Version: cloud_3.0.5-beta product release

Date: 12 January 2024

**No new features were introduced. This version has implemented all the features and bug fixes from the 3.0.4**

Version: cloud_3.0.1-beta product release

Date: 03 November 2023

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. Provide show to user flag support in Application Setting .

   • Application Setting

     • show to user

       • If flag is off,then hide application from my access ➝ assigned application.

       • Delegation : If flag is off,then hide application from Delegation ➝ my access ➝ assigned application.

     • user can request

       • If flag is off,then hide application from my access ➝ request for assign application.

       • If flag is off, then hide application from On-behalf ➝ users ➝ request for assign application.

       • Delegation : If flag is off, then hide application from Delegation ➝ On-behalf ➝ users ➝ request for assign application.

2. Framework Upgrade: Java based services are updated for spring framework, spring boot, also updated utility libraries. Please note it may have impact on several functionalities.

3. MFA attempt Admin User lock

   • MFA attempt config added in global auth policy

   • Self unlock flag to unlock the user during admin lock the user

4. Token Rolling period : Token start period should start before current server time.

5. Passwordless reset password : When password is required to be changed then user is forced to change password during login using passwordless.

6. Bearer Token subject is encrypted now in header.

7. cookies samesite attribute is being set to strict to all the cookies.

8. Active Directory new bundle (Using unboundid.ldap.sdk library) - Phase 1

   • Server Connector bundle name: simpleADServer Connector bundle version: 1.0Server Connector name: com.cymmetri.connector.simple.ad.SimpleADConnector

   • Added one field inside user configuration of active directory "Disable User With Date Time".

Fixes

1. Policy Attribute- Add pagination

2. Teams Configuration- Showing route issue when saving new teams configuration

3. Passwordless- Passwordless page is showing blank when clicked on clicked on Passwordless button on Login page

4. Notification template- Increase spacing between Kathreftis Team and Disclaimer and remove space above

5. Login failed> User locked Template- Change notification template

6. My access> Applications- If an application is already present in a certain tag, when attempting to move it to another tag within the "All Applications" section, it should not be visible in the tag it is already associated with.

7. Login-Tab button should be applicable for enter password field when passwordless in enabled

8. AD Application- When assigning remote group to AD user, showing error

9. Passwordless- Passwordless page is showing blank when clicked on clicked on Passwordless button on Login page

10. Self-service app: On-behalf tab is loading late

11. Master> Zone- When editing zone then status is always changing to inactive

12. Authentication Rule- When user is trying to reset password having LDAP authentication active, then password is changing into target system first and reflecting older password in target system

13. PAM- Dormancy disabled config- By default config should be disabled

14. Audit-"action":"DORMANCY_DISABLE_COMPLETED" ,Data showing null,need to show data

15. PAM dormancy disabled showing failed

16. Deprovision- All three fields should be in one line

17. Policy Attribute- Add search filter in policy attribute

18. Delegation- Add cancel button after editing consent

19. My Access> Applications- When moving application from one tag to another, then validation message should be proper for end user to understand

20. Campaigns> Access Review > Campaign Manager- Sorting is not working

21. My Workspace> Inbox- Need to refresh page every time to see changes in started request

22. Global Auth Policy- Update message to "Auto Unlock MFA period should be less than Account Auto Unlock period."

23. Insights> Reports -Showing error message when disabling scheduler toggle

24. Application MFA update -on click Next button -getting in loop

25. PAM vault user-Confirm button should not be enable till any value entered

26. Validation message change-Change 1 days to 1 Day

27. Teams Config- Configuration should not be saved without adding condition

28. Teams - User is not able to lock/unlock account even after configuration in teams is enabled

29. Need to show proper error message when Maximum MFA attempts reached

30. Reset Password OTP -there is only OTP option is available then also showing error message for question

31. MFA- User not able to login via Consent based MFA showing error

32. Login- Showing error when trying to log in using secret question as MFA

33. Teams Configuration- Showing route issue when saving new teams configuration

34. MFA count gets reset, when admin mark lock to unlock

35. MFA- User is able to unlock account event after unlock user account time is not completed

36. Login with password less-password expiry should be consider and need to follow steps to reset

37. When admin lock user the take conformation, unlock yourself or lock lifetime

38. End date over user login-on forgot password this user should be validated and restrict,currently redirecting on MFA

39. Inactive user login-on forgot password this user should be validated and restrict,currently redirecting on MFA

40. Need to update audit when user attempt max MFA

41. MFA- User not able to login when user is trying to login using normal password flow

42. My workspace> Active Campaign- Latest selection should remain as it is.

43. Pagination persistence for users (when a user clicks on lets say 3rd page and go into the user details and when come back the pagination gets reset )

44. Application provisioning workflow- Assign application to user and then cancel it, still showing user assigned

45. My Access>Application> Tag- Search filter should be applied for tag applications as well

46. Add New Application Search , when no data is there the UI breaks and a No Data Found card should also be shown on screen

47. Login Page- User is not redirecting to mentioned login help page( Mentioned in Branding)

48. Cymmetri Mobile App- Changes required in secret question layout on login page

49. User Creation Workflow- When clicked on the cancel button on the workflow preference popup box, it should remain on the user creation page. For now it is cancelling the whole process

50. Branding- Show validation message if user miss to fill any fields and clicked on save button

51. Lifecycle mgmt>Workflow Configuration- Save button should be enabled when removing approver.

52. Suspend user-For device deleted message should be shown as Device Deleted

53. User Onboarding- When provision rule is trigged while onboarding user and any application is assigned to user then assigned tag should be shown in that application as showing in Groups

54. Configuration> Master- Accepting emoji values in Global Master

55. MFA- Secret question- Answer field should get blank after question is selected.

56. Delegation- After delegation time is completed, delegation configuration should be updated

57. Authentication Rule- When user is trying to reset password having LDAP authentication active, then password is changing into target system first and reflecting older password in target system

58. Global Auth- User should be able to set Account unlock and MFA unlock to minimum 1min

59. User-Account lock-Account is self lock then also on UI showing message user cannot unlock

60. User Setting- Showing user not found error message

61. Lifecycle Management || Applications redirects user to Identity Hub

62. Campaign- UI of Calendar field is not proper

63. Policy attribute- When removing policy attribute, that field is not getting removed also it is visible in policy map application field dropdown

64. Audit Log- When duplicating a tab and subsequently refreshing it, then audit log is displaying a random requestor ID

65. Global Auth Policy- "Allow Users to have" is displayed twice

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Workflow initiated for form but form is getting updated without workflow approval.

4. In application setting if show to user flag off then also application show in recent application.

Version: cloud_3.0.1-beta product release

Date: 09 February 2024

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. PAM SUDO SU feature for linux server.(For SUDO SU shortcut key Ctrl+Shift+E)

2. SAML Assertion Preview

3. Encrypt saml response

4. ETL

   • Custom Create user in AD API with unboundid library

   • Custom user assign to group in AD API with unboundid library

5. Configurable UI Info and Actions:

   1. Hide "Reset / Unlock User"

   2. Hide "Login Help Page Link"

   3. Configure "Login Help Page Link"

   4. Hide "IP Address"

   5. Hide "Self-Service App Links"

6. Login Help page external link updated

7. Cymmetri Verify

   1. Firebase version upgradation

   2. A troubleshoot page provided if FCM token is missing

8. SSO UI migration

9. Made Gateway IPs and Proxy IPs non mandatory on the Masters -Zone page. Only Name and CIDR fields will be mandatory.

Fixes

1. Default delegation consents do not convey responsibility of delegator or delegatee

2. Self service app- On behalf: When clicked on application/groups from dropdown mobile keyboard is getting displayed and due to that applications/ groups visibility is less

3. Provision rule-On click save showing error,without condition

4. Configurations-general-config-Rename message for User Decommission Config

5. Label update for suspend config

6. Provision Rule; Groups/Application- If user is selecting any local group in first field then second field is greyed out not showing other local groups

7. Notification content should not be hardcoded

8. Remove trailing slash from selfservice endpoint

9. Error handling for product Webhook custom error

10. Application SSO-attribute mapping-without selecting Cymmetri Attribute save button should not be enable, as this is mandatory field

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Workflow initiated for form but form is getting updated without workflow approval.

Version: cloud_3.0.1-beta product release

Date: 30 January 2024

New Features

1. Provision Rule Revamp:

   1. Restructure Provision rule condition configuration

      • Provide support single condition and group condition in condition config.

      • Provide Operator support like Equal and Not Equal.

      • Provide AND , OR Operator support for multiple condition in provision rule condition config

   2. Group provision Support

      • Add group in provision rule. (only local group)

   3. Old provision rule migration

      • If old rule without condition mark as inactive.

      • if old rule without application also mark as inactive.

2. UI/UX Changes:

   • Application profile and group mapping in SAML SSO

   • SAML Service Provider - Restructuring and provide defaults

3. Deprovision Rule support for user delete (if no application assign)

4. SSO -SAML

   • SSO-group policy Mapping -- SSO SAML.

   • SSO-added nameFormat in profileMapping and groupMapping -- SSO SAML.

   • SSO-added digest algorithm method.

   • SSO-added list support for profile mapping.

5. Mfa Attempt Enhancement(Old behaviour when admin locks the user then user should not able to unlock from selfservice now he/she can able to unlock yourself)

   • user can unlock if admin locked the user

   • invalid mfa will permanently lock the user, user can unlock account after mfa cooldown period is completed.

