Release Notes Archive
December 13, 2022
Back-end update
mAccess SDK: Update of the APNS in FCM notifications mechanism
Windows Logon connector: deleting a connector removes linked workstations in order to avoid duplicate workstation issue
December 6, 2022
mAccess SDK
Update of the APNS in FCM notifications mechanism - Rollbacked
November 30, 2022
inWebo Windows Logon 1.3
inWebo Windows Logon allows a user to open a Windows session using a mobile Authenticator app (more information)
November 29, 2022
mAccess SDK
Adding a dedicated entry for APNS in FCM notifications
November 14, 2022
Authenticator 6.22.1 for Android and iOS
Windows Logon: new menu My Workstations for revealing scratch codes when the workstation is offline
Fix of an issue that could cause a desync of dynamic keys during the application upgrade
Fix of an issue that prevented the automated fulfillment of the activation code with an activation link (deep linking)
Fix of a Spanish language translation
Fix of a cosmetic issue on the notification icon on Android
Fix of a display issue that could prevent to close an “unlock device” screen
November 3, 2022
Platform Update
Console V2: fix of a scratch code display issue for Windows Logon
SAML connector: change of wording about notifications sent to Authenticator instead of “your mobile device”
mAccess SDK for iOS: removal of the “content-available” value for FCM notifications
October 26, 2022
iOS SDK
New SDK for iOS with Swift code samples, integration guide and reference documentation.
October 17, 2022
IWDS 2.5
Special characters are authorized in user first name and name
October 10, 2022
Authenticator 6.22 for Windows
Security Fix
Fix of an issue that could cause a desync of dynamic keys during the application upgrade
Authenticator 6.22 for MacOS
Security Fix
Fixed an issue that could cause a desync of dynamic keys during the application upgrade
Fixed an issue that prevented the app to relaunch after being closed
October 6, 2022
Platform Release
Windows Logon: new feature to open a Windows session with MFA while online or offline
Admin Console V1, Admin Console V2, SOAP API, REST API: special characters are authorized in user first name and name
Radius Connector: fix of an issue with forbidden IP addresses
mAccess SDK: Fix of an issue that caused the validation of an otp generated by Authenticator or mAccess Web to fail during a pending mAccess authentication
OIDC/Azure AD connectors: removal of redundant links in page VA
Virtual Authenticator (VA): fixed a usability issue that prevented navigating with keyboard when activating a device or when authenticating
September 21, 2022
HotFix: Admin Console
update of the Radius Server IP address information displayed when creating a radius connector
update of the behavior when editing a user with special characters in name and first name fields
September 13, 2022
Platform Release
Console V2
Fix of an issue that caused customer properties not to be saved
Simplified theme customization page
New page: Settings, User Journey. Definition of parameters for an upcoming feature, no impact on existing services.
A confirmation is added when deleting multiple users
Addition of three missing rights in role managements
Cosmetic updates
OIDC and Azure AD connectors
“mAccess web” page, better handling of error messages
“VA” page: Direct push notification; users do not need to click on “Send” any more
Addition of a margin around the center zone for compatibility with Graphical Theme Customization
Helium: Fix of an issue that caused the default device name to be “Chrome” when activating a new Edge browser
mAccess Web - See mAccess WEB version 3.13.0
addition of a new mode for running the lib in the same domain, without iframe, so the enrollment data are considered primary and not third-party data.
fix of an issue that prevented helium backup from saving the enrollment data
mAccess: Fix of an issue that prevented iOS devices to receive notifications via Firebase
August 11, 2022
Platform Release
Admin console V1: filtering incorrect IP addresses in Radius connectors.
mAccess Web: fixed unwanted behavior when changing password with mAccess Web.
August 9, 2022
mAccess SDK - lib 0.2.19
Fixed Firebase ID encoding which could generate errors when sending push notifications.
