Back to Home PageView SDKs on GithubView APIs in ReadmeSystem Status
Search…
Prague
Strivacity Fusion: Prague Release
SUPPORT INFORMATION
Raising a Support Ticket
Security Vulnerability Response
Reporting a Security Issue
Our Service Level Commitment
Getting Started
Overview
Product Components
Pre-Configured Best Practices
Using the Dashboard
Overview
APIs
Using the REST APIs
Adaptive APIs
Administrative APIs
Anonymous Visitor and Consent APIs
Authentication APIs
Customer Lifecycle APIs
Customer Self-Service APIs
API security policy
Setup and Manage
Adaptive Multi-factor Authentication
Claim Dialects
Consent Management
Enterprise Login
Identity Stores
Password Polices
Integrate Your Applications
Lifecycle Event Hooks
Notification Policies
Self-service
Rebranding and Customization
Using Your Own Brand, Logos, and Color Schemes
Using Multiple Custom Domain Names
Customizing Email Templates
Customizing SMS Templates
Rebranding the Admin Console
Localization
Managing Accounts and Groups
Overview
Creating an Account
Editing an Account
Delete an Account
Enable/Disable an Account
Creating a Group
Deleting a Group
Managing Group Membership
Configuration
Admin Roles
Admin Adaptive MFA
Admin Branding
Admin Notifications
Admin Users
General
Logging
REST API Access Policies
Integrations
CRM, CDP, and Marketing
External identity providers
Passwordless
Identity proofing
Productivity
Security
Social Login
Developer SDKs
Overview
Android Mobile SDK
iOS Mobile SDK
Architecture and Deployment
Rate Limiting
Brute-force Protections
Regional Availability
Powered By GitBook
Strivacity Fusion: Prague Release
The Prague release of Strivacity Fusion is packed with features that make you and your customers more secure— without sacrificing great customer experience. We’ve also thrown in great experience improvements in our administration console for brand administrators and customer support personnel.
Here is what you can expect from our Prague release:

Security updates

In Prague, we implemented the following features to continue our mission to keep your applications and your customers secure.

Breached password analysis

We implemented Breached Password Analysis to help mitigate against customers who use passwords that have been leaked by a security breach.
When turned on this feature analyzes the password customers enter during registration, password changes, or password resets, and compares it to a database of known breached passwords. If the password is on this list, the user is prevented from using that password. This keeps both you and your brand safe from this particular attack vector.

Multi-factor enrollment at registration and login

Next to bad password practices, the single best way to protect customer accounts against malicious activity is to require multi-factor authentication for logins. Brand administrators can now require customers to enroll in multi-factor authentication during login or the account registration process. And, we’ve done the work to make it as easy as possible for your customers to successfully add their phone number, email address, or a soft-token during as authenticators.

Enhanced Adaptive Authentication Policy rules

We added additional adaptive authentication policy rules to help you further secure your applications and customers. These rules provide you with tools to determine the risk level of a login or registration attempt and define an appropriate action depending on that risk.
In Prague we have added the ability to block, require a second factor (step up), or allow access with no second factor (step down) based on and IP address range and a geo-location.

Customer journey improvements

Security and usability are not mutually exclusive. You can have your cake AND eat it too. Here is how we’ve made your customer’s experience better
Domain-bound passcode tokens in text messages
We’ve updated our standard text message templates to include domain-bound passcode tokens. This helps ensure that passcodes from text messages are available for autofill on all devices that support this.
Date picker options
Not all date input methods are alike. Some are better for picking a recent date and other are best for entering a known date that is far in advance. Now you can determine the best date input method for the context when setting up an attribute in an identity store. Entering a known date such as a birthdate is now much easier for your customers.

Improvements for you, the brand administrator

Import/export/copy policies

Need to duplicate a policy configuration? Hate copying and pasting? We have you covered. You can now simply duplicate an existing policy and save the configurations you need and change the ones you don’t. You can also export a policy configuration and import it into the same or different Strivacity cluster.

Account activity logs in the account lookup

Looking up a user? Want to know what they’ve been up to? Tired of navigating back and forth between the account activity logs and the account page? Me too. Now you don’t have to. All of the account activity logs associated with a customer are available in a tab right next to the customer’s account information.

Additional account events

In addition to making account events easier to find for customers, we’ve added additional events to give you more information about what is happening when a customer is registering and logging in.
​

Resolved Issues

The following are a list of bugs we fixed that you might be interested in.
Description
Tracking Number
Fixed an issue in Safari where editing the middle of a string in an input field would cause the cursor to jump to the end of the string
STY-2464
Fixed an issue in Safari where required fields were not marked
STY-2462
Updated some error messages to be more clear
STY-2427
Fixed an issue where some account events were not being logged for admin accounts.
STY-2415
Fixed an issue where searching for an account was case sensitive when it really shouldn't be
STY-2414
Fixed an issue where the enrollment count on the dashboard is not updated when authenticators are removed from an account
STY-2401
Fixed an issue where the default admin passowrd reset email is not sent when creating a new cluster
STY-2400
Fixed an issue where changing group assignments were not logged
STY-2399
Fixed an issue in autofill where password managers would not work correctly if the identifier field was configured as "email" or "email or username"
STY-2393
Fixed an issue in Safari where the calendar picker icon would not appear in the date input field
STY-2392
Fixed an issue where iOS was not autofilling passcodes from text messages
STY-2391
Fixed an issue where the location assocaited with a device session was incorrect
STY-2386
Fixed an issue where the "back to login" button was not found on the logout page
STY-2385
Fixed an issue where the Roles filter in the admin account search rendered incorrectly for read-only users
STY-2374
Fixed an issue where an admin account change email had incorrect information
STY-2341
Fixed an issue where soft-token apps were ignoring token lengths
STY-2330
Next - SUPPORT INFORMATION
Raising a Support Ticket
Last modified 4mo ago
Export as PDF
Copy link
Contents
Security updates
Breached password analysis
Multi-factor enrollment at registration and login
Enhanced Adaptive Authentication Policy rules
Customer journey improvements
Improvements for you, the brand administrator
Import/export/copy policies
Account activity logs in the account lookup
Additional account events
Resolved Issues