11 September 2025 (v2.142)
ReachFive v2.142
brings a few improvements including:
And as always, we made some general improvements and fixed a few items for you.
MFA step-up token retries
We enhanced security around MFA step-up token retries, ensuring that users can request a new verification code without compromising their account security.
For more details, see Retry MFA step-up.
Users not suspended by default for Data Breach Detection
When you enable Data Breach Detection, the Suspend user toggle in the Log In section is now disabled by default. This gives you the chance to customise your configuration before proceeding with the Data Breach Detection feature.
For more details, see Data Breach Detection.

Improved search on custom fields
You can now perform full-text searches on custom fields with a type of string
.
Previously, searches on custom string fields required exact matches and were sensitive to case and accents (for example, searching for Jean Foret
would not return Jean Forêt
).
This feature is available directly when searching on the ReachFive Console as well as with the Management API: Search users endpoint.

Full-text search: Use the .ANALYZED
suffix with your field key: custom_fields.<key>.ANALYZED
.
This performs a full-text search that is case and accent insensitive.
GET /api/v2/users?filter=custom_fields.birthplace.ANALYZED == "Île de Ré" (1)
1 | Returns profiles with matching values even if the search string ignores accents or casing.
For example, searching for "Ile de Re" or "ile" also returns results. |
With this improvement, when you enable the full text search option on a custom string field:
-
Searches become case and accent insensitive.
-
You can search by individual words instead of the full string (e.g. searching
Foret
will matchÉric Forêt
). -
Results are more consistent with how standard fields like
given_name
andfamily_name
behave.
This makes it easier to find profiles even when users enter names or custom values with variations in spelling, casing, or accents.
For more details, see Search custom string
fields and Management API: Search users.
General improvements
-
We updated the minimum duration for an On-demand scaling event to 24 hours on the ReachFive Console side, aligning it with backend requirements and improving user experience.
-
We now ensure that the Risk Score threshold defined in the Risk-based Authentication section of the ReachFive Console cannot be set to a
null
value. Go to to configure this setting.
Fixes
Item | Fixed |
---|---|
When exporting user profiles with JSONL, all lite profiles were unexpectedly being marked as |
✓ |
ReachFive Console |
|
For a brief period, administrators were only able to see the first 10 users in the ReachFive Console in the Users (console) section. This was a small pagination issue and only affected console users (not user profiles). |
✓ |
There were a few UX issues in the ReachFive Console that have been addressed. These included suboptimal field validation, inconsistent button focus points, and other minor visual issues. |
✓ |