   • admin can unlock the user which will unlock the mfa as will

6. UserType Master Support in User Creation and Updation.

Fixes

1. Provision Rule- Rule is not getting applied if previous provision rule is deleted.

2. Group- Search functionality is not working

3. Not getting form values in the target application when Form updated, role assigned and role unassign

4. Self service app- Increase spacing

5. Notification bell icon- When notification is empty, mark read and delete option should not be clickable

6. Cymmetri self service app- When clicked on groups or application from on behalf tab, it is redirecting to dashboard page

7. User Onboarding| Contact info details not accepting other country mobile number

8. Cymmetri Verify app- For long tenant name timer clock is not visible

9. Group-Attribute detail-provide search

10. Android Heads Up Notification now will display notification upfront which earlier required from user to turn on from the Notifications Settings (Float Notification)

11. Notification template-correct spell for delegation

12. Deleted user login-on forgot password this user should be validated and restrict,currently showing error-Please try again

13. SAML-On clicking validate regular expression should show data message which is available in backend

14. Ctrl+K: Search filter is showing records for all the letters mentioned

15. If the admin lock the user, then the user should be able self unlock by forgot password flow

16. Audit- Audit log should shows role specific logs for role assignments/ unassignments

17. Self Service: Access review- Validation message is not complete it is getting cut

18. Registration- Showing processing please wait validation message after registering user and without any setup if user is clicking logout

19. Self service app-On behalf: When clicked on application/groups from dropdown mobile keyboard is getting displayed and due to that applications/ groups visibility is less

20. Not getting form values in the target application when form updated, role assigned and role unassign

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Workflow initiated for form but form is getting updated without workflow approval.

What is Cymmetri?

Cymmetri is a Converged Identity & Access Management Platform and a well-trusted platform acting as an advisor and an end-to-end partner for Security-aware teams looking to deploy Identity and Access Management Solutions across their organization.

We offer an industry-standard product backed by a strong team that always aims to innovate our solutions to cater to a wide variety of enterprise needs.

Version: cloud_3.0.1-beta product release

Date: 03 November 2023

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. Policy Map Datatype Converter

   • Added standard converter to convert ldap profile picture.

   • Added standard converter to encrypt & decrypt data.

   Sample Fields For Active Directory

1. Decision Engine Restart Scheduler

   • Added scheduler which will run on every hour and process stuck decisions.

2. Audit JMS Queue added in following services

   • cymmetri-microservices-authPolicy

   • cymmetri-microservices-mfa

   • cymmetri-microservices-notification

   • cymmetri-microservices-provisionEngine

   • cymmetri-microservices-registration

   • cymmetri-microservices-ruleEngine

   • cymmetri-microservices-selfservice

   • cymmetri-microservices-usermanagment

   • cymmetri-microservices-workflow

   • IG

   • cymmetri-microservices-sodengine

   • cymmetri-microservices-pam

   • cymmetri-microservices-analytics

3. UI/UX Changes

   • Show Cymmetri Verify app link on push/fido registration screens.-Rejected for the selfservice app

4. Cymmetri Verify App update (v5.9.1)

5. Cymmetri Verify App update (v5.9.2)

6. Cymmetri Verify App update (v5.9.3)

   • Display a message to indicate the action being performed

7. Restructured bulk user import for performance

8. Notification Global Config

   • Notification categories in two types i] Mandatory ii] Optional.

   • Notification Global Config applicable for only optional type of notification.

Fixes

1. Cymmetri Verify- When exporting TOTP users password is accepting all digits/values as alphabets/number when it should have accepted alphanumeric values

2. Cymmetri Verify | IOS | Face ID being asked infinitely

3. Cymmetri Verify app- Showing duplicate records when imported from other device

4. Cymmetri Verify app- Search functionality is not working when users imported from different device

5. Cymmetri Verify- Show password when clicked and file is exported, then again export file same password is visible with no masking(password is visible)

6. Cymmetri Verify | IOS | Unable to import backup file

7. Cymmetri Verify | IOS | Face ID not supported error

8. Cymmetri Verify | Account details not updated on adding/removing push/fido

9. Cymmetri Verify | IOS | Not internet error

10. Application getting repeated within different pages of application list

11. My workspace>Access Review>IG>Managed - When all the checkbox of Info field are disabled, then title checkbox should also be disabled

12. User - Application - Group name should be displayed

13. Audit-Audit with device filter not working

14. Vaulting Configuration- Test connection audit not present

15. Notification Template- User is not receiving mail for reset password

16. Login-Showing incorrect validation message and asking user to reset password again

17. Onboarding flow | Additional details not accepting other country mobile number

18. Recon history- provide search

19. Tenant Registration- Domain is not visible

20. Register tenant- Country dropdown is showing no option instead of countries list

21. Application - Tag - Already created tags present in application are not getting displayed in grid page.

22. Partner Portal- Showing invalid argument but not able to understand exact which field is invalid

    • Admin Portal- Top search not working

    • Admin Portal- Get Started link not working

    • Admin Portal- Company name and company code should get trim

23. Fido Authentication- User is not able to authenticate via FIDO in first time, user need to kill app or refresh inorder to register device

Known Bug

1.  Manager notification : receiving user name required manager name 

2.  Multi-role assignment with form,then form adding repeatedly for each role, expected only one form should bethere 

3.  Fido - Push/fido not getting removed from mobile app 

4.  Password converter only accepted encrypted value . it should also accept user's editable value

Version: cloud_3.0.3-beta product release

Date: 15 December 2023

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. WebAuthn passwordless authentication (It only works for chrome, safari, edge on desktop and chrome and edge on mobile) - EXPERIMENTAL

2. Onbehalf Configuration

   • Default onbehalf configuration

   • Rule engine support to create custom configuration.

   • Display the OnBehalf menu in self-service according to the logged-in user's matching custom/default configuration.

   • Below menu operations supported

     • User Application View,

       • Assign Application

       • Assign Role

       • Unassign Application

       • Unassign Role

     • User Groups View

       • Assign Group

       • Unassign Group

   • Group Provisioning Enhancement

   • Policy map datatype converter Enhancement

     • Converter support added in custom attribute

     • Configuration support added for custom attribute converters

     • Encryption added for Custom attribute password converter value of user

   • Cymmetri Verify v5.10.3 - () -

     • Bug fixes

   • Cymmetri Mobile v1.5.1 () - (Rejected)

     • Bug fixes

     • Added self verification support for forgot password, App MFA, server MFA, and passwordless

   • Global module search feature (Ctrl+K)

   • Groups list pagination in user details

   • Connector

     • Oracle HCM

   • PAM

     • AD seperated from the Cymmetri

   • Group - View Attribute - Showing list of CN of members of remote group

Fixes

1. Workflow for time-based role application- Audit log should show action not supported me ssage if lifetime application is changed to time base from approver end.

2. Recon Link for both exist- When updating group after linking showing custom attribute error

3. Multi node-Application assign with role, all user getting assigned but still import showing in progress

4. AD group count mismatch-In AD total 1278 group but in pull it is showing 1260

5. Application Group- Pagination should be applied for group provision page

6. AD application push- Group should not be updated when update checkbox in policy map is unchecked

7. AD Recon Push- When all policy attribute are false, group creation should show error.

8. AD Application Pull- When all policy attribute are set to false, group creation should show error

9. AD-Policymap_memberOf need to be default false for old tenants

10. Browser specific-On Mozilla browser OTP verification is not proper

11. Login with Domain Admin- Manager assignments should not be greyed out

12. Import completed file show end time

13. Policymap-group(pull/push)-if attributes are inactive then this should not be reflected under dropdown

14. PAM-Sign on Policy- Policy should not get activated unless MFA factor is selected.

15. Audit-Configuration-OTP-For check uncheck Send OTP on,audit should be present

16. AD application- Should show error message when description is user principal

17. Self service-Read auto MFA considering camel cases

18. Cymmetri Verify app- Cymmetri mobile app is not able to fetch TOTP from verify app if the re are more than 20 TOTP users

19. Users Managed View- Managed view should get blank for those application not supporting this operation

20. Configuration>Master>Browser Tab text is not correct

21. Workflow- Close button in Users details pop up box should be enlarged (currently not visible properly)

22. Branding-Should show proper validation message on UI

23. Version-provisionsrvc showing two times

24. PAM> SignOn Policy- Discard button is not working

26. Identity Hub> Users: Others field details are not visible on user display page on editing profile

27. Cymmetri app(selfservice)-Auto read MFA-when Cymmetri verify app having App protection is enabled then also it is reading,bypassing app protection

28. Cymmetri Verify - Google Authenticator Import TOTP timer not running

29. Cymmetri Verify - MFA Push Registration fails

30. Cymmetri Verify - App crashing on Samsung fold phone

31. SAML-Expression-restrict to show id

32. SAML-Expression-if user don't have data and fetching data then no message showing on UI

33. SAML Key:- Not able to understand why validation message is showing invalid arguments

34. Delegation- Session getting expired even after refreshing token continuously

35. External idp login showing error

36. SAML-User is not able to download metadata, showing 500 internal server error

37. API SSO validateToken API only validate the auth_key parameter

38. Password converter only accepted encrypted value. it should also accept user's editable va lue

39. Identity Hub>Group: Grey out Group name field for remote groups as user cannot edit name

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Application getting assigned from UI. If it is failed.

4. Group-Custom Attributes not getting updated in group while assigning user to the group manually

Version: cloud_3.0.1-beta product release

Date: 23 February 2024

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. UI/UX Changes:

   • Skeleton loaders - Improved loading indicators

   • Filter enhancement for Users and Application pages - Now filter persists the data once go in the detail page and come back also an indicator to show how many filters or any filters are applied

   • Branding changes - Now the preview of branding will be on scroll for better UX , "should help icon be shown " field would highlight the help icon

2. Mfa attempt Admin User lock

   1. Mfa attempt config added in global auth policy

   2. Self-unlock flag to unlock the user during admin lock the user

   3. Email for invalid mfa attempt

3. Service Provider (SP) Initiated SAML Single Logout

4. Secret Questions verification changed

   • Earlier it used to show all question and mandate user to fill all the configured questions . Now it will only ask user to show dropdown multiple times configured by admin for minimum correct answers.

5. SBI VAPT :

   1. Encrypt 'login' in some public api same as password encrypted. Following APIs are changed:

      1. validateIdentity api : on login page validateIdentity api change get type to post and in request body login encrypted value pass.

      2. token api : on login page token api login encrypted value pass.

Fixes

1. API Integration for passwordless flow reset password

2. Workflow- For user list workflow approver, user is showing in list dropdown but in pending workflow it is showing empty.

