Versions Compared

Old Version 9

changes.mady.by.user Brian Banet

Saved on

compared with

New Version Current

changes.mady.by.user Brian Banet

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Security and user management functions have been updated and significantly enhanced. <Link to identity mgr docs, migrated users, etc.>

  • Users are now presented with a login page, rather than relying on the browser's authentication prompt.  Users logging in through a 3rd party provider (Okta, Azure) will have provider specific login buttons available to them (Login with Okta).
  • User management functions now launch in their own browser tab.
  • Authentication from 3rd party authentication services, specifically Okta and Azure Active Directory.  These new authentication options provide single sign-on capabilities, in addition to any other authentication security protocols enforced by the provider (MFA, password history retention, etc), using an OAuth2/OpenID Connect login flow.  Account provisioning via SCIM is also supported, allowing for accounts created / provisioned in 3rd party providers to be automatically created in GlobalSearch and added to groups when specified. <LINK TO PROVIDER AUTH DOCS>
  • Groups have been added to the Square 9 user model, allowing for an easier approach to user administration in environments where there are larger numbers of users or when users may change roles frequently.
  • User management tools have been updated to include a new Component (Database, Archive, Search) display.  We believe the original "User" display (which is still the default) is extremely efficient for setting / resetting permissions for a user, collection of like users, or groups.  For modifying existing permissions, or understanding what permissions are set for a specific component, the new view speeds and simplifies administration.
  • To be more consistent with current web standards, Square 9 user accounts now default to using email address as the default user account name.  Customers wishing to maintain current standards, or who otherwise wish to leverage a different username format may still do so.
  • Password complexity can now be enforced by providing a regular expression for Square 9 users.  The default complexity for users now requires that a password must contain 8-20 characters, 1 uppercase, 1 lowercase, 1 digit, and 1 symbol (@#$%).  Cloud customers may request changes of enforcement rules through support, and the administrator can modify the rules in on premise environments.
  • QuickStart now supports the ability to create of Groups, and Groups may be transported in database packages.  When exporting databases with secured groups, it's important to note that users that are members of secured groups will also transfer with the package.
  • Secured/Unsecured User and Group lists can now be filtered, speeding up access to the right accounts when looking to set permissions.
  • A new user database is part of the Square 9 deployment, and should be added to any backup plans (Square9.IdentityManager).  

...