Automated Scheduled Imports with UI Configuration (Early Access): We’ve laid the groundwork for scheduled automation in the platform. Currently, you can set up recurring imports for users, groups, and group memberships for all of your provisioning applications. No more having to manually import users via CSV. This is the foundation for a broader scheduling framework we’ll roll out later this year. This is opt-in only. To get access, email your CSM or file a ticket with “Scheduled Imports Beta” in the subject. We’ll enable it for your tenant and walk through the setup. Once enabled you will find the settings under Automations >> Schedulers. [Click here to Read More]
Provision Users from a Remote File Server: You can now ingest user records directly from an SFTP server. The system polls designated SFTP paths on a configurable interval (default: 5 minutes), parses user records in JSON or CSV format, and provisions accounts automatically into miniOrange. To enable go to Apps >> Add Application and create a File Server Sync Application. [Click here to Read More]
App-Specific Shared Identity: Shared Identity behavior can be configured at the application level instead of globally, providing precise control over where it is enabled. This functionality is supported across SAML, JWT, and OAuth applications.
It can be configured using the Shared Identity option in the app’s advanced settings. For the Self Service Console flow, Shared Identity can be managed through the Enable Shared User Login for End User Dashboard option in the customer preference settings. [Click here to Read More]
Attribute Transformation at runtime: You can now set up custom rules to automatically modify user profile attributes during user creation or update operations in the system. To get started check the settings under Automations >> Rules. [Click here to Read More]
IMPROVEMENTS:
Provisioning:
Full Name Support in Provisioning Events: Included a dedicated full name attribute for “Custom Provisioning Apps” that gets passed to external applications when you trigger provisioning actions.
RBAC for SCIM Server Apps: Automatically sync user Roles and Entitlements to SCIM-enabled applications, letting downstream systems enforce access controls without manual role mapping. [Click here to Read More]
User Deletion Control: Choose to delete or disable users in miniOrange when they're removed from the source app during user provisioning sync.
Bulk Password Updates for End Users: Set passwords for multiple users simultaneously useful for compliance resets, security incidents, or bulk onboarding scenarios.
Active Directory Improved Group Sync: Users and groups no longer share the same search filter and search base, configure each independently for more precise import control.
Active Directory Username Alias Import: Pull username aliases from Active Directory to support legacy systems and alternate login usernames. Map Active Directory attributes to miniOrange Username Aliases under your LDAP / AD configuration >> Attributes >> Provisioning Attributes. [Click here to Read More]
Active Directory Better Auditing: LDAP / AD Provisioning operations now log detailed audit trails and error contexts, making it easier to diagnose sync failures and permission issues.
Admin Audits:
Provisioning Configuration Changes Audits: Every admin action across all provisioning apps is now audited and available as reports. You can go to Reports >> Admin Activity Audit Report to get your logs.
Workflows:
Better Dormant Account Reporting: Workflow-triggered reports for Dormant Accounts can now be sent to multiple email addresses other than the main Administrator.
Improved Visuals and Usability:
CAS IDP Configuration Page, AWS Cognito IDP Configuration Page, Database Directories Configuration Page, and Slack + Salesforce SCIM Provisioning Application Pages now have redesigned interfaces with better layouts for better usability and quicker load times. [Click here to Read More]
January 12th, 2026
Version 4.16.0Cloud
WHAT'S NEW:
Number Matching in Push Notifications: Push-based MFA attacks are on the rise. We’ve added number matching to push notifications, so users must confirm a specific number on their device instead of just tapping "Approve." This stops accidental approvals and helps with MFA fatigue from spam attacks. [Click here to Read More]
Improved Device Fingerprinting and Posture Check: Introducing a new device fingerprinting approach which ensures only trusted devices can access applications by combining device identity with contextual security checks. This new approach securely identifies devices using hardware-based attributes and baseline profiling. Admins can now define their custom risk attributes and scoring, automatically allow/challenge( prompt for MFA )/block access based on calculated risk, and supports flexible enrollment: self-registration, pre-approved devices, or silent registration. [Click here to Read More]
Radius Authentication: Radius Authentication now supports EAP-MSCHAPv2 for broader protocol compatibility.