3. Application- Application name should be unique

4. Applications Group mapping- Change the validation message as only one group can be added in group mapping/ disable the add attribute button after 1st group mapping is done

5. AD application Recon- When importing users via recon having provision rule assigned for User creation with condition, then showing error in recon history and again after executing run now command then user is getting imported but going in Ignore case.

6. AD Application recon- When workflow is applied for User creation having condition applied(Department=Accounts), and user is imported via recon, recon history is showing user assigned but when searched In identity hub-Users, showing user not found.

7. Notification Template- Showing processing please wait message when trying to click toggle button

8. Provision Rule- User should not be able to save provision rule without adding applications/groups

9. SBI VAPT || Testing and changes for SBI as well as product

10. Application SSO- Label change to update

11. My workspace>Inbox- User details popup box should not be displayed when user is deleted from admin account after initiating workflow

12. Deprovision- Remove Exclusion Applications field

13. Delegation account- Change label from Delegate Session Active to Delegate Session Information

14. Users> Applications- Total number of applications assigned should be shown in user account

15. User: Menu Action- There should be sync event toggle button while marking user inactive in user menu as available while marking inactive from user setting tab

16. Policy attribute- When removing policy attribute, that field is not getting removed also it is visible in policy map application field dropdown

17. Identity Hub> Users- Users should be searched on basis of Usertype as well

18. User Creation Workflow- When clicked on the cancel button on the workflow preference popup box, it should remain on the user creation page. For now it is cancelling the whole process

19. Application> SSO>Configuration>Edit configuration- UI for logos and name is not proper

20. Application SSO> Configuration- Marked button should be disabled until service provider is selected

21. Branding- Change label as both the fields are sounding similar

22. Branding- Preview is not available after changing setting

23. Branding- Add a short note/sample file for default help link when show help button is Yes

24. User Filter- Reset button should reset all the filters applied and load complete data

25. Self Service App>Managed access- Fields on right side should be slightly moved to left as in mobile it is not visible properly

26. Application Audit logs- Applications are getting updated when password reset is performed for users.

27. Selfservice app-MAX MFA attempt message is not readable

28. Self Service mobile app: Application- Application Tag is not visible when clicked on move to tag option at first time and later on option is continuously visible

29. My workspace> Inbox- Starred requests are not getting saved in starred folder

30. Exclude application > delegation- When any application is added in tag and excluded by delegator, then should not be visible in delegatee account

31. My workspace: Application- One application should be assigned/moved to one tag only

32. Teams Configuration- Showing route issue when saving new teams configuration

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Workflow initiated for form but form is getting updated without workflow approval.

Version: cloud_3.0.12-beta product release

Date: 18 April 2024

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. Upload filename length validation: When file is upload in form of profile image, excel file import then validation is added for the file name length.Implement pages are as follows (20 characters)

   • Selfservice profile picture

   • Application image

   • Excel upload in User import, manager assignment, application assignment, group assignment,Role import

2. For the remote group, when a user or application is assigned to the group, they will not be assigned to Cymmetri until they have been successfully assigned to the target.

3. Workflow Config

   • After creating work flow now user redirect to workflow config page.

   • Now we can't active workflow if approver not configure in workflow config.

Fixes

1. Application> Roles- Add toggle button to Active /Inactive status.

2. Add application/device name with space,Space should be trim

3. Users> Activity- Filter and search should be added in user activity

4. Workflow-"Save" button should remain disabled unless some condition is mentioned

5. Application SSO-attribute mapping-for duplicate entry,message should be show on same screen,refer other module for the duplicate entry error message

6. Lifecycle Mgmt>Hook Config - Search filter is not working

7. Amaya Connector- Show complete name on tooltip

8. User Setting- Change validation message for all three tasks( Active, Inactive, Delete)

9. Workflow Configuration- If approver is not present then workflow config should not get active

10. Partner Portal - Add Asterisk (*) for marked fields

11. Partner Portal- The validation message indicates that spaces are acceptable, but the field is not currently allowing them

12. Partner portal- Company name letters should be extended to 100 characters and space at the end should be trimmed

13. Amaya-Param getting duplicate

14. Trigger email to user when MFA max attempted in login

15. Master > Audit logs- Audit for fields created or updated in Master is not showing except for Grade

16. PAM Device- Not able to search PAM devices from my workspace

17. Application add with space,Need to handle space in backend also as temporay fix deployed from UI side

18. Rename- Dynamic json connector to Amaya

19. Amaya connector- Rename Dynamic Json connector to Amaya

20. Dynamic Json Connector- Text is overflowing tag border

21. Delegation- User should not be able to save delegation when start date is in past.

22. Amaya-policy map-felicity-If for policy map attribute not generated then default value should be there

23. Add application-For policy map default should be off

24. Update pagination offset - label and placeholder

25. Amaya-Response getting hide

26. Rename Amaya provision sub tab to User Configuration

27. Amaya-Policy map,tooltip overlap issue

28. Partner portal-under cymmetri customer total user count showing-1, actual available-12

29. Recon- Modes should be non editable

30. Import users via CSV/recon- Users should not be imported/ should show error when particular usertype, department ,designation fields are inactive

31. Load Test Data: Identity Hub> Users- Pagination is not working when multiple users(Load) are present

32. Workflow- Workflow popup box is showing unknown but in pending workflow is going into requestor manager

33. User-Filter with custom attribute not working on below data

34. AD Application new bundle- If user is inactive in AD, and same user is updated in Cymmetri then user in AD should also get updated

35. AD Recon push-User not getting push in target (New bundle)

36. Recon- Timing is not correct

37. Application delete-Deleted application present under Provision rule ,even after application deleted

38. Processing please wait message should be changed, when no data is entered and clicked on preview assertion

39. Deprovision- User is getting suspended when deprovision rule is executed via scheduler when no end date is applied or status is inactive

40. Reports> Filter- Showing error message to enter start and and date when resetting filter or applying any other filter.

41. Remote Group assign in bulk-Not moving all user in group under AD

42. To verify user deleted from AD OU and cymmetri admin trying to assign remote group

43. AD application - In Suspend user, application status is showing fail updation state

44. Remote group-bulk assignment showing ServiceUnavailableException

45. Group-Recon pull-update and full sync assign/update-taking too much time

46. Ad Application- Application assignment is going in failed state , but deleting application is also getting failed

47. Assign user to remote group is failed

48. AD application recon- When workflow is configured and recon is executed, then user is going in pending workflow

49. AD New Bundle- Thumbanail Photo is reflecting incomplete(In hex form) in AD

50. Workflow- Workflow popup box is showing unknown but in pending workflow is going into requestor manager

51. Recon-Name not present then also showing error for the duplicate

52. AD application - In Suspend user, application status is showing fail updation state 

53. Custom attribute Import via API EXT- Password should be encrypted form when imported 

54. SSO-Openid not working on QA, same working on dev 

55. Multi node-Application assign with role, all user getting assigned but still import showing inprogress 

56. API ext (API Client) User not getting created 

57. Deprovision rule-user data not getting updated when change Grace Period 3 to 0 days 

58. Unable to add Gmail account on Android after logging into Cymmetri 

59. Tenant specific> Reset OTP config- Not able to save configuration 

60. Partner portal- Display validation message specifying some fields are missing 

61. Grade workflow- Preference config popup box is showing user name but pending is showing Unknown 

62. Group recon pull-when space is in name then not going in ignore case 

63. Workflow- Sequence for approver is mismatched in preference config popup box and in pending workflow 

64. Workflow- Workflow in preference popup box is showing user name but in pending showing unknown when applied for user list or grade 

65. Workflow- When approver is set as reporting manager and application workflow is initiated then preference box is showing approver name but pending is showing unknown 

66. Schedule report- cron not getting updated, from hourly to change once in day then also report receiving hourly 

67. creating the user through the JIT Message was rejected due to issue instant expiration 

68. PAM device is assigned then on access showing message for the disconnected 

69. AD Adaptor token- Token is showing Invalid 

70. PAM Device- showing processing plaese wait validation message with 403 forbidden error 

71. Application- Showing processing please wait validation message. 

72. Loadtest-workflow page not loading 

73. Expired session: Showing blank page when clicked on user setting logout tab 

74. Suspend Config- User should be able to disable suspend config 

75. Deprovision- Deprovision via scheduler is not working 

76. AD-Recon pull with update-If user data removed from AD and taking pull,then this data not updating in the cymmetri user data 

77. group push-not taking user in AD at the time of update 

78. Daily scheduler running late 

79. AD Application- Showing error when trying to update profile picture 

80. MFA- Rename SMS Authenticator to OTP Verification 

81. Global Auth-When the "Single Session > Block Session" setting is enabled, attempting to log in with the same user account should block the user even before verifying Multi-Factor Authentication (MFA). 

Known Bugs

1. Manager notification: receiving user name required manager name

2. Workflow initiated for form but form is getting updated without workflow approval.

3. In application setting if show to user flag off then also application show in recent application.

4. Unable to identify application properties data type where value is empty

New Features

1. Framework Upgrade: Java-based services are updated for spring framework, spring boot, and updated utility libraries. Please note it may impact several functionalities: a. Access Review b. Risk Engine c. Data Logger d. Reports e. Webhook Sample

2. Provision rule module updated to support (type: user type and Converter Type: String ) custom attributes as condition parameters.

3. Support added for address1 and address2 field in user for the following: a) User Import via CSV File b) Reconciliation Application c) Amaya Application d) JIT e) Workflow - Inbox > user details, should address fields be visible Pending workflow > user details, should address fields be visible Archive > user details, should address fields be visible f) In the SSO profile mapping drop-down these fields should be visible.

4. Workflow: a. Menu Action: Update the topic of the workflow request for menu action. b. My Request: In My Workspace ➝ Inbox ➝ My Request, we show a list of requests that are requested for logged-in users. Now we provide support to show a list of requests which is requested by logged-in users. So now we are showing both requests which are requested and requests for logged-in users.

5. 360 Degree Reconciliation: a. Migrated APIs from Python to Java, since it was a major roadblock for performance.