August 3, 2022
Android SDK
Redesign of the SDK for Android (Java): new code samples and new documentation
August 2, 2022
Authenticator 6.20.1 for Android
Rollbacking previous version 6.20.0 that could cause some random desync issues
July 26, 2022
Platform Update
Admin console V1: update to accept special characters in the certificate password for iOS notifications
Virtual Authenticator: Fix of an issue that caused the default device name to be “Chrome” when activating a new Edge browser
June 30, 2022
Platform Update
Activation of a new feature Theme Customization visible in the admin console V2 (more information)
Admin Console V1: Fixed an issue that caused usage reports to show incorrect information about expired users
June 28, 2022
Authenticator 6.20 for Windows
Fixed a issue that caused an incorrect notification title
Fixed an issue with the installation of the certificate used to authenticate to the Admin Console V2
Security Fix
Authenticator 6.20 for Android
Fixed the appearance of the push notification icon
Minor cosmetic improvements
June 23, 2022
mAccess SDK - lib 0.2.18
Update to support Apple M1 chip
June 16, 2022
Platform Release
Admin Console V2
Fixed an issue that prevented from editing roles created with Console V1
Fixed an issue that prevented the sending of a credential reset e-mail
Modified the default sorting of the logs
Various fixes
May 24, 2022
Platform Update
Admin Console V2:
adding the feature to send activation and new devices emails
adding creation and management of OIDC and Azure AD connectors
OIDC and Azure AD connectors: direct push when using the “Authenticator” page
SOAP API: fixed an issue that caused a reset of credentials after deletion of mAccess devices
SAML connector Security Fix
May 5, 2022
Platform Update
Backend update for Windows Logon feature
OIDC connector: Fixed an issue with login_hint that blocked IDP-initiated mode
Virtual Authenticator: does not propose to register the pin any more
Virtual Authenticator: Fixed wrong text in Spanish
Admin Console V2
Fixed sorting of last connections list
Fixed an issue when canceling the edition of a role
Cosmetic updates in user details page
April 1, 2022
Authenticator 6.19.3 for Windows
New “full offline” mode for using Authenticator to open the network connection
Fixed a keyboard input issue on touch screen PCs
Fixed an issue that could cause a loss of accounts when upgrading from 6.14
Fixed an issue that showed a white page after the deletion of the current device
March 31, 2022
Security Fix
Enforcing Helium blocking in a standard service
March 29, 2022
Platform update
SOAP API: Fixed an issue that prevented to delete a user device of mAccess type via the console
Back-end update preparatory for future features not yet active
March 21, 2022
Authenticator for macOS 6.19
Fixed an incorrect behavior on application closure
March 10, 2022
mAccess SDK - lib 0.2.17
new method unsetAllBiokeys to reset user biokeys on all devices (see “mAccess SDK - Unset biometric keys“)
Security Fix
Fix of a security issue related to the SAML connector
February 14, 2022
Authenticator 6.19 for iOS, Android
Android, iOS: New activation link with pre-filled input of activation code (see “Customizing email templates”)
iOS: fixed an issue that caused a white page at relaunch
iOS: fixed an incorrect color for the input field underline
February 10, 2022
Platform update
Back-end update for new mAccess SDK feature unsetAllBiokeys
Azure AD connector: fixed an issue with Send button alignment
Admin console: Firebase parameters application package name and collapse key are not mandatory any more
February 3, 2022
Platform update (rollbacked)
Back-end update for new mAccess SDK feature unsetAllBiokeys
Azure AD connector: fixed an issue with Send button alignment
January 28, 2022
LDAP Proxy 1.6.1
New parameter ldap.proxy.max.simultaneous.push for managing parallelization
January 25, 2022
IWDS 2.4
Multi-source: each instance of IWDS can define a provisioningId. Default is 1. (more information)
Update for Log4j vulnerability
Account deletion limit parameter (default 25) is applied to GUI in addition to command-line mode (more information)
Interface rebranded with current inWebo logo
Alternative login is renamed login2 in the interface
Fixed an issue that caused unnecessary sync of the entire user list
Update to support Java Runtime Environment (JRE) from version 8 and higher
Fixed an issue with the result file that did not show login2
Updated IWDS user agent to provide version, Java version and system
Fixed help broken link
Fixed an issue with the data source test
January 14, 2022
Authenticator 6.18 for Windows
Fix of an incorrect message “no network access” that was displayed instead of other error messages
