NAV Navbar

Notakey Authentication Server

v4.2.6 (2022-06-01)

  • Fix for API clients management UI
  • Fix for QR test in service view, use auth profiles for this

v4.2.5 (2022-05-10)

  • Add device report CSV export functionality
  • Fix for automatic license renewal

v4.2.4 (2022-04-25)

  • Security improvements for onboarding workflow
  • Documentation update

v4.0.46 (2022-03-24)

  • Ensure authentication request UUID matches signature payload
  • Verify that signing device belongs to auth request approver
  • jQuery JS library updates

v4.0.38 (2022-03-11)

  • Fix bug with built-in administration service onboarding from remote user sources.

v4.0.37 (2022-01-31)

  • Fix service save error in some instances

v4.0.36 (2022-01-19)

  • Simplification of Prometheus metric initialization
  • Update of application webserver Puma
  • Fix Prometheus metrics in clustered mode (WEB_CONCURRENCY > 1)
  • Fix regression in error message to user when user lookup fails in remote repository

v4.0.35 (2022-01-10)

  • Library and framework update
  • Improved authentication and onboarding activity history view
  • Fix ActiveDirectory integration to enforce group membership on every authentication
  • Add option to delete stale external users during user sync
  • Add support for authentication with email address and password for SimpleCredentials onboarding requirement
  • Optimized user lookup when multiple allowed realms are present

v4.0.32 (2021-12-10)

  • Documentation update

v4.0.31 (2021-11-11)

  • New CI build system integration

v4.0.16 (2021-11-06)

  • Automated test improvements

v4.0.13 (2021-11-03)

  • Fixes for Redis and Consul migration tasks

v4.0.12 (2021-10-29)

  • Added application server instance configuration (WEB_CONCURRENCY)
  • Optimized license seat accounting

v4.0.11 (2021-09-29)

  • Added link to license self-service
  • Added configurable limit for Consul KV connections (CONSUL_MAX_CONNECTIONS)
  • Improved license renewal and subscription support
  • Redis connection pool configuration (REDIS_CACHE_MAX_CONNECTIONS, REDIS_MAX_CONNECTIONS)
  • Improved license renewal and subscription support

v4.0.10 (2021-08-24)

  • Schema migration fixes

v4.0.9 (2021-08-18)

  • Various operational metrics now available via stats-agent service
  • Service domain configuration in admin UI
  • Fixed issues with KV store migration in multinode clusters

v4.0.8 (2021-07-16)

  • Redis persistence support
  • Framework and integration library update
  • Performance improvements for large datasets, fixes ussues with lots of users
  • Pagination support on service user view
  • Improved user search and display
  • Option to disable simplified username lookup feature per service
  • Migration to a new Key-Value schema version, migration occurs during first instance launch

v4.0.2 (2021-06-18)

  • Redis persistence support
  • Framework and integration library update

v3.2.2 (2021-06-16)

  • Fix bug affecting LDAP user sources

v3.2.1 (2021-05-13)

  • Active Directory integration improvements, support for AD user UAC flags
  • Active Directory and LDAP user source server address failover support
  • Support for Active Directory and LDAP user source server name TLS certificate match ignore
  • Cluster status page showing cluster details
  • Various OIDC IdP improvements: logout, session expiry control, auth factor configuration

v3.1.3 (2021-04-30)

  • Active Directory integration improvements
  • Cluster status page showing cluster details

v3.1.2 (2021-04-13)

  • OpenID Connect service compatability improvements with .NET libraries
  • Fix for signed payload verification containing multiple text lines
  • Fixed regression in service configuration flag update

v3.1.1 (2021-03-02)

  • OpenID Connect implicit authentication flow suppport for onboarding
  • OpenID Connect onboarding requirement configuration form improvements

v3.1.0 (2020-12-28)

  • Support for OpenID Connect Identity Provider
  • Certificate generation improvements
  • Support for key security requirement change
  • Service publish state support
  • Custom service ordering support in mobile client
  • Onboarded device certificate inspection support

v2.24.0 (2020-10-29)