6. Webhook sample API details a. Added remark of appId in URL

7. UI improvement - Global search bar (ctrl + k) search result improvement

8. Screenshot Removed right side panel in my workspace dashboard which previously showed no. of pending workflow requests with the user

9. Cymmetri Verify App - A sync service will run to check the pending notification actions that did not take place because the app was in a closed-on-background state and will sync the data based on the notifications

10. Cymmetri Self-Service App - Earlier to register a tenant in cymmetri self-service we used to scan from our app to register a tenant but now you can use any camera or any scanner of that sort to register a tenant

11. UI Improvement - "Test Connection" should be prevented when an operation is not configured

12. SLO- Reverted as business case gap in the developed feature

13. Breached Password (Pwned Password 98crores+) Integration with Password policy.

14. Common adaptive data moved to master db: a. ipreputation b. short-lived domain c. breached password

15. MFA: Encrypt userName(login) in the request of API user behavior initiateKeystrokeCheck.

16. Suspend Resume: a. After the resume of the user's end date is clear and the user acts as a fresh user

Fixes

1. PAM Workflow- Meta condition workflow for devices is not getting triggered.

2. The dashboard count is mismatched.

3. Policy Map- Cymmetri field dropdown should contain Address1 and Address2 fields

4. Autofill API sorts in alphabetic order for JSON objects for create/update

5. Onboarding || User should be able to unselect an application

6. Add and Edit password policy-need to g\show exact labels for the fields

7. Identity hub>User create- When importing users space should get eliminated

8. ServiceNow CURL Import not working

9. "Test Connection" should be prevented when an operation is not configured

10. TEAMS-Users profile pic not showing

11. My workspace- Teams- Showing processing please wait validation message

12. creating the user through the JIT Message was rejected due to the issue of instant expiration

13. Campaign- The Google Workspace application name is not visible in the campaign

14. AD application New bundle- Showing error while importing group having special symbol(-) for recon

15. Application recon pull configuration-recon pull configuration vanished suddenly

16. login with domain admin-need to provide Adaptive menu access

17. AD recon user push- When recon is executed in exist on Cymmetri and does not exist in target = Unlink, the operation should have been executed in Ignore case

18. AD Application new bundle- Group recon pull operation is showing in ignore state but still, groups are imported in Cymmetri

19. AD New Bundle>Address Field- Not able to add AD application when address fields are mapped, showing error

20. AD new bundle- When an AD application is assigned to a remote group, the application is highlighted

21. Cymmetri Verify App - While deleting the account from Cymmetri authenticator, TOTP is not getting

22. Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible

23. Cymmetri Verify App- For old tenants before env was considered if that totp is used for auto-verified

24. Custom Attribute-Provision- When a custom attribute with special characters is created and applied

25. Grade workflow- When workflow over workflow is assigned and is approved by the approver, still workflow is still not updated

26. Cymmetri Self-service App - Once we click on the web link from the scanner, it should show confirmation

27. Self-service Mobile App - When an app is in a Quit state and the app is via a scanner(camera), it is not redirected to the login page of the website

28. JIT- Once the default value is set, the user is unable to edit it, and when attempting to edit, the default toggle is shown as disabled

29. API SSO- Profile mapping configuration is not working

30. Provision Rule - Custom Attribute - Value field is not accepting space

31. AD Application New bundle- The "Application assigned successfully" message should not be shown when the test provision has failed and the application is assigned to a remote group

32. Azure authorization curl is mis-imported

33. Provision Rule - The existing rule configuration with the custom attribute is not working.

34. Audit log-for-date filter add default date is Today

35. User import-file size upload issue

36. Cymmetri Verify App - While deleting the account from Cymmetri authenticator, TOTP is not getting removed automatically

37. Cymmetri Verify App - While authenticating automatically via cymmetri authenticator, the "user not found" message comes twice in the iOS device.

38. Cymmetri Verify App- For old tenants before env was considered if that totp is used for auto verification it shows the user has not found the need to add that compatibility as well, via Passwordless (TOTP)

39. AD authentication- Showing invalid token error

40. Tenant creation not working

41. MFA- Factors showing empty

42. Breach password- Asking webauth, this factor is only for passwordless

43. MFA- The user, is not able to login when the user is trying to login using the normal password flow

44. Teams config- When the team configuration is inactive or does not match the conditions, an error message is displayed after logging in from the user account, yet all data is still shown

45. Adaptive service responding slow in load testing

46. AD Application new bundle- When the Unassign/Deprovision reconciliation is executed for group pull/push, the group should not be deleted from Active Directory

47. Provision rule - The application is not getting configured for the second condition present in the OR condition

48. SAML- Showing saml type mismatch error when the user is trying to click on Gmail via SP-initiated process

49. when the user creates via JIT then the user creation workflow should be skipped

50. PAM-Vaulting Configuration-AD test showing route issue

51. Login page- The user is not able to login when MFA is enabled( Prod issue)

52. Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted

53. AD Application new Bundle- Audit log for pending records should be shown when executing recon user push for failed provision test

54. Grade workflow- When workflow over workflow is assigned and is approved by the approver, still workflow is still not updated

55. Time-based application- Scheduler is executed even when a user is moved to suspended

56. Workflow- User creation using JIT(external IDP Azure)- Workflow is not getting triggered

57. Password policy- password rule updated with contains instead of exact match

58. Self-service-My request takes time to load if more data present

59. Teams config- When the team configuration is inactive or does not match the conditions, an error message is displayed after logging in from the user account, yet all data is still shown

60. FIDO-On push approve showing message something went wrong

61. User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.

62. Workflow Application Deprovision- Workflow is applied for (Role1) but when removing role 2 still workflow is getting initiated.

63. JIT- Once the default value is set, the user is unable to edit it, and when attempting to edit, the default toggle is shown as disabled

64. Recon Group PUSH- When recon is executed for both existing Deprovision, then the group should be deleted from the Target application and not from Cymmetri

65. PAM-Add/Edit vault user showing error

66. MFA push location showing unknown

67. /mfasrvc/userbehaviour/initiateKeystrokeCheck in this API login going in plain text expected encrypted.

68. MFA- Factors showing empty

69. AD New Bundle- Available Records should be synced when recon is executed for the first time after executing recon in the ignore case

70. Audit- Change archive to Suspend when user is deleted and moved to suspend users

71. AD application new bundle - When SAMaccount name is set to false in the Group policy map, members are not assigned in the group when recon Pull is executed for both exist=Update

72. Recon Group PUSH- When recon is executed for both existing Deprovision, then the group should be deleted from the Target application and not from Cymmetri

73. Identity Hub-Group- Change Audit log message

74. AD Application- When the group is unassigned via recon, users, and applications are deleted but the group is not

75. File Uploads, Filename length validation should be inclusive of the file name and extensions

76. User import-file size upload issue

77. AD Recon group Push- When recon is executed for a group that exists in Cymmetri and does not exist in the target system Operation should be shown in Ignore case as no action is performed on Groups

78. Remote Group- When the user is added to the remote group, the count should be increased automatically or after changing tabs

79. Recon Push Users- Multiple entries for the same users are visible in Recon History.

80. MFA- When push authentication is enabled and MFA rules are saved, but then Push auth is disabled from MFA factors, users are still prompted for push authentication when attempting to log in

81. Deprovision: After resuming a user from the suspended user list and applying deprovisioning via a scheduler with no end date, the user is still being deprovisioned again

82. Workflow metacondition- The Metacondition name is getting reset after selecting

83. AD group attribute- When the member attribute is clicked, it redirects to the assignment page

84. While creating the custom attribute with the same name as the provision rule options, the application is not getting assigned

85. External IDP Rule- When the external IDP authentication rule condition matches the user details, the user is unable to log in to the external IDP. Additionally, when that user is locked, an 'Invalid Auth Config' error message is shown.

86. Provision Rule - Custom Attribute - If the list of custom attributes is more than 10 records while selecting and saving the 11 key, it is not getting saved

87. When the user deletes, add more information in the audit log under the event attribute

88. Amaya-On update token screen getting blank

Known Bugs

1. Manager notification: receiving user name required manager name

2. In the application setting if to user flag is off then the also application shows in the recent application.

3. Unable to identify application properties data type where value is empty

Version: cloud_3.0.10-beta product release

Date: 21 March 2024

New Features

1. Addition of Grade as an attribute for users

   • Workflows updated to support grade based approvers

     • Added grade to Pending Workflow Page

     • Added grade to Workflow List Page

   • Added grade for User profile

     • Added grade in create user, update user and user info page

     • Added grade in user info page for Suspended Users and Archived Users

     • Displaying grade in User Details [Assignee Details]

   • Added grade in Attribute Setting

   • Added grade for the policy map [cymmetri policy mapping drop down]

   • Added grade for the bulk import

   • Added grade in Teams Config Page

     • Added grade in create user, update user and user info page

     • Added grade in user info page for Suspended Users and Archived Users

   • Added grade in OnBehalf config for self user

   • Displaying the grade for self user profile

   • Added the grade for the pull/push reconciliation process

   • Added the grade to get the value of the middle name in a user profile

   • Added grade to create the user through apiext

   • Added grade in JIT to create the user -Not working

   • Added grade value on the page that displays the delegatee

2. Analytics Metabase in the report

   • Configuration of Metabase

   • Metabase Report

3. __MANAGER__ support in policy map for manager assignment in Active Directory (Target application)

4. Addition of Middle Name as an attribute for users

   • Added middle name in create user, update user and user info page

   • Added middle name in user info page for Suspended Users and Archived Users

   • Added middle name for User Profile

   • Added middle name to Pending Workflow Page

   • Added middle name to Workflow List Page

   • Displaying middle name in User Details [Assignee Details]

   • Added middle name in Attribute Setting

   • Added middle name for the policy map [cymmetri policy mapping drop down]