Hardware Token Management Improvements: Managing your Hardware Tokens is now more easy and flexible. Users can now have multiple tokens assigned to them. Admins can view and assign tokens in bulk, and users can sync all their C100 tokens in one click. [Click here to Read More]
IMPROVEMEMTS:
Execution Transparency & Better Reporting for Workflows: Failed workflows show exactly which step broke and why, with detailed error logs. Scheduled workflows and user creation failures now surface detailed errors, so you’re not guessing what went wrong.
Better Conditional Logic in Workflows: Filter conditions work on non-required attributes, and you can now chain AND/OR logic for complex rules.
Automatic Role Assignment via Workflows: Along with groups you can now set up workflows to assign users to Role automatically.
Increased IP Restriction Limits: IP allowlists/blocklists now support more than 255 entries. If you’ve been hitting that ceiling, you’re free to scale.
OAuth 2.0 Authorisation support for GMAIL as SMTP: We have added support for OAuth 2.0 as a secure, token-based alternative for authentication against Gmail for SMTP. Basic auth still works.
Password Policy Improvements: You can now restrict how many characters from a user’s email, first name, last name, or username can appear in their password. [Click here to Read More]
Rate Limiting in Radius Authentication: Better Rate limiting for MFA flows during Radius Authentication. Helps with brute-force attacks against your VPNs and Network devices.
CAPTCHA Enhancements: CAPTCHA is no longer all-or-nothing. Admins can now enable it independently for Login, Registration, or Forgot Password from the Product Settings.
SSO Auditing - SIEM Integration: Send SSO audit logs directly to your SIEM tool for centralised analysis, threat detection, and compliance reporting. No manual exports needed.
Improved Visuals and Usability: Assign Hardware Token to Users, Assign Token, User Profile Fields and Group Custom Field configuration pages have now been modernised and updated for better usability and quicker load times.
January 11th, 2026
Version 4.15.0CloudOn-premise
WHAT'S NEW:
RBAC Support in custom provisioning app: Manage the roles and permissions of the external application, and assign roles to the external app’s users via APIs from miniOrange IAM.
IMPROVEMENTS:
GRID Pattern Improvements: Added option for admin to modify the grid size and OTP length to be used for Grid Pattern Authentication.
MO Authenticator Auditing Improvements: Enhanced Push Notification reports upon receipt on the miniOrange Authenticator app.
Improved UI for SAML and TACACS Applications: We have revamped the user interface for both the SAML and TACACS application configuration pages. These updates bring a cleaner layout, improved usability, and a more consistent setup experience across the miniOrange dashboard.
Support for Special Characters in BigCommerce SSO: Added support for email addresses containing special characters during BigCommerce SSO integration.
Pagination Enhancements in Custom Provisioning: Enhancements in pagination for API-based imports in the Custom Provisioning App. Multiple pagination methods are now supported out of the box.
Support for return_to Parameter in JWT SSO Flow: The return_to parameter from incoming JWT SSO requests is now retained and appended to the final redirect URL after authentication.
Nested Group Support for Active Directory Imports: A new option for nested group import has been added within the provisioning service. When enabled, users automatically receive nested group memberships.
Password Sync Support for LDAP Gateway: Support for Password Sync for on-premise LDAP directories via miniOrange LDAP Gateway. When a password is updated in miniOrange, it will be automatically synced to on-premise LDAP directories via miniOrange LDAP Gateway.
BUG FIXES:
Fix for Enforce 2FA Not Resetting for Unregistered Users: Fixed an issue where unregistered users were still prompted for 2FA registration even after Enforce 2FA was disabled. Now the registration page only appears when Enforce 2FA is enabled.
