as user name.

  An option (flag) has been added to the UserName/Password Account Provider.

• Support has been added to the ASP.NET SDK to update a users profile.

  A method "UpdateProfileAsync" has been added to the class TheIdentityHub.IdentityService.

• Apps that connect through WS-FED or SAMLP can return Roles in Group Claims and the Display Name as Name claim.
• OpenID Connect 1.0 is now supported.

  OpenID Connect Authorization Code flow is now supported to request tokens from The Identity Hub. How To: Perform OpenID Connect 1.0 Code Grant

• Password complexity can now be configured for build in Username Password Account Provider
  
• Android and PHP SDK.

  Android and PHP SDK are now available
  How To: Sign into your PHP web site with The Identity Hub (OAuth 2.0)
  How To: Sign into your Mobile app with The Identity Hub

• Support for MyDigipass Account Provider.

  The Identity Hub now supports authentication through My Digipass.

• Facebook Account Provider now uses version 2.5 of the Facebook Graph Api.
• OAuth scopes for the OAuth Account Provider can now be toggled on and off.

  The default requested scopes for OAuth Account Provider can now be toggled (except the minimum required scopes).

• Users can now be archived.

  Users can now be archived and will no longer appear in the list of users.

• Users can now be disabled.

  Users can now be disabled to prevent them from signing in.

• Welcome text can now be added

  On the page where the user has to choose what provider to use to sign in a welcome text can be added.

• Email address can now be set as unique

  When email address is set to be unique only one user can exist with the same email address. Only one Account Provider can be active in this specific case.

• Support for SAMLP ADFS flow on IOS/Safari

  An option has been added to the SAMLP Account Provider to compensate for ADFS flow issues due to the cookie limitations in IOS/Safari.

• New version of the SharePoint 2013 SDK and WSP Solution.

  Support for searching The Identity Hub for users and roles when assinging permissions in SharePoint.

• HTTPS Strict is now enforced.

  The Identity Hub now enforced HTTPS Strict Transport Security.

• Claim Mappings for SAMLP Account Providers

  Claim Mappings are now supported for SAMLP Account Providers.

• New ReCaptcha implementation

  ReCaptha has been updated to use the latest version.

• Username retrieval for build in username password account provider.

  Administrators can now activate te possibility to retrieve the usernames based on an email address.