27 October 2022 (v2.81)

ReachFive v2.81 provides several exciting updates including the ability to configure the threshold and duration for locking user accounts. Now, you can perform MFA actions directly with the UI SDK, as well as sign up and login users with custom identifiers via all SDKs.

On top of it all, ReachFive v2.81 lets you embed magic links anywhere you want. In addition to these improvements, we have added a new filter operator and new failure events which you can see here. And of course, we fixed a couple of issues.

Release highlight

Configurable user account lockout

It’s now possible to lock out user accounts based on your own desired configuration. Previously, this was set by ReachFive, but now you can configure it to better match your setup and improve you users security.

You can do this directly from your ReachFive Console by going to Settings  Security  User lockout.

user lockout console
For more, check out User lockouts.

Multi-factor Authentication

With our latest updates, you can now use the UI SDK leverage our Multi-factor Authentication feature. Through the UI SDK, you can now:

Method Description

showMfaCredentials

List MFA credentials associated with a user.

showMfa

Activate MFA credentials for a user.

There’s also an option to remove MFA credentials through this UI method.

showStepUp

Perform a step up directly with the UI SDK.



Custom identifiers

You can now sign up and login using a custom identifier (such as a username or loyalty card number) with the:

You are currently able to do this with the Core SDK . The updates here build on this improvement.



There’s a new endpoint in town that allows you to embed magic links anywhere they’re needed without compromising your users security.

Go on over to the Management API to put it to use.



Other improvements

New events

We have introduced 2 new user events that can be triggered via the /forgot-password endpoint.

  • email_failure

  • sms_failure

See User Events for more details.

New filter operator

We are introducing the BEFORE operator as part of this release. With this operator, you can retrieve information that happened before the specified value. For example, if you want to find users that last logged in or were created before the last 30 days, you could filter that via the ReachFive Console or in the Management API.

For more, check out the filter operators section on the exports page.
281 console before operator



Fixes

Item Fixed

In some limited instances, the logout redirect facility was allowing redirects outside the root domain.