Release notes

The release notes describe new features, enhancements, and fixes for the ReachFive platform. The latest release notes are found below. For previous releases, check out the sidebar.

For upcoming changes that require your attention, see the Attention page.

Other releases

The following shows other ReachFive releases for your convenience.

SDK repository Latest version Docs

identity core

identity ui

MavenCentral 9.8.0

Reach5

SFCC Cartridge 20.8.3


10 April 2025 (v2.133)

ReachFive v2.133 introduces several improvements and needed bug fixes. We now ensure that existing KakaoTalk and Naver users can have their address information added to their profiles. We’re also happy to share that you can now customize templates for MFA user journeys.

As always, we fixed a few items for you.


Address updates for Kakao and Naver users

Existing Kakao and Naver user profiles can now have the address information from their social profiles added to their ReachFive profile on their next login, provided you have configured the required custom fields (kakaotalk_address_id for KakaoTalk, is_naver_address for Naver) in the ReachFive Console user profile model.

This helps ensure consistency for users who logged in prior to custom field configuration, aligning their profiles with new logins. We also added checks to prevent duplicate addresses by checking existing field values.

  • Kakao 15

  • Naver 15

If no address exists with the kakaotalk_address_id, the address is retrieved and added.

Example:

Min-jae (민재) has already logged into your site with KakaoTalk. You configure the correct custom fields (kakaotalk_address_id). Min-jae (민재) logs in after the custom field configuration. He has an address on his KakaoTalk profile. The address is imported to his ReachFive user profile.

See Kakao Connect for more information.

If no address exists with the is_naver_address value, the address is retrieved and added.

Example:

Ji-yeon (지연) has already logged into your site with Naver. You configure the correct custom fields (is_naver_address). Ji-yeon (지연) logs in after the custom field configuration. She has an address on her Naver profile. The address is imported to her ReachFive user profile.

See Naver for more information.



Customizable templates for MFA user journeys

You can now customize your MFA templates to better reflect the user journey. We have introduced the new dynamic {{action}} variable, which is set based on the action in the /identity/v1/mfa/stepup endpoint, which make it available in the email and SMS templates.

This allows you to write conditions in the templates to pass certain messages to the user depending on their action or more generally, how they’re using the MFA flow.

How does it work? 🤔

  1. You pass action in the /stepup endpoint request body. action is a free string (snake_case). It must match the action value in the template.

    /stepup endpoint
    {
      "client_id": "nvR2y0ks...EgCW2dqy",
      "action": "transaction", (1)
      "response_type": "code",
      "code_challenge": "xxxxxxxxxxxxxx",
      "code_challenge_method": "S256",
      "scope": "openid phone address profile mfa",
      "redirect_uri": "https://redirect_uri.com/",
      "tkn": "xhNGxw...70zx32"
    }
    1 Here action is transaction.
  2. Assuming a successful call, action is included in the step-up token as part of the response.

  3. Use the token from the response and pass it as step_up (which includes action) in the request body of the /passwordless/start endpoint.

    1. A successful call then triggers the email and/or SMS template which contains the {{action}} logic and sends your user the appropriate message for their MFA journey.

      Example template
      Hello {{user.name}},
      
      {% if action == "login" %}
        Use this code to log in: {{verification_code}}
      {% endif %}
      
      {% if action == "transaction" %}
        Use this code to validate your transaction: {{verification_code}}
      {% endif %}




Fixes

Item Fixed

Import jobs were temporarily showing some dynamic field configuration only applicable to export jobs.

The filter for some fields for job definitions was briefly not working as expected. This has now been resolved and is working properly again.

There was a small issue with the passwordless authentication flow where the system incorrectly accepted the first code verifier instead of the latest one.

There was a temporary issue with our Test SMS button for Twilio that has now been resolved.

For a brief period, it was not possible to enroll a phone number as an MFA credential on the ReachFive Console if SMS was disabled. This was unexpected since enabling SMS is no longer a requirement for Multi-factor Authentication. This is now resolved.

The Phone number verified checkbox appeared on user profiles in the ReachFive Console even when SMS was disabled.

Searching profiles on the ReachFive Console was temporarily slower than expected. Users with slow connections were entirely unable to search.