Improved Error Handling for Concurrent Login Attempts: We have updated the login flow behavior when Prevent Concurrent Login is enabled. The system now correctly detects concurrent login attempts and shows the proper message instead of misleading or incorrect error prompts, ensuring a smoother and more transparent login experience.
Enhanced 2FA and Authenticator Experience: Display names for multiple Two-Factor Authentication methods have been updated for improved clarity and consistency. Additionally, Push Notification reports on the miniOrange Authenticator mobile app have been enhanced for more accurate auditing and visibility.
CAPTCHA Validation Fix: Enhanced security by ensuring CAPTCHA validation is consistently required and verified for every attempt where CAPTCHA is enabled.
November 21st, 2025
Version 4.14.1Cloud
App/Group Assignment in SSO and Custom Provisioning Applications: The Policy section in all SSO and Custom Provisioning applications has been updated to include Assign Groups, allowing admins to assign groups to applications and map corresponding policies
Bulk Group Policy Assignment: While assigning policies and groups to applications (OAuth, JWT, Radius, Passwordless, and Desktop), a new Policies section has been introduced that enables creating policies for multiple groups at once, significantly improving efficiency and policy management capabilities.
[Some additional bugs and fixes have been addressed in this release.]
November 17th, 2025
Version 4.14.0Cloud
This release focuses on improving authentication stability, admin configuration experience, and user data accuracy:
Support Email Update During Bulk User Upload: Update Action in user CSV upload and provisioning actions now updates emails along with other attributes.
Fix for Authentication Failure with miniOrange–LDAP Setup: Resolved an issue where authentication failed for valid miniOrange credentials when miniOrange was set as the primary IdP and LDAP as the default directory.
Improvement in Custom SMS Provider setup: Improved the Custom SMS Provider setup to handle errors better while saving your configuration.
October 16th, 2025
Version 4.13.0CloudOn-premise
WHAT'S NEW:
Workflow Automation: Put your IAM on autopilot! Automate critical lifecycle events with incredible new workflows for Dormant Accounts, Password Expiry Notifications, etc. You can now effortlessly define automated actions and rules to manage inactive users, proactively alert users before password expiry, and supercharge your onboarding process all from one powerful command center.
SIEM Tool Integration: Supercharge your security visibility! We've unlocked seamless integration with multiple leading SIEM tools like Splunk, Sumo Logic, and Wazuh. You can now stream critical audit logs to multiple destinations in real-time, giving you unparalleled visibility, robust fault tolerance, and ironclad compliance monitoring.
Office 365 License Provisioning: Say goodbye to portal-hopping! You can now assign and unassign Microsoft 365 licenses for both users and groups directly from your miniOrange console. Streamline your workflow and slash dependency on the Microsoft Admin Portal for everyday license management.
Scheduler Service (Phase 1): Introduced a standalone microservice to handle time-based automation across the IAM platform.
The scheduler enables execution of recurring workflows such as password expiry checks, dormant user cleanup, and notification triggers.
IMPROVEMENTS:
BigCommerce B2B Enhancements: Extended B2B support for SSO and user management in BigCommerce.
Admins can now manage organization-level user creation and updates directly through miniOrange, simplifying onboarding for B2B customers.
Super Admin Impersonation: Super Admins can now securely sign in to customer admin accounts via SSO to assist with troubleshooting and configuration.
Improves operational efficiency and support without compromising account security.
Provisioning Framework Updates: Refactored the provisioning service architecture to support future multi-app integrations.
Improved API consistency and moved provisioning app management to React for better scalability and maintainability.
BUG FIXES:
License Check Improvements: Fixed licensing validation for Super Admin user CRUD APIs.
Ensures accurate license enforcement for all administrative operations.
October 9th, 2025
Version 4.12.0Cloud
WHAT'S NEW:
One Click Social Login Setup: Admins can enable social login with a single click, allowing end users to sign in using their preferred social accounts (Google, Facebook, Apple, etc.), making it faster to run POCs and test integrations before moving to production.
