Release 2024.07.0 - What's New?

New Feature and Notable Enhancements

Password Vaulting

Building upon the Form Fill Application SSO experience, Password Vaulting will expand the type and number of applications that can now have single click log in flow. Including a wider variety of attributes that can be passed through for an Application, the Password Vault can capture unique credentials provided by a user. All Users who log into RapidIdentity will be able to take advantage of this new feature, from Teachers and Students to Guardians!

Utilization of this feature will begin with Administrators creating Password Vault applications, deploying the new Password Vault Extension, and Users managing their credentials within their Password Vault. Let’s take a quick look at how these workflows will look in your RapidIdentity Tenant.

Building Applications and Managing Password Vault for Users: Administrator View

Administrators who currently have permission to create new applications in RapidIdentity will see a new option for SSO in the Type dropdown menu.

Selecting ‘Password Vault’ will open a configuration screen to configure the type of attribute that will be used by the application to facilitate a single sign on experience for the user.

The Username Format option determines the format that the Password Vault Extension will be expecting for this application. The options available are below:

If an option with ‘Domain’ is selected, it will be populated into the next field. If a Domain is not needed, that field will be able to be left empty.

The Username Source identifies the specific attribute/value that will be used as the Username for this application. Selecting the ‘User Provided’ option will provide the User with the ability to have their unique credentials captured by the Password Vault Extension on their first log in, so they do not have to be provided more than once.

The same rules apply when selecting an option from the ‘Password Source’ dropdown menu.

Once all options are configured, an Administrator will be able to review and modify these settings from the Application Module.

Administrators will also be able to view a User’s Password Vault via Delegations. When the action ‘Manage Password Vault’ is added to a Delegation, that will provide a mechanism for an Administrator to review and reset the credentials for a specific application in a User’s Password Vault. The option will appear in the Kabob/Right Click menu, as seen below:

The selected User’s Password Vault will open in a sidebar menu, where it can be managed.

For more details on the Administrator’s Configuration Options, Visibility, and Password Vault in general, please review the following Help Documents:

• Creating Applications with Password Vaults

Password Vault Access: GO! View

Password Vault Applications that are assigned via Personas will be visible in the GO! View. To view the Password Vault in the GO! View, click on the Profile Icon and select ‘Profile’ from the dropdown menu.

In the Profile Modal, you will now see the Password Vault in the menu on the left side.

This list will include all of the applications assigned to this user that have a Password Vault Configured. The Status icon displayed signifies if the applications has successfully launched/captured credentials (green check), or if the application does not have saved credentials currently (red dash). Clicking on the application in the list will provide details and management options. For further details, please review this support article.

Password Vault Access: Classic View

Users of the Classic View will also be able to view their Password Vault from the Profile Menu. Users will now see ‘Manage Password Vault’ in the Profile Dropdown.

Once selected, a side menu will appear that contains a list of all of the applications assigned to the user that has a Password Vault configured.

Clicking on an application will provide the user with the options to manage those credentials. For more details regarding the options available for management of credentials, please review the help articles found listed below:

• Creating Applications with Password Vaults

• Managing the Password Vault as an Administrator

• Using the Password Vault in GO! View

• Using the Password Vault in Classic View

Claim Account Security Enhancement

To mitigate the risk of dictionary attacks against the Claim Account Process, RapidIdentity Cloud has been updated with an exponential time delay between claim attempts with incorrect responses to claim challenges (unsuccessful claim attempts) for the same account. The backoff occurs on the submission of invalid responses to any of the claim challenges by artificially delaying the response to the calling page exponentially.

The backoff delay resets automatically after sufficient time has passed following the last failed claim attempt and is based on the user’s IP address. Once triggered, all invalid claim attempts from the same IP address will be subject to the backoff delayed for up to 59 seconds.

Login Page Accessibility Updates

The RapidIdentity Login Page, the IdP Web Template, has several accessibility enhancements designed to make navigation for visually impaired users easier and more intuitive including new and enhanced announcements for screen readers, increased contrast on interactive elements and improved keyboard navigations.