  • API improvements
  • Dependency update
  • Fixed issue with log archiving when OpenID onboarding is enabled

v2.23.6 (2020-10-13)

  • API authentication dependency update
  • Improved client for load and integration tests

v2.23.5 (2020-09-01)

  • Fix URL for public QR code display
  • Fix URL for pre-approval time request

v2.23.4 (2020-09-01)

  • Key value store relational model improvements

v2.23.3 (2020-08-12)

  • Various Open ID Connect onboarding improvements

v2.23.2 (2020-07-22)

  • Add API credential management to admin UI
  • Add security team management to UI

v2.23.1 (2020-07-20)

  • Add support for license automatic renewal after expiry
  • Use onboarding link in first run wizard

v2.23.0 (2020-06-30)

  • Support for automatic API endpoint registration
  • Separated configurations for SERVICE_FQDN and AUTH_DOMAIN
  • Fixed proxy issue with messenger client

v2.22.0 (2020-06-05)

  • Redis global cache support
  • Build system changes
  • Tagged builds with build date and other VCS labels
  • Added support for administration dashboard users to be authenticated against remote user sources
  • Remote users cannot be disabled locally
  • Removed misleading “Last update” from home view

v2.21.3 (2020-06-05)

  • Build system changes
  • Tagged builds with build date and other VCS labels
  • Added support for administration dashboard users to be authenticated against remote user sources
  • Remote users cannot be disabled locally
  • Removed misleading “Last update” from home view

v2.21.2 (2020-06-04)

  • Build system changes
  • Tagged builds with build date and other VCS labels
  • Added support for administration dashboard users to be authenticated against remote user sources
  • Remote users cannot be disabled locally
  • Removed misleading “Last update” from home view

v2.21.0 (2020-05-27)

  • Improved caching strategy for all elements
  • Fixed second factor requirement change to be immediate

v2.20.2 (2020-05-14)

  • Add support for user groups / user tagging features
  • Fixed bug with CSV user import when mixed user repositories are used (external and local)
  • Application framework update
  • Add sync feature for external service users

v2.19.5 (2020-05-13)

  • Fix error during onboarding when onboarding request is missing (due to retention)
  • Increase default thread count for application server
  • Add application load statistics interface

v2.19.3 (2020-03-23)

  • Added biometry check option when configuring authentication profile
  • Fixed bug with auth request generation from auth profile

v2.19.2 (2020-02-10)

  • Add optional custom filter for LDAP usersource engine

v2.19.1 (2020-02-07)

  • Allow partial username instead of full UPN for approval time requests

v2.19.0 (2020-02-07)

  • SMS codes now can be copied in both iOS and Android
  • Support for view level access to services
  • Global team configuration in managent UI
  • Messenger service client improvements
  • Configurable timeout for messenger client
  • Visual improvements for time request and onboarding views
  • Admin session inactivity timeout now configurable
  • Rewrite for password change to allow changing password without root service access
  • Base image update to latest alpine linux (maintenance lifecycle)
  • Application framework update (maintenance lifecycle)
  • Additional licence fields in NAS user report
  • Approver policy now can have multiple approvers
  • Fixed bug in user import from CSV

v2.18.1 (2020-01-27)

  • SMS codes now can be copied in both iOS and Android
  • Support for view level access to services
  • Global team configuration in managent UI
  • Messenger service client improvements
  • Configurable timeout for messenger client
  • Visual improvements for time request and onboarding views
  • Admin session inactivity timeout now configurable
  • Rewrite for password change to allow changing password without root service access
  • Base image update to latest alpine linux (maintenance lifecycle)
  • Application framework update (maintenance lifecycle)
  • Additional licence fields in NAS user report
  • Approver policy now can have multiple approvers
  • Fixed bug in user import from CSV

v2.17.0 (2019-12-19)

  • Show configured auth domain in setup wizard
  • Require password confirmation for initial setup
  • Documentation update
  • Full CRUD operation on service users
  • Simplified device and user discovery over API based on signature fingerprint
  • Error notification in authentication profiles
  • On error event callbacks in authentication profiles
  • Auth request cancellation API method

v2.16.9 (2019-11-05)