New MFA Method - Grid Pattern: A new MFA option that uses grid-based codes and does not require a phone, giving users a simple and offline way to secure their accounts. [Detailed guide]
App Categorization in Dashboard: The End User Dashboard has been redesigned with support for app categories (e.g., Productivity, HR, Collaboration). Applications can now be grouped under these categories instead of a single flat list, making it easier for users to locate and launch apps.
Revamped Bulk Export: Scalable and Resilient Bulk Export Framework designed to handle large scale data export operations reliably and securely. Customers will be notified by email with Success/Fail status whenever the report is ready with secure download link (Currently available for specific users and groups; broader rollout to follow.)
Multiple YubiKey Support: Added support for assigning multiple YubiKey hardware tokens to a single user. Users can now register and authenticate using any of their linked YubiKeys, providing redundancy and flexibility.
Device Auto-Registration: Introduced Device Auto-Registration, allowing admins to enforce automatic device registration during user login. This enhances device-based access control and simplifies policy enforcement.
IMPROVEMENTS:
Option to format Multi-valued Attributes in SAML, JWT, and OAuth Responses: Added support for handling how multi valued attributes are sent in SSO Token Claims and Attributes. You can now send multi valued attributes as string or arrays.
Username Validation Enhancements: Improved username validation across user creation and update flows to ensure consistency and better error handling during registration and profile updates.
Option to Switch Between Old and New Dashboards: Admins can now allow users to switch between the classic and new modern dashboards from Product Settings, enabling flexibility during phased rollouts. [Detailed guide]
C100 Display Token Sync on First Login: Users can now sync their C100 display token during their first login, ensuring a seamless onboarding and token activation experience.
Simplified Endpoints for SAML SSO: A single endpoint now supports both SP-initiated and IdP-initiated logins, simplifying configuration and reducing dependency on multiple endpoints.
BUG FIXES:
Email Update Fix: Fixed an issue where admins couldn’t update a user’s email address when it matched their username (in email format). This update ensures smooth email-username alignment without errors.
SAML Metadata Enhancements: Implemented automatic mapping of SSO URLs and NameID formats from IdP metadata when POST binding is used. This reduces manual setup errors and improves SSO reliability.
Password Policy Fixes: Resolved issues with missing error messages during password reset flows. Also resolved an issue with Password Policy enforcement during inline registration.
September 24th, 2025
Version 4.11.3Cloud
IMPROVEMENTS:
Consistent device naming for FIDO2: Device type names for FIDO2 were inconsistent across different flows, which could confuse users. All FIDO2 device types are now standardized to “FIDO2 Token” across the product, ensuring a clearer and consistent experience.
“Not contains” operator in Rule Trigger Automation: Added support for the “Not contains” operator in Rule Trigger Automation, allowing more flexible and precise rule configurations.
Fixes in BigCommerce attribute synchronization: Fixed issues with form field updates and address handling in BigCommerce during custom attribute synchronization.
Clear Active Sessions for SuperAdmins: Resolved an issue where SuperAdmins encountered a “Page Not Found” error when attempting to clear active sessions for Customer Admins. SuperAdmins can now successfully clear active sessions as intended.
AD LDAP Configuration Page: Improved usability with clearer categorization of sections, making LDAP configuration easier to navigate and manage.
Password Policy Page: Revamped UI for defining password complexity requirements. Added advanced options to give admins finer control over password policies.
RADIUS App Configuration Page: Updated Add/Edit flows with a more intuitive UI. Admins can now configure RADIUS apps and assign policies in a single step, without navigating to separate pages.
Manage Roles Page: Revamped UI for role management. Updated associated pages to streamline key actions, including Assign Users, Assign User, and Remove User.
September 17th, 2025
Version 4.11.2Cloud
IMPROVEMENTS:
UI improvements for FIDO2 registration: Improved the user on-boarding flows for FIDO2 MFA setup. Users should now have a better user experience during inline registration as compared to before.
