1 August 2024 (v2.117)

ReachFive v2.117 introduces a few improvements and needed bug fixes. You can now validate the verification code with query parameters for the MFA flow. We have also increased control over profile visibility for our customers that want more control over the default profile view. There is now an option to return the __Host-trusted-device-id cookie in the /oauth/token endpoint.

As always, we fixed a few items for you.

Validate verification code with query parameters

You can now validate the verification code needed for the MFA flow using the GET /identity/v1/passwordless/verify endpoint. Previously, it had to be done solely through the POST /identity/v1/passwordless/verify endpoint.

There are three possible query parameters needed if using the endpoint for the MFA flow, two of which are required:

  • required challenge_id

  • required verification_code

  • optional trust_device (default is false)

For more details, see the /identity/v1/passwordless/verify endpoint.


Increased control over profile visibility

With v2.117, we have introduced a feature flag called "Mandatory search filters" where you can enforce the use of filters when viewing your user profiles on the ReachFive Console. When enabled, no profiles are shown by default, meaning to see profiles, the ReachFive Console user needs to use the filter option.

If not explicitly enabled, the default view shows all profiles. To enable the feature, you should contact your ReachFive Support or PS representative.

2117 filter profiles
Filter profiles example


We have introduced the option to return the __Host-trusted-device-id cookie with the /oauth/token endpoint if certain features are enabled for an account. This builds on the ability to validate the verification_code with query parameters mentioned above and is primarily used for backend integrations that want to retain control on this cookie.

What is the __Host-trusted-device-id cookie? 🤔

This cookie identifies the device is marked as trusted. It is used as a header cookie parameter when logging in.

Example
Set-Cookie: __Host-trusted-device-id=00112233-4455-6677-8899-aabbccddeeff

In order to be able to retrieve the __Host-trusted-device-id cookie in the response, you need to do the following:

  1. Ensure the option to "Include cookies in token endpoint" is checked on the desired client in the ReachFive Console.

    View from the console

    2117 include cookie console

  2. Risk-based authentication must be enabled for your account.

  3. And of course, during the flow, the user must have trusted the device during the verification process.

For more details, see Clients and /oauth/token endpoint.


Fixes

Item Fixed

It was temporarily impossible to add URLs that contained hyphens (-) as part of the path (/path-with-url/consents/) for a consent description.