  • Added autentication profile functionality

v2.16.8 (2019-09-25)

  • Fixed minor edge case where querying auth request returns HTTP status 500

v2.16.7 (2019-09-23)

  • Admin access recovery from CLI
  • Log archiving fixes
  • Initial setup from CLI

v2.16.6 (2019-09-11)

  • Added support for special biometric auth request category

v2.16.5 (2019-09-11)

  • Bugfix for onboarding requirements configuration

v2.16.4 (2019-09-03)

  • Biometry authentication support in API and management UI
  • Visual improvements for onboarding and authentication flow views

v2.16.3 (2019-08-20)

  • API worker mode bugfix

v2.16.0 (2019-08-16)

  • LDAP user source improvements, realm validation and attribute mapping
  • Application role configuration support (worker, management)
  • Validate logo presence on new service creation

v2.15.1 (2019-06-19)

  • Fix bug with missing version information
  • Fix bundled API documentation formatting and add scope information for API calls

v2.15.0 (2019-06-18)

  • Support for optional WhatsApp number verification instead of SMS

v2.14.14 (2019-06-17)

  • Fix state sync bug when using multiple devices to approve auth requests

v2.14.13 (2019-06-07)

  • Users page in each service now has a function to send generic notification or SMS to all onboarded users.
  • API method to send generic notification or SMS to single user, requires urn:notakey:notify scope.
  • Fixed bug where COUNTRY_PREFIX configuration option would be ignored during onboarding when user has mobile number in national format, without country prefix.

v2.14.12 (2019-05-20)

  • CLI reporting functionality

v2.14.11 (2019-05-17)

  • Do not allow invalid token publishing
  • Shorten default API client ID

v2.14.10 (2019-04-15)

  • Device telemetry support
  • Visual improvements

v2.14.9 (2019-04-04)

  • Support for relaxed device onboarding
  • Max device limit can be specified globally per service

v2.14.8 (2019-03-26)

  • Logrotate bugfix

v2.14.7 (2019-02-23)

  • Fix send test notification
  • Show formatted dates in user details
  • Add user license detail panel
  • Add some more attributes for application user display
  • Disable attribute editing for external users
  • Add none selected translation for approver policy
  • Allow setting and unsetting approver without any warning messages

v2.14.6 (2019-02-20)

  • Fix syslog configuration save bug
  • Support for Active Directory TLS port configuration

v2.14.5 (2019-01-31)

Docker image: notakey/dashboard:2.14.5

  • Fixes broken device discovery due to broken indexes

v2.14.4 (2019-01-28)

Docker image: notakey/dashboard:2.14.4

  • Documentation fixes
  • Data migration for index and sequences fixed

v2.14.3 (2018-12-10)

Docker image: notakey/dashboard:2.14.3

  • Do not wait for push nofification processing
  • Fix favicon
  • QR code domain configuration support
  • Callback URL bug fix
  • Improved CSV support
  • Documentation improvements

v2.14.2 (2018-11-06)

Docker image: notakey/dashboard:2.14.2

  • M2M API fore encryption key registration
  • Callback support in AuthRequests
  • Service provider state param support in AuthRequests
  • QR code optimisations

v2.14.1 (2018-10-26)

Docker image: notakey/dashboard:2.14.1

  • M2M API authentication enhancements
  • Support for user disable / enable from API and GUI
  • Support for additional user management API calls
  • Admin user management improvements

v2.13.5 (2018-08-03)

Docker image: notakey/dashboard:2.13.5

  • Speed improvements for auth request generation

v2.13.4 (2018-07-24)

Docker image: notakey/dashboard:2.13.4

Bug fixes

  • Improved audit log cleanup
  • Compatability with old windows CP clients

v2.13.3 (2018-07-17)

Docker image: notakey/dashboard:2.13.3

Bug fixes

  • Fixed audit logging for administration sessions

v2.14.0 (2018-07-12)

Docker image: notakey/dashboard:2.14.0

  • M2M API authentication enhancements
  • Support for user disable / enable from API and GUI
  • Support for additional user management API calls

v2.13.2 (2018-07-12)