Before:
Improvement:
Improved AD user sync: Fixed an issue where disabled users in Active Directory were getting imported to miniOrange in Enabled state. Going forward User state should get synced correctly, ensuring consistent account status between AD and miniOrange.
SuperAdmin hardware token assignment: Super Admins now have the ability to assign hardware tokens to users directly.
BUG FIXES:
Custom attribute fix: Fixed an issue where custom profile attributes were being cleared when users logged in through an external IDP. Attributes not mapped via JIT or entered at signup will now remain intact, preventing unintended data loss.
MFA configuration fixes: Fixed an issue where some authentication methods were not visible on the MFA configuration page. All methods (Phone Verification via IVR, QR Code Authentication, OTP over SMS/Email) are now consistently displayed.
Logout time fix in reports: Corrected the logout time shown in download SSO usage reports for better accuracy.
Prevent Browsers to enable Auto-Save password: Added an option to prevent browsers from auto-saving login credentials on miniOrange login page. Navigate to Product Settings >> Settings >> Security and Enable the Prevent Credentials Auto-Save option to enable this feature.
2FA method display improvements: Fixed display inconsistencies in the User List for 2FA methods. Method names are now more descriptive (e.g., “OTP over SMS” instead of just “SMS”).
Send Mail for MFA activation: The Send Mail for MFA Activation option under the User List Action drop-down is now globally available without any dependence on the Send Email for MFA Activation option under 2FA options for EndUsers.
September 1st, 2025
Version 4.11.0Cloud
WHAT'S NEW:
Fingerprint MFA Support: DigitalPersona (On demand): New biometric option for 2FA using DigitalPersona‑compatible fingerprint scanners - available across standard login and SSO flows.
Better SuperAdmin controls for App Access: Superadmins now have the ability to enforce and manage which customer have access to SuperAdmin added applications. Go to your App list, click on the 3 dots and select the Manage Access option to get started.
Username alias support: Have multiple alternate username or emails across different apps for the same user ? Admins can now define and manage aliases for user accounts making it easier to centralize and manage multiple identifiers across different platforms. Go to Settings >> Users and enable "Enable Username Alias" to get started.
Simpler Browser Extension setup: Removed rarely used advanced fields and streamlined app-type choices. Adding a custom app now takes you directly to policy creation for faster setup.
BUG FIXES:
Last Login Date/Time fix in some login flows: Fixed an issue where SP-Initiated SSO login was not updating the Last Login dttm column in the Users section.
July 8th, 2025
Version 4.10.0Cloud
WHAT'S NEW:
SSO Enhancements:
Flexible IDP-Initiated SSO: Added support for passing user attributes in the SSO login URL for IDP-initiated flow in OAuth and passwordless applications.
Custom SAML Actions: New webhook support for SAML applications to execute custom logic before SAML response attributes are processed.
OpenID Improvements: Several Improvements to OpenID implicit, client credential, password grant types, introspection endpoints and more.
MFA Enhancements:
Forced MFA Enrollment: Support to enforce MFA setup on the first login for external IDP initiated login.
Microsoft Push MFA: Added Support for Microsoft Push as a 2FA Method.
FIDO Device Management APIs: Added APIs to configure FIDO devices for 2FA remotely.
Enhanced MFA Security: Added rate limiting for "Resend OTP" flows and invalid MFA attempts.
Radius Improvements: Added Internationalization Support for RADIUS response messages.
New Onboarding Options: Added a feature to allow admins to send User activation email to the user’s alternate email address.
EndUser Dashboard Improvements:
Personalized User Dashboard: End users can now mark apps as favorites for easier access on their dashboard.
UI Improvements:
Improved Apps Admin UI: Revamped configuration pages for Desktop, Passwordless, JWT, OAuth applications to a consistent, modern interface.
Improved MFA Configuration Admin UI: Revamped“2FA options for end users” and “Alternate 2FA Login Methods” to a consistent, modern interface.