Fixed an issue with displaying a long activation code in the input field
Security Fix: new encryption mechanism for temporary local data
January 11, 2022
Authenticator 6.17 for Android and iOS
The application in background is blank in order to prevent from viewing an OTP
Fixed an issue with the agreement text that was not fully displayed after a first installation
Fixed an issue that caused Authenticator to propose biometrics instead of PIN for offline OTP generation
Fixed an issue that prevented to clear the pinpad input field
Fixed an issue that caused the pinpad to be cut when the screen is 4.7 inches or smaller
Fixed incorrect messages “no network access” that were displayed instead of other error message
Added a vertical scroll when a context information makes the pinpad page higher than some small screens
December 16, 2021
Platform Update (Front-end and Back-end)
Admin console
Fixed an issue that prevented from deleting a host in the Radius push connector
Admin console V2
Fix of an issue that prevented to export weekly and monthly audit data
Cosmetic update in the user details page
Audit: addition of tool, version and platform information in line details
API
SOAP: new api loginCreateBySource for provisioning users with multiple sources
REST: added provisioningId to account creation
Connectors
Azure AD: fix of a display issue that prevented to view the activation code input field with IE11
December 10, 2021
HotFix
Virtual Authenticator: Fixed a compatibility issue with IE10 and IE11
December 2, 2021
Platform Update (Front-end and Back-end)
Admin console
New parameter for Authenticator full offline mode
Fixed an issue with the sandbox mode of APNS notification parameters
Fixed an issue with the graphical representation of the push status in the device list
Fixed an issue when editing alerts recipients
New admin console (now V2)
Added a version number Admin console V2 for clarity
Improvement of the user details page
Fixed an issue when exporting large volume of users
Adding user filter by activation status
API token management: adding management of expiration date and description field
Connectors
OIDC: fixed an issue with discovery URL when using scopes
Back-end
REST API: addition of provisioningID in account creation, will be used for managing multiple provisioning sources
Front-end
Fixed an issue with the Validation button when enrolling Virtual Authenticator
November 18, 2021
Platform Update (Front-end and Back-end)
Admin console
Adding a parameter for OTP full offline mode in Authenticator
Minor cosmetic updates
New admin console
UX: improving lists and menus
API Token management: adding expiration date and last used date
Connectors
Support of push scenario from a web page without local storage
OIDC: adding token validity period
OIDC: adding profile and email scopes in connector
Back-end
Update for supporting the OTP full offline mode in Authenticator
mAccess SDK
Support of biokey in mobile SDK library
November 15, 2021
Authenticator 6.15 for Android and iOS
Improved the data synchronization when an enrolled account is deleted by the administrator
Fixed an issue that prevented a user to rename a device
Fixed an issue that can cause a crash after two consecutive notifications when using biometrics
Adding the push notification status in the About page
Fixed missing translations in My Account, antiphishing page
Minor cosmetic updates
October 14, 2021
Platform Update (Front-end and Back-end)
Admin console
Fixed an issue selecting the OTP format when creating a service
Fixed an issue that prevented from creating a new group when 70 groups already exist
New URLs for primary and secondary Radius servers
New Admin Console
Improved design for menus and lists
New customizable expiration date when creating an API Token
REST API
Fixed an issue that prevented the creation of a long activation code
Connectors
OIDC with mAccess Web page: fixed an issue displaying redundant links when enrolling
OIDC with mAccess Web page: fixed an issue with missing PIN field during authentication
Azure AD with VA: fixed an issue with links overwriting text when activating Virtual Authenticator
October 4, 2021
HotFix
Back-end update
Fixed an issue that caused desync of Authenticator in offline mode
September 29, 2021
LDAP Proxy 1.6
Optimization of the send notification mechanism
Adding an optional Heartbeat to detect network failures
New parameters to optimize HTTPS API communications
Adding TLS 1.2
September 23, 2021
Platform Update (Front-end and Back-end)
Admin console: the user field ‘alternative login’ is renamed ‘login2’
REST API: fixes an issue on Get account
New Admin Console improvements
Fixes an issue that prevented to authenticate with Authenticator Desktop