Docker image: notakey/dashboard:2.13.2

Bug fixes

  • Fixed authentication requests using UPN
  • Fixed indexing issue with application users
  • Fixed healthcheck throwing app out of service due load increases

v2.13.1 (2018-01-04)

Docker image: notakey/dashboard:2.13.1

Bug fixes

  • Fixed issue when ActiveDirectory GUID would not be properly decoded.

v2.13.0 (2017-11-13)

Docker image: notakey/dashboard:2.13.0

Features

  • Can now see active licence count
  • Improved logger output

Bug fixes

  • Fixed cases when appliance incorrectly determined cluster having a leader.

v2.12.0 (2017-10-23)

Docker image: notakey/dashboard:2.12.0

Features

  • Introducing Authentication Server application. This is a special type of application which has these characteristics:
    • It is used for Notakey Authentication Server onboarding.
    • Allows enforcing 2FA authentication for administrators.
    • Allows NAS administrator management.

v2.11.0 (2017-10-17)

Docker image: notakey/dashboard:2.11.0

Features

  • Added CORS support for our API.
  • User device API endpoint now returns associated public key.

v2.10.0 (2017-10-13)

Docker image: notakey/dashboard:2.10.0

Features

  • Onboarding and service pinning can now be performed using a QR code.
  • Added confirmation dialogs on any destructive action, such as removing an application.

Tasks

  • Updated Ruby and Ruby on Rails versions to mitigate newly discovered security vulnerabilities.

v2.9.0 (2017-09-29)

Docker image: notakey/dashboard:2.9.0

Features

  • Added security level to application. This option determines wether a user needs PIN/Fingerprint on their devices or not.
  • Added expiring appliance licence notifications
  • Omitting health-check requests in logs, making them less verbose

v2.8.5 (2017-09-19)

Docker image: notakey/dashboard:2.8.5

Bug fixes

  • Fixed auth request signature validation containing UTF-8 characters.

v2.8.4 (2017-09-04)

Docker image: notakey/dashboard:2.8.4

Bug fixes

  • Fixed race condition when rendering side navigation from multiple threads.

v2.8.3 (2017-08-30)

Docker image: notakey/dashboard:2.8.3

Bug fixes

  • Fixed “Users pending manual approval” being hidden for non-root users.

v2.8.2 (2017-08-16)

Docker image: notakey/dashboard:2.8.2

Bug fixes

  • Fixed signature validation when missing application logos
  • Fixed permission issue when viewing created user sources

v2.8.1 (2017-07-20)

Docker image: notakey/dashboard:2.8.1

New Features

  • Added application user table sorting and filtering

Bug fixes

  • Fix time zone configuration.

v2.8.0 (2017-07-14)

Docker image: notakey/dashboard:2.8.0

There are cases when access to a particular system should not be granted permanently or independently. Multi-user approval provides a solution by allowing to configure an approver for an employee.

New Features

Introducing two new policies regarding multi-user approval: - Immediate approval - each request to an application must be immediately approved by manager (approver). - Pre-approval - user requests access to an application for a specified period of time.

v2.7.1 (2017-06-07)

Docker image: notakey/dashboard:2.7.1

Bug fixes

  • Fixed missing navigation icons and favicon.

v2.7.0 (2017-06-06)

Docker image: notakey/dashboard:2.7.0

New Features

  • Added a new health check parameter to ensure node is operational.
  • Now when user changes password, old password must be entered for confirmation.

Misc. Improvements

  • Improve frontend in offline mode by removing assets stored in remote CDN’s.

v2.6.0 (2017-05-29)

Notakey now supports user onboarding through LDAP user source.

Docker image: notakey/dashboard:2.6.0

New Features

  • Added an option to specify LDAP as a user source.

v2.5.0 (2017-05-22)

Notakey appliance supports HTTP proxy

Docker image: notakey/dashboard:2.5.0

New Features

  • Administrators can now set HTTP proxy settings.
  • System uses default port for rsyslog endpoint.

v2.4.0 (2017-05-10)

Notakey appliance now supports Openid Connect onboarding

Docker image: notakey/dashboard:2.4.0

New Features

  • Users can now be onboarded using Openid Connect.

v2.3.0 (2017-05-03)

Extending Rsyslog functionality

Docker image: notakey/dashboard:2.3.0

New Features

  • Administrator can now set appropriate facility for rsyslog endpoint.

v2.2.0 (2017-05-02)

Introducing Remote syslog integration.