Refined Login Policy UI: Updated the UI for App Login Policy pages.
Provisioning Enhancements:
Active Directory: Improved configuration and provisioning for Active Directory, ensuring more reliable synchronization.
Custom Provisioning Apps: Now supports importing users.
Azure AD/Office 365: Now includes support for group provisioning.
BUG FIXES:
Fallback authentication from Active Directory to miniOrange now works correctly in the broker flow.
Enabling/disabling users correctly triggers provisioning across all flows.
Updated several underlying libraries to address security vulnerabilities and improve overall system stability.
June 12th, 2025
Version 4.9.3On-Premise
This release primarily focuses on aligning the feature set of our on-premise product with that of our cloud-based offering. It specifically addresses and incorporates all the new features and enhancements that have been introduced to the cloud after version 4.9.2.
May 14th, 2025
Version 4.9.2Cloud
WHAT'S NEW:
Added support for custom group attributes in SCIM provisioning.
Added support for user group membership attributes in SCIM provisioning.
BUG FIXES:
Fixed an issue with multi-valued attributes in the SAML response where some Identity Providers (e.g., Google Workspace) sent empty first values, causing SSO failures. The parser now correctly handles such cases by ignoring empty entries.
Fixed an issue where email alerts were not being sent for users locked due to incorrect authentication attempts in RADIUS and API Authentication Flows.
Fixed an issue where Additional Admins and Custom Roles had access to all MFA methods, ignoring restrictions set by the main Admin. They should now only have access to MFA methods explicitly enabled by the Admin.
Fixed an issue that allowed disabled users to log in when authenticating from an external source.
Fixed an issue where push notification failed due to IOS device Token expiry.
Resolved issues with SSO and JIT user creation: Disabled users from external directories can no longer authenticate via SSO, and stale records from external sources during JIT user creation are now prevented.
Resolved an issue with the creation of new roles with custom capabilities, where custom capabilities added were getting saved in the parent role instead of the new role.
Fixed various bugs and UI improvements in the Customization Section.
April 21st, 2025
Version 4.9.1Cloud
IMPROVEMENTS:
C100 Token Sync functionality has been improved.
The issue where adding a custom capability to a new role mistakenly saved it to the parent role has now been fixed.
BUG FIXES:
The issue with Yubikey authentication as an MFA method for RADIUS clients has now been fixed.
The issue concerning the JWT app response for external SSO URLs has now been fixed.
The problem where SSO usage reports did not show data when the admin's email differed from their username has now been fixed.
The issue where security codes appeared for download even when disabled has now been fixed; they are now correctly available only when explicitly enabled.
The unnecessary Redirect URL validation that prevented editing the Desktop Application has now been fixed.
Proper error messaging when a user and application were in different groups has now been restored (the previous incorrect messaging issue is fixed).
The issue for LDAP directory connections, where the bind-account password was temporarily saved and the Cancel button did not function correctly, has now been fixed.
The problem with fetching user groups for usernames/emails from external IdPs that weren't lowercase has now been fixed.
The error that occurred when sorting the “Last Logged In” column due to an incorrect request parameter has now been fixed.
The issue where the custom miniOrange SMS gateway was not being applied as the default gateway has now been fixed.
Login to TACACS devices with expired passwords has now been prevented, and the deletion of custom privileges (which was previously broken) has now been fixed/restored.
The issue causing a double QR code display in the Push notification inline registration flow has now been fixed.
Vulnerabilities:
A WS-Fed vulnerability, where the realm wasn't validated potentially allowing responses to be posted to unverified endpoints, has now been fixed.
March 6th, 2025
Version 4.9.0Cloud
WHAT'S NEW:
TACACS Accounting Now Supported: You can now use TACACS accounting for enhanced security and logging.
Enhanced Security for OAuth/OIDC: The HS-256 algorithm is now supported for ID tokens, adding an extra layer of security.
Easier App Management: The Associated Apps page now has a new UI with seamless API integration.