Addition of the notification status for a device
Fixes an issue with Graphs
Cosmetic updates
September 20, 2021
Authenticator 6.14.5 for Windows
Security Fix
August 26, 2021
Platform Update (Front-end and Back-end)
Azure AD Connector: Fix of an issue that caused some links to be incorrectly displayed
mAccess SDK: Fix of an issue where the message returned on maximum number of tools reached was wrong
Authenticator 6: Offline mode. Fix of an issue where the counter of wrong code pin attempts was not properly reset
New Admin Console improvements
Adding user custom properties and devices dates in the user details
Adding API Token management: list of existing Token, with information about creator, creation date and validity date, revocation feature
Export Users: fields are now similar to current console
Various minor fixes
August 24, 2021
mAccess SDK 0.2.16
Better handling of concurrent OTP with error ERR_CONCURRENCY
Fix of an issue on OnlineSeal in a service without PIN
Improvement of error messages in case of desync: use of ERR_DESYNCHRONIZED
Fix of a compatibility issue when upgrading to 0.2.15
August 19, 2021
Authenticator 6.14.4 on iOS
Fix of a pinpad size issue on iphone SE
July 29, 2021
Platform Update (Front-end and Back-end)
mAccess SDK: fixed an issue with error code when the maximum number of devices is reached
Azure AD connector: cosmetic update about clickable links
New console: cosmetic updates in user management
July 22, 2021
Platform Update (Front-end and Back-end)
New admin console now includes User and Group management features
Fixed an issue when restoring a user that did not remove existing devices
API REST: fixed an issue that prevented creating a group policy with maxDevices=0 (unlimited)
July 12, 2021
Authenticator 6.14.3 for Windows
Cosmetic update in the push notification message screen
July 1, 2021
Authenticator 6.14 for Windows
Redesigned pinpad screen: simplified layout, more reactive buttons
Addition of shortcut “I forgot my PIN”
Fix of an issue with offline mode
Fix of an issue with multiple notifications
Application automatically reduces in systray after a push authentication
Fix of a remaining spinner after generating an OTP
June 28, 2021
Authenticator 6.14 for Android and iOS
Redesigned pinpad screen
Simplified layout, more reactive buttons
Buttons are closer to the bottom of the screen for easier access on mobile
Addition of a shortcut “I forgot my PIN”
New behavior for improved user experience after authenticating via push notification: Home button on iOS, Close button on Android
Fix of a remaining spinner after generating an OTP
Fix of a scroll issue in the privacy policy acknowledgement screen
and other minor cosmetic fixes and improvements. More details.
June 24, 2021
Back-end update
SOAP API: fixed an issue that could cause activation codes to be inactive in specific cases
OIDC connector: fixed an issue that caused a loss of enrollment when using mAccess Web page with Safari
June 17, 2021
REST API
Fixed issue that allowed more than one device activation code active at the same time
Fixed issue that could allow groups with the same name
June 11, 2021
inWebo Directory Sync (IWDS) 2.1.17
Sync of new field “alternative login”
June 3, 2021
Back-end and Front-end update
Browser token: minor interface improvements
Azure AD connector: minor cosmetic enhancements
OIDC connector: idp-initiated mode, enrollment with code provided by the Service Provider, new discovery URL field, other minor fixes
Admin console: improvement of online help and APNS notification parameters
New inWebo Console (in Preview): audit filters by event category, export of full month log archive at the end of the month
Radius Connector: improvement of load management in Radius Push mode
and other minor fixes and improvements.
May 12, 2021
OIDC connector Fix
Addition of error codes
April 15, 2021
Azure AD connector
Fix of an issue in loading Virtual Authenticator when connecting to Microsoft apps in local client mode
OIDC & Azure AD connectors
Authentication pages and browser tokens now share the same url
New inWebo Console (in Preview)
Now includes API token generator feature
Fix selection issues when filtering on date
Minor cosmetic enhancements
March 29, 2021
Front-end and back-end update
Updates to support Apple APNs (push notifications) changes and to allow configuration of iOS mAccess based application
March 11, 2021
Azure AD connector
Fixing issues when connecting to Microsoft applications in local client mode:
When displaying Virtual Authenticator, the alternative options were not visible at the bottom of the window
Wrong redirection after activation of Virtual Authenticator
And other minor enhancements.