   • Added middle name for the bulk import

   • Added middle name in create user, update user and user info page

   • Added middle name in user info page for Suspended Users and Archived Users

   • Added middle name in OnBehalf config for self user

   • Displaying the middle name for self user profile

   • Added the middle name for the pull/push reconciliation process

   • Added the middle name to get the value of the middle name in a user profile

   • Added middle name to create the user through apiext

   • Added middle name in JIT to create the user -Not working

   • Added middle name value on the page that displays the delegatee

5. Role Required in Application Assigment

   1. In application setting, Role Required flag added.

   2. Application Assignment flag is enabled in the below mentioned pages:

      1. Application assignment page

      2. User page, in application assignment

      3. Self-Service

         1. When user request for application

         2. Teams page, in application assignment

         3. Onbehalf page, in application assignment

Fixes

1. Application Update Workflow- In inbox user name and Login Id fields are showing empty

2. Rename application name as shown below should be Google Workspace and not Google Workplace.

3. Fix typo in application provisioning labels

4. Preference Workflow config popup box - Add Auto option in dropdown list when workflow approver is set to user list

5. My access application- Calendar UI is not proper for 90% resolution

6. Password policy-Show last sync time if already sync

7. MFA attempt configuration-take confirmation on save

8. JIT-Detail showing route error

9. JIT-Custom field-Only type=USER should be present in dropdown, currently showing group also

10. correct notification template-login failed

11. Unlock User- API is getting called twice and login should be shown in encrypted form

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

3. Workflow initiated for form but form is getting updated without workflow approval.

4. In application setting if show to user flag off then also application show in recent application.

5. Creating the user through the JIT: Message was rejected due to issue instant expiration

Version: cloud_3.0.11-beta product release

Date: 05 April 2024

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. New Feature - Amaya (Schema Maker): A new feature called "Amaya" is released for generating policy map, policy attribute, and also for generating schema for various functions - Create User, Update User, Sync User, Search User etc. Using a UI-based designer, an administrator may configure JSON REST-API based applications without needing to write scripts for the above mentioned functions.

2. Role Required in Assign Application(Backend Validation):

   • Bulk Application Assignment

   • Admin Application Assignment

   • Admin User Page

   • Selfservice, User Application Request

   • Selfservice -> Teams, Application Assignment

   • Selfservice -> Onbehalf, Application Assignment

3. Active Directory new bundle (Using unboundid.ldap.sdk library) <Group operation supports>

   • Added a field inside Active Directory User Configuration Page: "Add or Remove group using Simple AD".

4. Added a default filter for the start date as the current day in all report detail views.

5. The view button in the application role is only visible when edit access is not provided to the user, but read access is granted, such as for read-only users.

6. PAM - Device Termination when device unassigned

Fixes

1. Inbox- Request count should be shown in claim> open request as visible in Requests>Open request

2. Application deprovision Workflow- When removing role from user application, workflow is getting triggered but before saving popup box is getting disappeared

3. Password Policy- Accepting -1 in password history versions and also displaying in policy rule when changing password

4. Password Policy- Password history versions should have default 0 value and also add note specifying description of 0 value.

5. Import user with grade,need to handle user import with inactive grade

6. Attribute setting- Not able to disable grade attribute

7. Audit log- Showing application id instead of application name when moving application to tag from self service app

8. AD Authentication- Audit log should be shown when changing password for AD authenticated user

9. My workspace >Teams>Users- The message "User account locked" appears whenever changing pages.

10. Forms- Field name is not displaying double spaces when inserted in JSON field

11. Workflow Config- Add Remove button for stage 1 user

12. Tenant registration flow- show password not working

13. Workflow- Pending/ Inbox- Menu action should not be visible for every application or when field is empty.

14. Identity Hub>User Filters- When applying a filter for inactive users or any other filter and then activating the same user, the filter selection is removed, but the count is still displayed.

15. Upload CSV- Not able to drag and drop csv files in import users, manager assignments, groups

16. Global module search-when product is disabled and the user trying to search then showing an error

17. Application update Workflow- Workflow is not getting trigged when application role is assigned to user

18. Partner portal-delete customer not working

19. Applications-For old google applications name getting replaced with Google Workspace

20. Password Policy>Blacklisted Password- When setting blacklisted password for user showing error

21. Password less login showing error

22. Email Notification- User is not receiving email notification

23. Version Specific > Delegation recent apps- When delegatee is accessing account then excluded application are still showing in recent used apps

24. Admin MFA -on click save showing error

25. TEAMS-Menu action click showing unknown error

26. Admin Dashboard, Risk Dashboard and Insight reports are not loading

27. Taking time to load data in complete application

28. User-Activity -taking time to load data

29. AD- Recon- Push- Users are going into pending state for new AD bundle

30. Managed View- IDM value is not getting displayed

31. Notification template-need to add middlename attribute under system variable

32. Users | Sort by filter should be beside Sort Order

33. Role mandatory-In import assign application there is no validation, without role also able to assign

34. Identity Hub>User>Setting- Admin should not be able to lock himself from setting

35. Suspend user-for AD update , remove application

36. AD application - In Suspend user, application status is showing fail updation state

37. Group-Recon pull-update and full sync assign/update-taking too much time

38. AD Group pull || Only under 1000 member getting pulled (Connid Restriction)

39. Remote group-bulk assignment showing error, "failureReason" : "javax.naming.ServiceUnavailableException: [LDAP: error code 51 - 0000200E: SvcErr: DSID-031A1202, problem 5001 (BUSY), data 0 ]; remaining name 'CN=allgroup,OU=allgroup,dc=cymmetri,dc=in'"

40. When Add group pull/push then server getting stuck due to memory increase.

41. Remote Group assign in bulk-Not moving all user in group under AD

42. AD Application new bundle- If user is inactive in AD, and same user is updated in Cymmetri then user in AD should also get updated

43. AD Recon push-User not getting push in target (New bundle)

44. Adaptive MFA-Blacklisted ip configuration- Not able to enter range

45. Phone number - Phone number and country code validation issue

46. Partner portal- Company name letters should be extended to 100 characters and space at the end should be trimmed

47. Partner Portal- On admin approval dashboard page, column name width should be identical, and if name is extending then extended name should be shown in hover.

Known Bugs

1. Manager notification: receiving user name required manager name

2. Workflow initiated for form but form is getting updated without workflow approval.

3. In application setting if show to user flag off then also application show in recent application.

Version: cloud_3.1.0 product release

Date: 02 May 2024

New Features

1. Add Welcome Guide when no nodes added

2. Amaya Operations cards messages updated

3. Tooltip DX enhancements

4. Add confirmation dialogue when request method is missing

5. File Upload Validations based on filename length and file size

   • File validation applied on User Bulk Imports, Group Assignments, Application Assignments, Role Imports, Upload metadata SSO.

   • Branding Image upload applied image size validation and image name length valdation.

   • Validation also applied on self service User avatar upload, application icon upload.

6. Cymmetri Verify App issuer format is changed now so there wont be duplicate record creation from now onwards, earlier we did not take into account of the environment but now we are considering that as well

Fixes

1. Deprovision Via scheduler when threshold value is set:- Past date user is also getting deprovisioned when rule is applied on status 

2. Application-Role-One role mandatory, validation should be present at least one active 

3. Node name without spaces overlap 

4. Amaya- Not able to drag down node which is at the top most corner 

5. Campaign - Campaign action reminder email time calculation wrong 

6. Campaign- Campaign is getting aborted and summary is showing blank when campaign for local group is executed. 

7. Custom attribute - When custom attribute filter is applied in users, showing no users found 

8. Workflow- Preference config box is not visible while deprovisioning application 

9. Self service app: While setting up secret question authentication in mobile app, user need to click twice on question field. 

10. User activity Ascending Descending not working 

11. Amaya Connector Recon- Showing duplicate role remarks, but in duplicate field showing 0 records 

12. Identity Hub- Groups- After editing groups when on application / activity page user is redirected to users page by default

13. My workspace> Create new tags- showing older suggestion as soon as clicked on new tag field 

14. AD Application - View attribute is empty 

15. Tenant registration | Pressing tab key glitches UI 

16. Missing error code mapping 

17. Grade Workflow- When workflow preference config is set to visible, and workflow is applied for user creation, then popup box is showing user list but in pending showing unknown instead of user list

18. Amaya- When the back button is clicked, a save/discard popup box will appear. However, clicking anywhere on the page directly navigates the user away from the operation page. 

19. Amaya- Save/Discard popup box should not be shown when user is trying to go back without saving any changes 

20. Mobile app- Secret question- Field is showing required even when data is present in field 

21. Cymmetri Verify app- Password recovery should be provided for Exported TOTP user files in case user forgets the password 

22. login via Authenticator-identity provider is inactive then also user able to login. 

23. syslog-configuration- UDP test, for invalid IP also giving success. 

24. Unable to have TOTP account for same username on different environments 

Known Bugs

1. Manager notification: receiving user name required manager name

2. Workflow initiated for form but form is getting updated without workflow approval.

3. In application setting if show to user flag off then also application show in recent application.

4. Unable to identify application properties data type where value is empty

New Features

1. The workflow self-approval module was updated to support custom attributes (type: user type and Converter Type: String ) as condition parameters.

2. Teams config module updated to support custom attribute (type: user type and Converter Type: String ) as condition parameter.

3. On behalf module updated to support the custom attribute (type: user type and Converter Type: String ) as a condition parameter.

4. Auth Rule module updated to support custom attribute (type: user type and Converter Type: String ) as condition parameter.

5. Quick Setup - Setup applications using pre-defined operations

6. Import-Export App Configuration - Transfer configurations of applications smoothly between tenants, simplifying the setup for users by ensuring all configurations, including user configurations, server configurations, and policy maps, are accurately migrated.

7. Removal of Deprovision Rule Exclusion Applications Field: a) Manual Execute Deprovisioning b) Deprovisioning via Scheduler c) Update Threshold Delete Config d) Deprovision Rule Updation e) Backward Compatibility f) Suspend or Resume User g) Impact on UI

8. Access review reject process updated, on rejection workflow support added.

9. SAML Single Logout

10. The new screen will show loading on UI till tenant creation is completed once OTP is verified

11. Interchanged position of login ID and email on add/edit user for better UX.

12. Add support for the page number field for pagination in Amaya

13. 360 Recon

14. Lotus Notes Connector

15. Application Policy Map (Active Directory) samAccountName is compulsory for Create only flag in User as well as Group (AD application new bundle - When SAMaccount name is set to false in Group policy map, members are not assigned in group when recon Pull is executed for both exist=Update).

