Release notes

The release notes describe new features, enhancements, and fixes for the ReachFive platform. The latest release notes are found below. For previous releases, check out the sidebar.

For upcoming changes that require your attention, see the Attention page.

Other releases

The following shows other ReachFive releases for your convenience.

SDK repository Latest version Docs

Core SDK

identity core

Core SDK

UI SDK

identity ui

UI SDK

Android SDK

MavenCentral 9.9.0

Android SDK

iOS SDK

Reach5

iOS SDK

SFCC Cartridge

SFCC Cartridge 20.8.3

Salesforce cartridge


28 May 2026 (v2.158)

Staging ๐Ÿงช

ReachFive v2.158 brings a few new features and updates:

As always, we made some general improvements and fixed a few items for you.


You can now set session cookie duration uniquely for mobile or desktop users visiting your site.

  • Default settings apply to all platforms unless explicitly configured in other platform sections.

  • Desktop settings apply to desktop or laptop devices.

  • Mobile settings apply to both native mobile applications as well as webviews or custom tabs on mobile.

This flexibility lets you optimize the authentication experience for different devices. You can enforce stricter security requirements on desktops while reducing login fatigue for users on their personal mobile apps.

To set the session cookie duration:

  1. Go to Settings  Security  SSO in your ReachFive Console.

  2. Set the Session lifetime (in days) and Require log in after (in days) for your desired platform.

  3. If setting a specific platform (like Mobile), toggle the platform to Active. Otherwise, the default settings are used.

  4. Ensure you enter the Allowed logout callback URLs under Global settings.

  5. Don’t forget to Save your input.

    session duration configuration

For more on this topic, see SSO.


Linking verified social identities

When a user links a social identity containing an email address already verified by the social provider, their ReachFive email status will now automatically update to "verified." This process also emits an email_verified user event for your tracking purposes.

This streamlines the authentication flow by eliminating redundant verification steps. Users who have already verified their email with a trusted social provider will no longer face unnecessary friction, such as fallback OTP prompts, resulting in a smoother, faster login experience.

For more on this topic, see User event types and Social Login respectively.


General improvements

  • For Kakao Connect, you can now retrieve the birth_day and birth_month individually to ensure compliance or meet requirements where the birth year is not needed or allowed.


Fixes

Item Fixed

There was a minor issue affecting those customers using the frontend token exchange flow.

Temporarily, there was an issue retrieving the birthdate for Google Connect users when the birth year was empty.

R5 AI Assistant
The R5 AI assistant can make mistakes, verify answers.

Confirm Deletion