March 4, 2021
Back-end update
REST API: new field activationState to retrieve account status
SOAP API: Fix of email template sent after loginCreate with codeType 0
SOAP API: loginCreate now supports language in lowercase and uppercase
IWDS now supports language field in both upper and lower case
Fix: User Restore code now operational in Authenticator
February 18, 2021
Admin console
New user field ‘Alternative Login’
Azure AD connector
New selector to define the login for Azure AD authentication (login, email or alternative login)
February 5, 2021
Helium Backup
Fix of installation of Helium Backup browser extension for Safari on MacOS 11
January 26, 2021
Back-end
Fix of OTP validation issue on multi-device case. Some OTP were sometimes (rarely) rejected while valid, for users with several trusted devices
January 20, 2021
Authenticator Desktop 6.12.3 for Windows
“My Devices” and “Audit” menu entry become visible if enabled by the administrator
Confirmation message after authentication via push notification
New logo and colors
December 14, 2020
New audit console:
Fix for a login filter issue
Fix and optimization of monthly export
December 10, 2020
Azure AD connector
back-end update for supporting alternative login
November 30, 2020
Authenticator 6.11.2 on iOS
Fixing a FaceID authentication issue on iOS 14
November 27, 2020
LDAP Proxy 1.3
Support of TLSv1.2
Adding a LDAP server connection timeout
Management of expired AD passwords
November 17, 2020
Azure AD Connector
Added link to enrollment of local applications
Fix for interface language consistency throughout navigation
Fix for authentication by receiving a push notification on a mobile device
Fix for authentication using Helium browser token
UX/UI improvements
Authenticator 6.11.1 for Android and iOS
Fixing a specific case where generating an OTP was not possible
October 22, 2020
Authenticator 6.11
“My Devices” and “Audit” menu entry become visible if enabled by the administrator
confirmation message after authentication via push notification
new logo and colors
October 20, 2020
Admin console
New button in admin console in the Reports tab, leading to the Preview of (new) inWebo Console for browsing and exporting logs
Fix of an issue when authenticating to the inWebo console in case of multi-service administrators
October 7, 2020
Cosmetic update for consistency with inWebo’s rebranding. Change of logo, icons and main color from green to blue, no functional change. Check the full release note.
Virtual Authenticator is slightly rebranded with a change of color
Helium is slightly rebranded with a change of icon
Myinwebo.com selfcare pages are rebranded with new logo and color
SAML connector pages are rebranded with new logo and color
September 17, 2020
Back-end update
Push notification component is now able to deliver notifications to custom applications
September 16, 2020
LDAP Proxy 1.2
Fix of authentication with UID field as login
September 1st, 2020
Authenticator for iOS
Addition of a step to accept or reject notifications when FaceID is activated
August 19, 2020
Back-end
Fix of formatting errors in emails sent by myinwebo
July 29, 2020
Admin console
New parameters controlling “My Devices” and “Audit” menus in Authenticator 6
July 21, 2020
Authenticator 6.10.2 for iOS
Upgrade of internal components, no impact on application features
July 3rd, 2020
HotFix
Update of security token in a component used for Authenticator 6 and mAccess Web token authentication.
July 1st, 2020
Minor update
final update for date consistency (Authenticator and mAccess Web tools creation date)
June 29, 2020
Authenticator 6.10 for iOS
Upgrade of internal components, no impact on application features
HotFix: Authenticator 6.10.1
Fix of a loss of enrollment occurring when installing version 6.10.0
June 25, 2020
HotFix
Azure AD connector fix
2nd-phase fix for date issue in Authenticator and mAccess Web tools creation
June 18, 2020
Back-end update
Deployment of back-end components prerequisite for releasing the REST API
Fix - 17:30 CEST
Fix of a date issue. The dates registered for Authenticator and mAccess Web tools created today June 18, 11:00 am CEST and 17:30 CEST are 4 hours late.
June 17, 2020
Helium backup for Safari
Helium Backup for Safari available on www.inwebo.com/downloads/. It will be replaced by a link to the App Store when the app is published.
June 2nd, 2020
Admin Console
New email alerts sent to admins before an active device gets locked on lack of activity. A device in use is a device that has been utilized once and that is not locked.
