8 December 2025 (v2.147)

ReachFive v2.147 brings a few new features:

We also have an important notice for those of you using Microsoft Entra ID (Azure AD) with SCIM.

Expand for Entra ID/SCIM details

If you are using Microsoft Entra ID (formerly Azure AD) as your identity provider, you must append a specific compatibility flag to your Tenant URL.

Entra ID’s default SCIM implementation does not fully comply with the SCIM 2.0 specification regarding group updates. Without this flag, removing a single user from a group in Entra ID may cause the entire group to become empty in ReachFive.

To fix this:

When configuring the Tenant URL in the Microsoft Entra ID portal, add the query parameter ?aadOptscim062020 to the end of your ReachFive SCIM URL.

  • Standard URL: https://<scim-url>/scim/v2

  • Required URL for Microsoft Entra ID (Azure AD): https://<scim-url>/scim/v2?aadOptscim062020

For details, refer to the Microsoft documentation on SCIM compatibility.

As always, we fixed a few items for you.


Export and retrieve trusted device data

You can now export and retrieve detailed trusted device information across Pub/Sub hooks, Webhooks, and exports. This enhancement improves visibility into trusted devices and enables more comprehensive identity event processing. Previously, trusted device data was not included in these payloads.

You can choose to select TrustedDevices which will include the trusted_devices field in the payload and include all trusted device attributes as shown below.

Each attribute of a trusted device is also available individually for easier filtering and downstream processing:

  • User - Trusted Devices - Created At: The date the device was added as a trusted device.

  • User - Trusted Devices - Device Class: Class of the trusted device.

  • User - Trusted Devices - Device Name: User provided name for the trusted device.

  • User - Trusted Devices - ID: Unique identifier of the trusted device.

  • User - Trusted Devices - IP: IP address of the trusted device.

  • User - Trusted Devices - Operating System: Operating system of the trusted device.

  • User - Trusted Devices - User Agent: User agent string of the trusted device.

2147 trustedDevices


Whitelist IPs for RBA

You can now whitelist specific IP addresses or ranges to bypass Risk-based Authentication. This feature allows trusted networks to avoid unnecessary authentication prompts, enhancing user experience while maintaining security.

To whitelist IPs for RBA:

  1. Go to Settings  Security  Attack protection policy in your ReachFive Console.

  2. Under IP addresses allowed to bypass attack protection, add the desired IP addresses. This can be a single IP address or a range in CIDR notation. Enter one per line.

    203.0.113.42
192.168.1.0/24

  3. Don’t forget to Save your input.

    ip inspector whitelist


Fixes

Item Fixed

There was a temporary issue with reCAPTCHA that is now resolved.