08 February 2024 (v2.107)

ReachFive v2.107 now allows you to delete addresses via imports. You can also include session tokens in the /oauth/token response. There are now Pub/sub hook failure events for improved monitoring, as well as the ability to invalidate all sessions for a user via a dedicated endpoint. As always, we fixed some issues for you.

Delete addresses via import

We have introduced a new boolean to the Addresses object called to_delete. When you pass to_delete with a value of true as part of an import file, you can successfully delete an address for a user.

For more information, see Delete an address and User Profile.

  • JSON

  • CSV

  "email": "test@example.com",
  "addresses": [
        "id": 1,
        "to_delete": true (1)
1 Pass to_delete as true along with the desired address id to delete the address.
email;addresses.0.id;addresses.0.to_delete (1)
test@example.com;1;true (1)
1 Pass to_delete as true along with the desired address id to delete the address.

Include session tokens in /oauth/token response

For flows where custom tabs are required or where using Webviews to manage session cookies isn’t possible, you can now include a session token as a part of the /oauth/token endpoint response.

For more details, see Retrieve access token.

To apply this option to a client:

  1. From your ReachFive Console, go to Settings  Clients.

  2. Go to your desired First-party Identity client or create a new one.

  3. At the bottom of the client page, check the box with the title Include SSO cookie in token endpoint response.

  4. Don’t forget to Save your input.

    2107 sessionCookieOauthTokenEndpoint

Pub/sub hook failure events

There are now Pub/sub failure events so that it’s easier to monitor when something goes wrong.

For more details, see Pub/Sub hooks.

Pub/sub hook
  "date": "2024-01-07T09:54:34.183123Z",
  "id": "AWUTz0..6KwGSiAAIMN",
  "type": "pub_sub_event_failure",
  "canal": "hook",
  "failed_hook_project": "webhook_host_unreachable",
  "failed_hook_message_key": "NOT_FOUND",
  "failed_hook_key": "failing_event",
  "failed_hook_user_event_type": "login_matching_password",
  "failed_hook_message": "…​ NOT_FOUND: Resource not found (resource=blah1234).",
  "failed_hook_topic": "blah1234"
Field Description


The date on which the event occurred.


User event id.


User event type.


The channel through which the event was triggered.


The unique webhook key.


The user event for which the webhook was triggered.


The topic ID of the pub/sub hook that failed.


The error message key. For example, NOT_FOUND.


The error message for the failed hook. This describes why it failed. For example, the topic ID may have not been found for pub/sub hooks.


The project name of the pub/sub hook that failed.

Invalidate all sessions for a user

In some cases, you may want to invalidate all sessions for a user and force them to reauthenticate. This could be for security reasons or merely a precautionary measure.

To do this, you can use our Management API to revoke long-lived tokens for a user.


Item Fixed

There was some minor ReachFive Console maintenance for Management client screens.

You could not edit a user if an empty streetAddress was entered for their profile.

In some cases, when updating a user from the ReachFive Console, the updated_at field was not valued with the latest date and time, but instead kept the existing value.