16. Added Warning information and warning popups (Only UI changes no impact on backend functionality): a. Creation of user manually. b. Updating of user manually. c. Bulk upload CSV (creation of user) d. Manager assignment e. Policy map creation and updation f. Reconciliation Pull operation g. Reconciliation push operation h. Selfservice ➝ Teams: i. Creation of user ii. Updation of user

17. Removal of Email validation from the backend

Fixes

1. The user info page crashed while the user edit fails

2. Import/Export of App Configuration

3. Amaya- Detailed description of failed/executed logs should be shown

4. AD application new bundle- The group link attribute in the db is empty, and users are not getting updated in the group

5. AD policy map- Spaces should be trimmed automatically if included while creating a policy attribute

6. Tenant creation not working

7. New tenant Registration- Showing subscription end for tenant which is not even registered completely

8. Secret question configuration- Admin user should be able to delete secret questions when not in use

9. Secret Question- When a question is already in use and the user trying to delete a question then it should not display a successful delete message.

10. Secret question- Displaying removal validation message when editing a question

11. User> Activity- Add a cross (x) button to clear the selection

12. Onbehalf Config - If the Description is kept blank, no error message is getting displayed on the screen while saving.

13. Team Config - If the Description is kept blank, no error message is getting displayed on the screen while saving.

14. On Behalf config- When the view button is clicked, the user is still able to check or uncheck the boxes.

15. Custom attribute- Even when a custom attribute is disabled from the configuration, it remains visible in the policy map selected dropdown menu

16. Users - View User- Custom attribute fields text UI is breaking

17. Custom Attribute- Require text change in success message to " Custom Attribute activated successfully"

18. Edit User - After deactivating the already assigned custom attribute, in edit user, the system is showing info XYZz" attribute is inactive for the active custom attribute also.

19. Identity Hub- When clicking on edit info from the user menu action, the user account edit page should open instead of the user display page.

20. CTRL+K: When any feature/module is already opened and the user presses the ctrl +k button from the keyboard then the search filter modal is opened at the back

21. Delegation - Delegator and Delegatee consent should not get updated if the user has already set some other consent.

22. Users> Group- Rename the label from 'Delete' to 'Unassign'.

23. Audit- Logs for deprovisioned users are getting repeated.

24. Custom Field- Policy Map- Date is not showing in the correct format

25. Mobile app- When clicking on the user name for the first time after killing the app, the keyboard is hidden

26. Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.

27. Global search (Ctrl+K) - even if characters are not matching still shows suggestions

28. User setting- An error message should be shown when any action is performed and when landing/refreshing the settings page

29. Cymmetri Selfservice App - Need to change the message showing in the popup screen while TOTP is getting authenticated.

30. Mozilla Browser specific- User getting stuck when password-less Webauthn is On

31. Application - SSO - While clicking on Preview assertion, getting the error "processing please wait"

32. Product menu getting hidden on workflow page: a. Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.

33. The user info page crashed while the user edit fails

34. Import/Export- Showing error message when importing the file into a new tenant (AD specific)

35. Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.

36. Quick setup- Data is not getting reset after closing the policy mapping popup box, but getting reset when clicking on the "I'll do later button"

37. Add Page Number support for Amaya.

38. Application - SSO While saving the same config in two applications, while clicking on Edit SP config, a popup showing do you want to continue editing the SP configuration? but only the continue button is given

39. Application - SSO - While saving the configuration in a new application, the save button loader is loading continuously

40. 360 recon-Hide runnow button from detail view

41. 360 recon dashboard filter-add dropdown for break type

42. 360 recon dashboard-label change account overdue to account overdue in the target (also add some info on i icon what is this)

43. 360 recon-Already running recon need to handle, disable the play button, or show a message

44. 360 dashboard-make label consistent

45. 360 recon dashboard-action details showing blank

46. 360 Degree recon-For execution showing error

47. 360 Degree Recon- History some time loading some time not

48. Recon 360 recon- A validation message for missing data is not required as it already shows no data found on the page when recon is not executed at all

49. 360 recon dashboard-action details showing blank

50. 360 dashboard-Search not working on break type

51. 360dashboard-loginid filter not working

52. 360 recon detail data showing mismatch

53. 360 recon execute audit log not present

54. 360 recon dashboard-on 2nd run details getting repeated

55. Amaya Azure- Showing route issue error message

56. Import Application- UI for the name is not proper

57. Import/Export- Recon is not working for AD's new application bundle

58. Teams config - while removing the condition in Group condition, shows the error " Please try again"

59. On Behalf config - while removing the condition in Group condition, shows the error " Please try again"

60. Teams Config - If the condition is kept blank and save is clicked, getting the error " Please try again"

61. On behalf config- If the condition is kept blank and save is clicked, getting the error " Please try again"

62. Import/Export Application- Convertor field types in the policy map are not getting imported

63. Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload

64. Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked

65. Amaya- Policy Map Password attribute datatype identified as password instead of string

66. Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case

67. Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

68. Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

69. Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.

70. Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

71. Workflow- When workflow over workflow is applied 2nd level approver is not getting updated

72. 360 recon should consider full sync

73. 360 recon fails then that 360 recon should be abort

74. Amaya Felicity Role assignment- Taking time to provide an error message

75. Deprovision- Exclusion Application- Application going in pending deletion state when that particular application is added in exclusion application while manually deleting a user from the Identity hub

76. 360 Recon sync with bulk data showing heap size issue

77. AD new application- User list is not getting displayed showing urersrvc unknown error.

78. My workspace> Inbox- When workflow assignment is reassigned by admin, then the previous approver should not be able to accept or reject the request if the page is already open in the previous approver account.

79. Inbox - Workflow Request for setup for application - Need to enhance the details as per user interface.

80. Error in the server log-authsrvc , No impact on the functional flow

81. After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.

82. Campaign - Reviewer can approve self review request

83. The campaign not getting end, for tenant 2711

84. Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over

85. Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over

86. Workflow TAT- Workflow is getting aborted when workflow approver is assigned to the user list

87. Workflow TAT- Showing error when the user is not present and TAT is over

88. Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted

89. Recon pull- with both existing links, audit detail not showing

90. Workflow rule configuration-on edit workflow, previously selected role getting save

91. AD new bundle- Managed View- View should be proper while separating multiple OU in proxy addresses

92. AD new bundle- Manager and account expiry is not visible in the Managed view

93. AD new bundle- managed view- Value is not displayed in a proper format in Name in managed view

94. AD new bundle- Managed View- Showing different Start time/created time

95. In the User creation workflow, L1 - User List approved, L2 - reporting manager after TAT is expired, the request is not getting auto reject.

96. Pending Workflow List - If the approver is User list and Grade then it should display in Current Assign in the pending list

97. User Workflow - If the reporting manager is set as 2 level approver, the reporting manager is showing as Unknown

98. Policy Map- When the attribute is searched via the search button and that attribute is deleted then other attributes are not loaded

99. Profile Picture- After clicking once on the upload button, that button should be disabled

100. PAM-Server access not getting terminated even after time ends (Related to HA environment only)

101. User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type

102. Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"

103. PAM-Server access not getting terminated even after time ends (Related to HA environment only)

104. Workflow Rule - Workflow is initiated when the group is set as an approver, the group is not visible on the popup screen

105. AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and the user attempts to update the description, the description does not get updated in the AD

106. deployment_analytics_1 Service CPU utilization is 100%

107. Import/ Export- When a file is exported from a different env (Dev) and imported to QA env, then credentials are also imported along

108. Security Bug Fixes:- E2E request/response payload encryption for all APIs of authservice (as of now, planning to rollout for all the services in the next phase)

Known Bugs

1. Manager notification: receiving user name required manager name

2. Unable to identify application properties data type where value is empty

3. Amaya || Create user operation fails due to an invalid password

4. In forgot password/password breach condition-asking disabled MFA factor also

5. Amaya-Autofill policy map, When the value is not present to the user at the time of application then Amaya passes "$." to the target

6. Campaign - Reviewer can approve self review request

7. After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.

8. Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in the Active Directory

9. Amaya- Client ID should be visible in encrypted form

10. Provision Rule - While creating and configuring the custom attribute as "New ", the system is not initiating the rule.

11. AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed

12. Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted.

13. AD Application- When the Ad test provision fails, and the user tries to delete the application from a user account, then the application should gointon a fail deletion state

14. Audit- Taking time to load audit logs

15. AD Application- Showing error when inserting start date in AD

16. In the application setting to user flags off then the also application shows in the recent application.

17. User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.

18. Branding- When show Unlock link from branding is kept as No, and the admin user account gets locked, then the user is not able to unlock the account from the login page

19. Application- When a user is adding /removing a role then it is not getting reflected without refreshing

20. group push-not taking user in AD at the time of update

21. Passwordless- WebAuthn; Showing not allowed error

22. Delegation-On behalf: when login by the delegate and the on-behalf condition is not satisfied still shows the on-behalf toggle button and gets removed when refreshed

23. AD Application- Group name should not accept space while creating or updating group name

24. Audit- Audi log should show log when the user is not getting any records in Recon history but showing task executed

New Feature

1. UI/UX || Warning added || Application Config Import Modal || Auto 'Create Only' for User Principal policy mappings

2. A new feature has been developed for the "Recommendation Engine", enabling seamless integration and management of application and role recommendations. The recommendation engine supports the generation of personalized applications and role suggestions for each user. The system supports the automatic synchronization of data from various sources, ensuring that recommendations are always based on user behavior. All recommendation engine configurations and data synchronization are stored and can be easily retrieved and updated as needed.

