Efecte Secure Access (ESA ) 2024.1 Release Notes
Authentication
Efecte Secure Access (ESA ) 2024.1 Release Notes
Authentication
Efecte Secure Access (ESA) is an authentication component for the Efecte platform. ESA provides authentication & authorization capabilities to the Efecte platform, including Efecte Self-Service and Efecte Service Management.
Discover the new features and enhancements included in the Efecte Secure Access 2024.4.0 release, providing users with improved functionality and security for their access management needs.
Executive summary
New login capabilities Okta and Keycloak
This release introduces two new login capabilities Okta and Keycloak.
Efecte Secure Access supports SAML protocol, which is used for Okta authentication. Okta is a secure identity cloud that links all your apps, logins and devices into a unified digital fabric.
From Efecte login page, user selects which type of authentication or action he/she is going to use and if it requires Okta authentication, user is directed to Okta login page. After user has authenticated, he/she is redirected back to Efecte Secure Access and user is able to access Efecte solutions according to defined access rights.
Efecte Secure Access supports OpenID protocol, which is used for Keycloak authentication. Keycloak is an open-source software solution designed to provide single sign-on access to applications and services. It allows users to authenticate once and access multiple applications without needing to re-enter their credentials.
From Efecte login page, user selects which type of authentication or action he/she is going to use and if it requires Keycloak authentication, user is directed to Keycloak login page. After user has authenticated, he/she is redirected back to Efecte Secure Access and user is able to access Efecte solutions according to defined access rights.
Enabling and Removal of Admin events
In ESA Admin events can be enabled and removed after certain time period. Configuration instructions can be found from here. Any action an admin performs within the ESA admin console can be recorded for auditing purposes. The resulting events can then be viewed in the Admin Console. The admin can set the expiration for events. Expired events are periodically deleted from the database, recommendation is 30 days.
ESA do not store users
Now it's possible to decide do you want to store user data in ESA or not. If there is no reason to store users in ESA, you can select Do not store users in identity provider UI. This means that users are not saved to ESA database. If user data contains sensitive information this is a good choice, for example social security number. By default users are stored to ESA.
You can find the complete list of improvements and fixes included within the 2024.1 ESA release below.
ESA Release Notes 2024.1
Features
| Change ID | Description | Notes |
|---|---|---|
| IGA-681 | New Authentication: Okta | More info in community |
| IGA-6978 | New Authentication: Keycloak | More info in community |
| IGA-6668 | Do not store users feature | When enabled, users from directory are not persisted in ESA database. |
| CP-8021 / IGA-7093 | Self registration with claims for ESS | Feature for self registration for ESS using claims received from IdP |
Enhancements
| Change ID | Description | Notes |
|---|---|---|
| IGA-5674 | Removal of Admin events | ESA admin can define ‘Expiration’ days for User events and Admin events from ESA UI |
| IGA-5941 | Enabling Admin events for auditing | ESA Admin can enabled Admin events from ESA UI. |
| IGA-6345 | Keystore password improvement | Improves the security of the 'keystores' that we use in ESA |
Bugs
| Change ID | Description | Notes |
|---|---|---|
| IGA-5577 | ESA realm creation missing realm | Fixed, all the realms are created |
| IGA-5814 / CP-7727 | Logout error when ESA and no ESS solution | Fixed, logout is successful without ESS or with ESS. |
| IGA-5830 | ESA hide "Login with Directory account" button doesn't persist when restart of ESA container. | Fixed. Changes persist in ESA login screen. |
| IGA-6746 | Spelling error "Kirjaudu hakemisto tunnuksella" | Fixed, "Kirjaudu hakemistotunnuksella" |
| CP-7936 / IGA-6770 | ESA bugs in login theme customization | Fixed by instructions |
Need help?
Do you need help, or you have suggestions or change proposals?
Please contact the Efecte Service Desk (servicedesk@efecte.com) if you have any questions or change proposal regarding the latests release.
Table of Contents