Better MFA Control: You can now view device-related information for all MFA methods in the reports.
OOB Email Transactions Made Simpler: A dedicated miniOrange page allows users to easily accept or deny out-of-band (OOB) email transactions.
IMPROVEMENTS:
Smoother Browser Extension Experience: Updates have been made to the app creation and edit pages for a more intuitive workflow.
Better Support Handling: Customer support emails will now be routed to the super admin’s email when non-default super admins are assigned.
Cleaner UI for Custom SMS/SMTP Providers: The email and SMS transaction buttons will be hidden when a custom provider is being used to avoid confusion.
Improved Super Admin License Management: Super admins can now allocate licenses more efficiently.
More Detailed User API: The Get User API now retrieves user roles along with other user details for better visibility.
TOTP Support in miniOrange Authenticator: The miniOrange Authenticator app now supports TOTP, providing an additional secure authentication method.
BUG FIXES:
Super Admin Name Update Issue Resolved: Changing the super admin’s name will no longer cause email validation errors.
User Registration Issue Fixed: Users can now register smoothly without encountering any glitches.
JWT IDP-Initiated Flow Now Works Correctly: The RelayState will now update properly, ensuring seamless authentication.
Accurate Login Data in Report: The user registration report will now correctly display the last successful login information.
Quick Fix for Customer Creation: A fix has been applied to address customer creation issues.
Domain Mapping Issue Resolved: Domain mapping now works as expected, even when RelayState is not included in the SAML request.
Blank Screen Issue Resolved: Super admins will no longer see a blank screen in email and SMS templates.
IPv4 CIDR Input Validation Fixed: UI validation for IPv4 CIDR input in Adaptive Authentication has been corrected.
Login Issue with Updated Email Address Fixed: Users can now log in seamlessly after updating their email address.
IDP Dashboard UI Update: Duplicate headers and sidebars have been removed for a cleaner and more user-friendly interface.
Version 4.8.1On-Premise
System prerequisites have changed. Before upgrading to the new version it is recommended to increase your system specs to a minimum of 16GB. Kindly check this link for the entire pre-requisite list if you are deploying a newer version.
This release primarily focuses on aligning the feature set of our on-premise product with that of our cloud-based offering. It specifically addresses and incorporates all the new features and enhancements that have been introduced to the cloud after version 4.4.1.
In order to continue delivering world-class customizations and smoother upgrades we have decided to change our architecture and move to a microservice framework.
Redis, RabbitMQ and a reverse proxy are required components and pre-packaged with the build. We still offer you the flexibility to use your own separate deployments for each if you wish to do so.
The on-premise deployment can now be done using docker as well as via installer (on Windows) and shell script (on Linux).
January 2nd, 2025
Version 4.8.0Cloud
WHAT'S NEW:
App Approval Workflow: An application request and approval system is added that will allow users to request access to any specified app. Learn more
miniOrange Authenticator App: Added biometric authentication support for the authenticator apps for both iOS and Android. Learn more
Browser Extension Apps: Added support for bulk creation of browser extension apps by uploading CSV.
Single Logout: Added Single Logout support for JWT Providers (IDPs).
IMPROVEMENTS:
Custom User-Profile Fields: The user custom profile attributes user interface is updated and default user signup attributes are merged. Learn more
Email/SMS Templates: Merged Email and SMS Templates pages in a new UI.
Radius App: Added options in the Radius app to allow adding a message authenticator and to audit invalid users.
API Authentication Sources: An Application-ID is now sent to API authentication sources in the header while authentication.
BUG FIXES:
Fixed an issue where any value can be set in the SAML authentication validity period option.
Fixed an issue where logout time wasn't set correctly for oauth apps in some cases.
Fixed an issue where Additional Admins were not prompted to set up MFA when the "Enforce users to set up their 2FA Method on First Login" option was enabled.
Fixed some issues faced by Super Admin while searching for users.
Fixed an issue where the organization logo was not visible in Out Of Bound authentication requests.