3. UI/UX || Amaya || Add support for JSON body validation through validate button

4. Audit log comparison for oldObject and newObject when they are in detailed format

5. UI/UX Inconsistent button placement in some modules fixed to a default below position

6. UI/UX Onboarding walkthrough of New users

7. ICICI: a. The inbox title in the workflow setup event has been updated to display the workflow name. b. Workflow (Pending workflow list) requester and requestedFor column added for display

8. Identity Analytics (Reporting Engine)

9. End-to-end Request/Response Payload Encryption for all authservice's API. (/authsrvc/*)

10. User Threshold (Phase 2): i. Update Email Title and Template ii. Create a new 'Move to Archive' button to manually archive a user. iii. Make the notifications field mandatory in the User Threshold Configuration. iv. Added the Org Admin as the default notifier in the user threshold configuration. (Not supported for old tenant). v. Update UI Error Message Format vi. The User Threshold staging mode name has been changed. vii. Failure to Move Staging User to Archive Manually and Audit Log Display for fail. viii. The changes made to the staging dashboard view. Include a comparison between the previous and updated versions of the UI. ix. Show the display name in the Threshold Delete operation on the Staging Dashboard. x. Notification Field in User Threshold Config for deleting users.

Fixes

1. Amaya- When server connector timeout is changed and test configuration is clicked, it shows a "connector not found in cloud" error in the Audit log

2. Import User - If loginid already exists, then the remark shows "Usrsrvc.existing Login". Change this text to "Existing Login ID"

3. Import/Export- Showing host server details when the file is imported for script connector

4. My Access - Tags - Roles is not getting displayed in the Application

5. Application - Clicking on the role tile, SSO is happening and also while clicking on close icon, SSO is happening

6. Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared

7. Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed (To correct the data need to perform data-logger sync for respective tenant. Refer configuration steps here)

8. Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive

9. User threshold mail notification- Title changes required

10. Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted

11. Audit Filter- Add cross button in Target Type and Action field.

12. Threshold Config- Validation message for all three operations should be similar

13. Threshold Create/Update- Spelling for exceeded is not correct

14. Notification Template - Toggle and status should display in status column as per other modules.

15. Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"

16. User setting- External idp rule is active-An admin user should not be able to reset user password when the external IDP rule matches the user condition

17. Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"

18. Audit Filter- Add cross button in Target Type and Action field.

19. Portal-For module update showing error, already exist

20. My Access - Tags - Roles is not getting displayed in Application

21. Threshold Config- Validation message for all three operations should be similar

22. Threshold Create/Update- Spelling for exceeded is not correct

23. Notification Template - Toggle and status should display in status column as per other modules.

24. Create User- While creating user on newly created tenant, assign group page showing text "No group assigned , assign group"

25. Create user - While creating user on newly created tenant, assign application page showing text "No data found, add application"

26. Group Unassignment: The message appearing on group unassignment is incorrect

27. Push and FIDO scan zoom functionality not available at the time of Device MFA

28. Push and FIDO scan zoom functionality not available at the time of application MFA

29. Campaign Reassign -inactive users are also listed for reassignment on click

30. Login page- AD auth- Provide proper UI message when AD adapter details are incorrect

31. Amaya- When server connector timeout is changed and test configuration is clicked, it is showing "connector not found in cloud" error in Audit log

32. Import User - If loginid already exist , then remark shows "Usrsrvc.existing Login" . Change this text to "Existing Login Id"

33. User threshold- Pending Staging- When changing page select all box should be unchecked.

34. Threshold Pending staging- Whenever the page changes or the number of records per page is modified, the selection should be reset

35. Import/Export- Showing host server details when file is imported for script connector

36. Threshold pending staging- When the retry button is clicked multiple times, the validation message does not appear after the third click on UI

37. Application assignment- Change user search suggestion watermark

38. Onboarding registration- When resolution is at 80%, PAM report admin option is not visible in dropdown

39. Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed

40. After release v 3.1.2, for old updated tenant campaign module is disabled

41. Onboarding registration- When an application is selected and then reverted to the previous page, selecting the application again causes the application count to double

42. External JIT- JIT configuration should be disabled until new external idp configuration details are filled

43. External IDP- JIT- API is showing "undefined" error on clicking JIT button and on enabling JIT configuration

44. External IDP- JIT- Reverse the title, it is confusing for user

45. MFA - Secret Question - Question selection is getting non-selectable after entering incorrect answers and then retrying for correct answer

46. My workspace>Inbox- Count is not showing when records are in claim

47. Reports( Employee's with upcoming contract end date) - By default date filter should be applied of 30 days

48. Provision Rule - Cursor of the condition is getting overlapped with footer of the page.

49. Onboarding - Login credentials timeout error

50. My Access - Superset Application logo and label should be changed

51. Applications- When any attribute is updated (made empty in the target application) and recon for both exist operation is executed, the corresponding attribute in Cymmetri should also be cleared

52. Deprovision- User is getting deprovisioned even after user status is changed to Active from Inactive

53. Audit log-Recon - When recon is executed with status as Inactive, audit log is showing "Recon initiated successfully" but not any log for execution failed/aborted

54. User threshold mail notification- Title changes required

55. Application- Managed view- When manager is removed from Cymmetri, user is still getting displayed in managed view

56. Create Threshold Config> Csv import- Showing empty records in pending staging list when threshold limit is exceed and user are imported via csv file

57. Reports- SSO based application- Reports are blank/ not showing data when SSO based application are accessed

58. My workspace>Inbox- Count is not showing when records are in claim

59. login with admin-Campaign detail show role also, currently role showing only for campaign manager

60. Cymmetri Selfservice App - Once we click on the web link from scanner , it should show confirmation popup on screen (Suggestion)

61. Selfservice Mobile App - When app is in Quit state and open the app via scanner(camera), it is not redirecting to login page of the website

62. Push Authenticator - Need to change the error message

63. User creation- While creating new users then going to next level that is on groups page and then on application page ,then user should be redirected back to the group's page when back button is clicked instead of existing user creation page

64. Showing error when saving workflow with name( User creation, Application provisioning, Application deprovisioning)

65. deployment_analytics_1 Service CPU utilisation is 100%

66. Campaign-email report showing error

67. Some time tenant registration not working,showing WriteConflict error in the service

68. Application provisioning and deprovisioning workflow initiated request is not getting displayed in activity logs.

69. Workflow Rules - Application Deprovisioning event - If condition is set as RegEx for custom attribute is not working

70. User update-Showing audit failed-Write conflict

71. Report - Updated record should display on top.

72. Auth rule showing unknown error

73. Workflow List - View any workflow detail - While clicking on info icon it is showing Grade List Detail

74. AD-Recon-If Policy attribute marked inactive then also it is getting pull from AD.

75. Login via Application admin- When click on application showing processing please wait error message.

76. Applications- Application are not getting assigned to user and also audit log is not visible for the same

77. PAM write admin not able to assign users,user list not populating

Known Bugs

1. Manager notification: receiving user name required manager name

2. In the application setting if to user flags off then the also application shows in the recent application.

3. Unable to identify application properties data type where value is empty

4. Amaya || Create user operation fails due to an invalid password

5. Reports- Records are displayed after 11min approximately

Version: cloud_3.0.2-beta product release

Date: 01 December 2023

**To ensure the highest quality standards, some features in this version are marked for further refinement and will not be included in the current release. Please refer to the next approved release for updates and improvements.**

New Features

1. User management service restructured.

2. PAM - Sub domain added in Authentication Parameter

3. UI/UX Improvements:

   • Show username in user selection dropdown menus

   • Show Cymmetri Verify app link on MFA TOTP Registration and App MFA TOTP, Push, Fido

   • Show message when cookies are disabled on browser

   • Cymmetri Verify App update (v5.10)

     • App drawer, header and lock screen UI improvements

     • Search box moved to header

     • Show search history

     • Haptic feedback on TOTP code press

4. Cymmetri Verify App Hotfix (v5.10.1)

5. Introduced spring expression language in SAML.

6. In Multifactor otp config we can't disable both email otp and sms otp. At least one should be active.

7. Group Provisioning

8. Cymmetri Mobile App update (v1.5)

   • Added QR code self registration for TOTP, Push and FIDO

   • Added TOTP self verification eliminating need for finding and copying TOTP from cymmetri Verify app for the login

   • Added App lock with biometric in the app

Fixes

1. Forgot password-User is not receiving email notification

2. Workflow description spelling correction

3. Workflow on unassignment-On role unassignment, if any workflow already trigger then message should be shown

4. Manage view- for converter used parameter not showing

5. Application-date converter, recon pull getting stuck

6. Workspace | click search box creates Ul glitch

7. Login with Read only user- Configuration> Syslog configuration- Configuration should be gray out and should not be editable

8. Configuration>User decommission config- Add a short description specifying functionality (Title)

9. MFA- Rename SMS Authenticator to OTP Verification

10. Configuration>Master>Zone>Gateway IP- Sorting is not working

11. Configuration>Master>Global>Value- Sorting is not working

12. Configuration>Master>Zone>Name- Sorting is not working

13. User Onboarding| Contact info details not accepting other country mobile number

14. Delegation- Successful Validation message should be shown after user is assigned

15. Time-based role assigned application- Time based Application is not getting deleted after time period is completed when role is assigned

16. Configuration>Master>Zone- Showing old zone data when creating new zone

17. My workspace>Access Review>IG>Managed - When all the checkbox of Info field are disabled, then title checkbox should also be disabled

18. Provision- When user is trying to create new role, role is not getting added neither validation message is shown

19. Cymmetri Verify - IOS - Push/FIDO Verification screen not shown when app opened through its notification

20. Cymmetri Verify - App protection not working

21. Self service app- User when trying to login on self service app having Fido authentication On, user is redirected to Play store but see in play store app is not clickable

22. Cymmetri Verify - Same day exported file - with file count attached to the name is reported as invalid file

23. Application provisioning MFA- When max TOTP/OTP/Secret Question invalid answers limit exceeds, it should show validation message and should be redirected to login page.

