The Madrid release introduces powerful new features and enhancements—particularly around Strivacity dashboards—that make it easier than ever to monitor, analyze, and act on your identity data.
Important: This release includes breaking changes affecting:
- Consent translations
- Adaptive Access policy configuration
- Legacy hook log endpoints
Please check with your Customer Success representative before upgrading.
New Features & Enhancements
Dashboard Click-Throughs to Account Events
Your Strivacity dashboard just got more interactive. Certain dashboard widgets now allow you to click directly into the events behind the metrics—giving you instant visibility into the activity driving your graphs.
New Dashboard Templates
To help you get started faster, we’ve added new pre-built dashboard templates for:
- A/B testing
- Consent acceptance
- On-premises components
Dashboard Widget Browser Improvements
Our library of dashboard widgets keeps expanding! To make navigation easier, you can now search for widgets by name and quickly find the metrics you need.
Stacked Bar Charts
You now have a new way to compare metrics over time. Stacked bar charts make it simple to visualize multi-metric comparisons—such as login successes, failures, and abandonments—within a single view.
Hook Execution Dashboard Widget
Track performance like never before. The new Hook Execution widget helps developers measure orchestration response times as well as providing visibility into unhandled exceptions and hook errors that occur during hook execution. All of this to ensure your Lifecycle Event Hooks run smoothly.
Configure Temporary and Permanent Lockouts
We’ve made brute-force protection more flexible. With the Adaptive Access policy, you can now independently configure temporary and permanent lockout thresholds for both passwords and one-time passcodes.
Expanded Before ID Token Generation Hook
Developers now have more power when working with tokens. The Before ID Token Generation hook can: add or adjust token scopes
Other Updates
- Added SessionIndex GUID to SAML assertions
- Expanded documentation for managing email and phone authenticators via the My Account Portal APIs
- Introduced a new Account Management API endpoint to change or remove organization assignments from an account
Bug Fixes
We fixed issues where:
- The back-to-login link did not pick up the acr_value from session start
- Custom telephony providers failed if the Strivacity default provider wasn’t enabled
- The password requirements indicator didn’t handle Unicode lowercase letters
- Password length wasn’t displayed properly in some cases
- Adaptive Access policy didn’t include custom MFA configurations
- Consents didn’t always render in the correct translation
- The native SDK incorrectly fell back to web views in some scenarios
- Password quality policy wasn’t listed in the admin console’s identity store view
- The Before Authenticator Enrollment hook template missed required callback parameters
- A/B testing evaluated usernames as case-sensitive
- Tags containing underscores (_) weren’t always searchable
- The My Account API endpoint didn’t return maxLength or restrictedCharacters fields