6 July 2023 (v2.96)

ReachFive v2.96 brings the ability to add and view MFA second factors directly on the console and updates the passwordless flows to emit the login event. We also made some other improvements, and as always, we fixed a few issues.

MFA on the ReachFive Console

To further strengthen security, account administrators can enable the Require multi factor authentication on the console option. If enabled, any users authenticating with a username/password combination must have a second factor to be able to access the console. You must have the MFA feature enabled at the root level for this option to work. This can be done by contacting a ReachFive representative.

Check out MFA for console users for more details.

To enable the MFA second factor requirement:

  1. Go to Settings  Security  Console login.

  2. Enable the Require multi factor authentication on the console option.

  3. Don’t forget to Save your input.

    mfa console login



login event for passwordless flows

The login user event is now emitted for passwordless signup flows where you can also see both the authType and device information in the user event.

For more details, see User Events.



Other improvements

  • We have improved error messages around merging lite profiles.

    error.lite.accounts.alreadyExist (1)
    1 See SDK and API errors for more details.
  • We have added warnings logs for when the deprecated user_id property is used in the /update-password endpoint.

  • DOI consents are now included properly in analytics.



Fixes

Item Fixed

Some suspended users weren’t receiving the account suspension email when their account was suspended.

Only administrators should be able to see ReachFive Console login settings.

In some cases, you could not add MFA credentials after registering a user in the ReachFive Console.

Some roles weren’t functioning as expected within the ReachFive Console.