May 28, 2020
Minor updates
mAccess Web Sdk: Permanent link to the latest available version of the library. The latest current version is available at https://ult-inwebo.com/neon/current/simple-neon-lib.js
Authenticator Desktop
Minor enhancements and fixes in Authenticator Desktop activation page
May 19, 2020
Admin Console
New parameter in service General Settings for enabling transaction sealing in standard services
Secure sites accept long domain names
The filter on inactive users can now include or exclude users that have never authenticated
The admin console is rebranded with new inWebo colors and logo
When creating a service, the service admin email is correct, previously it was inherited from the original service admin
Fix of a saml metadata editing issue
Fix: Authenticator enrollment links target Authenticator 6, not 4
Fix of a consistency issue in device creation date
April 21, 2020
Admin Console
Fix of a security issue in role management within a service
Helium & Virtual Authenticator
Security enhancement on request for push notification when the browser token is not activated.
Fix of a call to a local component, generating error messages mostly in IE11 browser environment. No change in other browsers.
March 19, 2020
Backend Optimizations
the reactivation procedure accessible at https://www.myinwebo.com/welcome has been optimized
the search function on the login has been restricted to a search on the first characters, instead of a pattern search
Admin Console
the “search by login name” feature in the Service Users tab now filters on the the first characters of the login
March 13, 2020
Backend HotFix
activation request optimization
March 5, 2020
Azure AD connector
fix for a display problem on the authentication page when displayed on small resolutions
fix for a service logo issue
February 26, 2020
Azure AD connector
update in the graphical theme to adopt Azure design and color theme
mAccess Web Sdk 3.6.0
Adding a function to send a push notification to be received on Authenticator mobile or desktop
January 16, 2020
mAccess Web sdk 3.5.1
fix of a duplicate profile issue after restoring a user account
January 15, 2020
Authenticator 6.8.4 for Windows
optimized application launch time
January 13, 2020
Authenticator 6.8.4 for iOS and Android
optimized application launch time
bug fix on notification handling
December 19, 2019
Azure AD connector
compatibility issue with Microsoft desktop applications in IE11 compatibility mode (Teams and OneDrive) is solved
change of pictogram in the authentication pages
Admin Console
fix of an edition issue when modifying an OIDC Azure AD connector
fix of an edition issue when modifying a Radius connector
December 12, 2019
Azure AD connector
improvement of the creation of an OIDC Azure AD connector:
authentication page is defined automatically based on service parametersvarious cosmetic improvements of the authentication pages
minor fixes
December 3, 2019
Azure AD connector
improved creation of connector and automated creation of secure site
authentication interface improvement and minor fixes
Authenticator 6.8.2
addition of Spanish language
optimization of launch time
other minor improvements
November 26, 2019
New type of connector available in the administration console: OIDC Azure AD
November 25, 2019
LDAP Proxy improvements
LDAPS full support with ability to manage a certificate specific to this Proxy
fix: windows installation script accepts blanks in directory name
the service name has been renamed into “inWebo LDAP proxy”
new command-line options for configuration check
November 21, 2019
Interface and user journey improvements. Terminology change: the wording "secure site ID" and "activation code", is aligned towards "activation code" in the following components:
the browser token Helium and Virtual Authenticator,
the standard selfcare site http://myinwebo.com ,
and the administration console.
Authenticator 6 mobile and deskop are not impacted as they already use the “activation code” terminology.
November 14, 2019
Authenticator 6.8.1
fix: push notifications on iOS 13 is supported
login replaces first name and name in account list
fix of account list refresh issue after switching account
fix: error message now displayed when trying to activate Authenticator on White Label service
other minor issues fixed and minor interface improvements
Interface Fixes
a few spelling mistakes fixed in English and French in the standard enrollment process
mAccess Web 3.5 sdk
compatible with Helium Backup for persistence of enrollment data
November 7, 2019
Helium Backup 2.1 available on Chrome Store
available for Chrome, and chromium-based browsers such as Opera, Microsoft Edge 78 Preview, etc
new implementation of the storage of local data for chromium-based browsers
backward compatibility with Helium Backup previous versions
modified icon
November 6, 2019
Helium Backup 2.1 available on Firefox Store
supports Firefox 70 and later as the localstorage issue has been fixed since version 70
backward compatibility with Helium Backup previous versions
modified icon