04 August 2022 (v2.76)

ReachFive v2.76 introduces orchestration tokens and provides several security related updates. We also fixed a few issues.

Release highlight

Orchestration token

You can now ensure that the authentication flow is always completed by passing an orchestration token when using the Login URL option on your first-party identity client(s). You just need to enable Attach orchestration token.

For more, see Request Orchestration Tokens.

Security

Compromised profiles detection

The profile_compromised event type is now no longer limited to those the automatic suspension feature enabled. All customers can avail of this event type to trigger Pub/Sub hooks and User-event webhooks.

Multi-Factor credential deletion

You now have to perform the stepup operation in order to delete an email credential through the Identity API.

For more on MFA as a whole, see the Multi-factor Authentication guide.

Fixes

Item Fixed

Item	Fixed
The `login_as` user event was generated with the wrong date.	✓
LITE profile updates weren’t correctly performed if the profile contained an archived consent.	✓
The `updated_at` value was updated even though no modifications were made on a profile after an import.	✓
It was impossible to change the consents value when using the showProfileEditor UI widget.	✓

The login_as user event was generated with the wrong date.

✓

LITE profile updates weren’t correctly performed if the profile contained an archived consent.

✓

The updated_at value was updated even though no modifications were made on a profile after an import.

✓

It was impossible to change the consents value when using the showProfileEditor UI widget.

✓