08 December 2022 (v2.83)

ReachFive v2.83 provides improvements to our MFA feature, introduces a new social provider, and adds a new field for user account lockouts. We also improved some small items, and of course, we fixed a few issues.

Multi-factor Authentication

You can now implement Multi-factor Authentication as part of the login flow if desired by configuring your MFA settings in the ReachFive Console.

What does this mean?

For users with a registered MFA credential, a stepup will be required for logging in.

For more on this topic, see our dedicated MFA settings section on the Multi-factor Authentication page.

mfa settings require MFA always

User account lockouts

We are giving you even more information regarding user account lockouts. With this update, the lockout_end_date field has been added to the user profile object so that you can see exactly when the lockout will end for a user.

For more on this topic, see the User lockouts page.

Social login

New provider: B.connect

You can now use B.connect as a social provider with ReachFive.

console select B.connect

Check out the quick guide on the B.connect page.


You can now retrieve the user birthdate after a Google sign in.

For more on this topic, see the Google Connect page.

Other improvements

  • Previously, you couldn’t partially update consent groups. Now, you can do partial updates to consent groups.

    Why is this useful?

    If you need to update an associated consent, for example if a consent is archived, this is a handy improvement.

    For more on consents, see our dedicated Consents page.


Item Fixed

In some cases, updating a lite profile with an external_id would delete the lite profile data.

Temporarily, some users were unable to edit ReachFive Console pages as expected.

The user’s suspension status was not viewable from the ReachFive Console.

This did not impact the actual suspension status of the user.

In some limited cases, it was impossible to delete a lite profile using the Remove a user identity endpoint.

From time to time, some user profiles were blocked inadvertently.

After merging two profiles with external_id, the appropriate user event was not being generated.

There were some minor issues with filtering with the API.

When registering a phone number for MFA that was different than the phone number on the user’s profile, the added MFA phone number was unintentionally verified.