11 September 2025 (v2.142)

ReachFive v2.142 brings a few improvements including:

MFA step-up token retries
Users not suspended by default for Data Breach Detection
Improved search on custom fields

And as always, we made some general improvements and fixed a few items for you.

MFA step-up token retries

We enhanced security around MFA step-up token retries, ensuring that users can request a new verification code without compromising their account security.

For more details, see Retry MFA step-up.

Users not suspended by default for Data Breach Detection

When you enable Data Breach Detection, the Suspend user toggle in the Log In section is now disabled by default. This gives you the chance to customise your configuration before proceeding with the Data Breach Detection feature.

For more details, see Data Breach Detection.

Improved search on custom fields

You can now perform full-text searches on custom fields with a type of string.

Previously, searches on custom string fields required exact matches and were sensitive to case and accents (for example, searching for Jean Foret would not return Jean Forêt).

This feature is available directly when searching on the ReachFive Console as well as with the Management API: Search users endpoint.

Console
API

Full-text search: Use the .ANALYZED suffix with your field key: custom_fields.<key>.ANALYZED. This performs a full-text search that is case and accent insensitive.

GET /api/v2/users?filter=custom_fields.birthplace.ANALYZED == "Île de Ré" (1)

1	Returns profiles with matching values even if the search string ignores accents or casing. For example, searching for `"Ile de Re"` or `"ile"` also returns results.

With this improvement, when you enable the full text search option on a custom string field:

Searches become case and accent insensitive.
You can search by individual words instead of the full string (e.g. searching Foret will match Éric Forêt).
Results are more consistent with how standard fields like given_name and family_name behave.

This makes it easier to find profiles even when users enter names or custom values with variations in spelling, casing, or accents.

For more details, see Search custom string fields and Management API: Search users.

General improvements

We updated the minimum duration for an On-demand scaling event to 24 hours on the ReachFive Console side, aligning it with backend requirements and improving user experience.
We now ensure that the Risk Score threshold defined in the Risk-based Authentication section of the ReachFive Console cannot be set to a null value. Go to Settings MFA Settings Use risk based authentication to configure this setting.

Fixes

Item Fixed

Item	Fixed
When exporting user profiles with JSONL, all lite profiles were unexpectedly being marked as `lite_profile=false` even for users with a lite profile.	✓
ReachFive Console
For a brief period, administrators were only able to see the first 10 users in the ReachFive Console in the Users (console) section. This was a small pagination issue and only affected console users (not user profiles).	✓
There were a few UX issues in the ReachFive Console that have been addressed. These included suboptimal field validation, inconsistent button focus points, and other minor visual issues.	✓

When exporting user profiles with JSONL, all lite profiles were unexpectedly being marked as lite_profile=false even for users with a lite profile.

✓

ReachFive Console

For a brief period, administrators were only able to see the first 10 users in the ReachFive Console in the Users (console) section. This was a small pagination issue and only affected console users (not user profiles).

✓

There were a few UX issues in the ReachFive Console that have been addressed. These included suboptimal field validation, inconsistent button focus points, and other minor visual issues.

✓