Docker image: notakey/dashboard:2.2.0

New Features

  • Administrator can now set Rsyslog endpoint to receive real-time audit events.

v2.1.0 (2017-04-25)

We are pleased to announce a multi-node deployment focused version of the Notakey Authentication Server.

Docker image: notakey/dashboard:2.1.0

New Features

  • if a multi-node cluster is in a read-only state, then authentication requests can now be created in-memory (on the specific node, which received the API request)
  • administrators can now change their passwords via the web-based user-interface (in the user profile section)

Misc. Improvements

  • usernames are no longer case-sensitive
  • reduced system boot time by a factor of 10

Bug Fixes

  • fixed a bug where application logos would not be rendered
  • the healtcheck endpoint would not work at all, if a multi-node cluster was in a read-only mode
  • when sending POST requests to /api/v2/auth_request, the ttl_seconds parameter would not be parsed properly, and cause an error

v2.0.22 (2017-04-06)

v2.0.21 -> v2.0.22 (2017-03-29)
  • Allow authentication when consul cluster is in read-only mode.

v2.0.21 (2017-03-16)

2.0.21

  • added session timeout for dashboard admin users (the session will time out after 10 minutes of inactivity)
  • internal: rails framework update to 5.0.2
  • bugfix: side navigation was cached based on URL, and sometimes displayed incorrect application list
  • ui: removed performance counter from the top-left corner of each page
  • bugfix: onboarding requirements were incorrectly serialized in a few corner cases

v2.0.20 (2017-03-06)

v2.0.19 -> v2.0.20 (2017-03-06)
  • Implement TTL for AuthFlow and OnboardingFlow

v2.0.19 (2017-03-02)

v2.0.18 -> v2.0.19 (2017-03-02)
  • Dashboard now displays Onboarding and Authorization activities under every Application.
  • Added ability to reset onboarding process from “Onboarding activities”

v2.0.18 (2017-02-21)

v2.0.17 -> v2.0.18 (2017-02-21)
  • Clear onboarding request on failed user device creation.

v2.0.17 (2017-02-16)

v2.0.16 -> v2.0.17 (2017-02-16)
  • Fix SMS onboarding workflow

v2.0.16 (2017-02-16)

v2.0.15 -> v2.0.16 (2017-02-16)
  • Enable SMS onboarding in production

v2.0.15 (2017-02-16)

v2.0.14 -> v2.0.15 (2017-02-16)
  • Fixed test notification from user’s dashboard

v2.0.14 (2017-02-15)

v2.0.13 -> v2.0.14 (2017-02-15)
  • Added ability to edit application user attributes

v2.0.13 (2017-02-14)

v2.0.12 -> v2.0.13 (2017-02-14)
  • Fixed an issue when max user device validation would fail when saving single device.

v2.0.12 (2017-02-14)

v2.0.11 -> v2.0.12 (2017-02-14)
  • Fixed onboarding device list removal button styling issue

v2.0.11 (2017-02-14)

v2.0.10 -> v2.0.11 (2017-02-14)
  • Added ability to remove onboarded devices from “Application User” view.

v2.0.10 (2017-02-13)

v2.0.9 -> v2.0.10 (2017-02-13)
  • Implemented SMS onboarding
    • Validates user’s phone number and adds missing country code

v2.0.9 (2017-02-08)

v2.0.8 -> v2.0.9 (2017-02-08)
  • Application user can now be found regardless of username’s case
  • Improved branding logo quality
  • Solved an issue when dashboard’s API incorrectly tried to validate an expired authentication request
  • Implemented SMS onboarding
    • Validates user’s phone number and adds missing country code
    • Send SMS using messenger service
    • Can set allowed number of devices for each user