24. Application Role workflow- User is applying workflow for specific role but non workflow as signed role is also not getting assigned

25. Update user import sample file

26. usersrvc/api/user/dropdownList- in above path, for create workflow in bulk

    when we create in bulk it is showing out of memory

27. Global Notification disable-by default it is off

28. Notification template- Global Notification for OTP is off still logs is showing mail sent(True)

29. Campaign with group-Campaign getting aborted

30. Multi-role assignment with form, then form adding repeatedly for each role, expected only one form should be there

31. Deprovision rule- User is not getting suspended when end date is applied at the time of user creation

32. Users Import- User name, Login should get trim if space is included while importing user

33. Identity Hub> User session- User session is not getting terminated even after revoking users session button is clicked

Known Bugs

1. Manager notification: receiving user name required manager name

2. AD Group pull || Only under 1000 member getting pulled (Connector Server Restriction)

New Features

1. User Threshold: a. A UI change has been made in the general configuration for the threshold. b. Creation of user c. Updation of user d. Deletion of user e. Staging for user threshold f. Retry staging user from staging dashboard. g. Archive for user threshold h. Notification for user threshold

2. User directory search API updated for quick search (keyword): a. Support dropped for grade, userType, department, designation, and custom-attributes b. Supported on: employeeId, email, mobile, firstName, lastName, middleName, displayName, login

3. Data logger service version info added.

4. Tenant registration database creation process optimization.

5. Pending Workflow Inner page applied functionality to reassign users from the inner page

6. Added QR code zoom feature on FIDO, TOTP and push Authenticator scanner.

7. VPT: Modify routes of API - /usersrvc/api/user/directory/list/{appId} remove user role form routes.

8. Custom Attribute support in the following Workflow Rule Events a. User Creation b. Application Provisioning c. Application Deprovisioning d. Application Update

9. Added the following templates in Amaya Quick Setup: • Atlassian • Zoho CRM • Zoho Desk • Zoho Books • Zoho Expenses

10. Provided support for integer values for ROLE assignment through Amaya.

11. Tenant Registration Process Resumption: If the tenant registration process is interrupted, it can be seamlessly resumed and completed using the existing account configuration. The registration process can be resumed from the following stages: a. Pending OTP Verification b. Incomplete Credential Setup

12. Active Directory || SimpleAD Connector upgrade: a. UserAccountControl attribute support added b. memberOf attribute support in manage system viewer c. ProxyAttribute attribute support added

13. External IDP SSO: a. added support to login into cymmetri as an external identity provider as IDP initiated sso.

14. SAML IDP SSO: a. added support to send IDP initiated (cymmetri) sso response to cymmetri as a service provider.

15. TOTP Config

16. Removal of Email validation from the backend

17. DataLogger | Refer to configuration steps here: a. data-logging framework optimization. b. Full sync support, this step is optional and required only if, • Tenant audit database is not present, or • Tenant audit database is corrupt so fresh setup is required.

Fixes

1. Error in the server log-authsrvc, No impact on the functional flow

2. Team config - Create - Discard button issue - After clicking not able to add the details in the condition section

3. Rule engine- Remove the "above" word from the note

4. login with admin-Campaign detail show role also, currently role showing only for a campaign manager

5. Amaya API returns null if error instead of error and errorCode

6. Hide metabase analytics

7. Workflow rule configuration-on edit workflow, previously selected role getting save

8. User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type

9. Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"

10. Identity Hub- The pending initial login symbol is visible far away from the user name.

11. On behalf configuration - While disabling and enabling the toggle, a popup message shows "This change will take effect on the user's next login" but it is getting reflected on the fly.

12. On-behalf>Delegation- On behalf, mthe enu is not visible when logged in via the Delegatee account.

13. SSO- Group mapping- Save button should be enabled when mandatory fields are filled

14. Workflow- Even after updating the reporting manager as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

15. Global search (Ctrl+K) - even if characters are not matching still shows suggestions

16. The product menu getting hidden on the workflow page

17. LDAP connector-LDAP SSL should be saved in Boolean in the DB

18. User setting- An error message should be shown when any action is performed and when landing/refreshing the settings page

19. User setting- External IDP rule is active-An admin user should not be able to lock a user when the external IDP rule matches the user condition

20. Schedule history-ad by default today filter for from and to

21. Teams config- When the view button is clicked, the user is still able to check or uncheck the boxes

22. Menu action- Displaying an error message when a user already has one role assigned and tries to assign a menu action.

23. Custom Attribute-Provision- When a custom attribute with special characters is created and applied in a provision rule (for user creation), the provision rule fails to trigger after the user is created.

24. Lifecycle Management - All menus - The discard button is not working as expected.

25. Application - SSO While saving the same config in two applications, while clicking on Edit SP config, a popup showing do you want to continue editing the SP configuration? But only the continue button is given.

26. Application - SSO - While saving the configuration in a new application, the save button loader is loading continuously

27. Amaya- Rename all operations(Test, Search, Sync, etc....) in sentence case

28. Group Policy map- For group custom attribute Cymmetri field type should be automatically selected as working in the user custom field

29. Teams config - while removing the condition in Group condition, shows the error " Please try again"

30. On Behalf config - while removing the condition in Group condition, shows the error " Please try again"

31. Teams Config - If the condition is kept blank and save is clicked, getting the error " Please try again"

32. On behalf config- If the condition is kept blank and save is clicked, getting the error " Please try again"

33. Import/Export- Showing error message when importing the file into a new tenant (AD specific)

34. Import application-show error message user or groupwise

35. Import application- Showing an error message when importing an Amaya-based application if the exported application was without the policy map checked

36. Import/Export - When any application configuration is imported into a new tenant, the user should be redirected to the application provisioning page after the upload

37. Amaya Azure- Showing route issue error message

38. Import/Export Application- Convertor field types in the policy map are not getting imported

39. Import/Export- Recon is not working for AD's new application bundle

40. Workflow- When workflow over workflow is applied 2nd level approver is not getting updated

41. Workflow- Even after updating Grade as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

42. Workflow- After updating the user list as the 2nd level approver in the workflow, the 1st level approver is still being set at level 2

43. Workflow- When the level 3 approver is updated in the workflow, a 'Workflow Not in Range' error message is displayed.

44. Workflow TAT- Workflow is getting aborted when workflow approver is assigned to the user list

45. Team config - Create - Discard button issue - After clicking not able to add the details in the condition section

46. Import/Export- By default, the time in the application name should be removed when exported

47. Rule engine- Remove the "above" word from the note

48. login with admin-Campaign detail show role also, currently role showing only for a campaign manager

49. Hide metabase analytics

50. Error in the server log-authsrvc, No impact on the functional flow

51. AD new application- User list is not getting displayed showing urersrvc unknown error.

52. The campaign not ending, for tenant 2711

53. Workflow rule configuration-on edit workflow, previously selected role getting save

54. AD application new bundle - When SAMaccount name is set to false in the Group policy map, members are not assigned to the group when recon Pull is executed for both exist=Update

55. My workspace> Inbox- When workflow assignment is reassigned by admin, then the previous approver should not be able to accept or reject the request if the page is already open in the previous approver account.

56. After the campaign workflow triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.

57. Workflow TAT- Workflow is getting aborted when grade is set at second level approver and set TAT time is over

58. Workflow TAT- Workflow is getting aborted when 2 level approver is set and set TAT time is over

59. Workflow TAT- Showing error when the user is not present and TAT is over

60. Workflow TAT- Showing unauthorized error when TAT is over and operation is getting aborted

61. User - Assign Application - Workflow initiated - Workflow Approvals page displays User list in Grade type

62. Reports- SSO-based application- Reports are blank/ not showing data when SSO-based applications are accessed

63. Pending Workflow -If the L1 approver is User List, then while clicking on the info icon, the popup does not show the user list. Also, it is " Grade List Details"

64. AD new bundle>Group- When the "Sam account name" update checkbox is unchecked and the user attempts to update the description, the description does not get updated in the AD

65. Import/ Export- When a file is exported from a different env (Dev) and imported to QA env, then credentials are also imported along

66. Identity Hub- The pending initial login symbol is visible far away from the user name

67. On behalf configuration - While disabling and enabling the toggle, a popup message shows "This change will take effect on the user's next login" but it is getting reflected on the fly.

68. In the User creation workflow, L1 - User List approved, L2 - reporting manager after TAT is expired, the request is not getting auto reject.

69. On-behalf>Delegation- On behalf menu is not visible when logged in via Delegatee account

70. Import Manager-Manager is deleted and the user trying to assign them in the import history shows success but the audit shows a failed

71. Application delete-Campaign-Deleted application available for review

72. AD new bundle- User policy map- When Sam account name is mapped with any attribute and update checkbox is kept false, and the user is updated, the audit log shows a failed

73. Workflow>Inbox- Address field names in inbox /pending workflow and identity hub users are not the same

74. SSO- Group mapping- Save button should be enabled when mandatory fields are filled

75. Campaign-email report showing error

76. deployment_analytics_1 Service CPU utilization is 100%

77. Application - Form - When submitted as blank, after assigning the application page is getting blank.

78. Reports- Records are displayed after 11min approximately

79. CSV Import users- An error message is not shown when the user is unable to save user details if space is included in the email

80. After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.

81. User Workflow - If the reporting manager is set as 2 level approver, the reporting manager is showing as Unknown

82. Workflow>Inbox- Address field names in inbox /pending workflow and identity hub users are not the same.

83. Export- Rename Config type to Select All

84. MFA- When the default MFA rule is inactive, the user can delete the default rule as well

85. Amaya connector>Policy mapping- The bottom slider should be fixed

86. Amaya || Validation preventing usage of long valid header

87. Amaya Connector- By default only green colored (confirmed policy attributes) should be checked

88. Amaya Quick Setup- When an auto test run fails and operations are manually updated, clicking 'Generate Policy Mapping' should exit the page.

89. Application delete-Campaign-Deleted application available for review

90. Import Manager-Manager is deleted and the user trying to assign them in the import history shows success but the audit shows a failed

91. Import/Export- By default, the time in the application name should be removed when exported

92. SSO - OpenID - Configure CIDR - Add - While clicking on the Add icon without entering any details, blank data is getting added.

93. SSO - OpenID - Configure CIDR - While clicking on the delete icon, no message is displayed and the entry is removed

94. Workflow List - View - Showing label as "Custom Workflow "

95. Import/ Export- Application name while importing file should be limited to 50 characters

96. Application - SSO - SLO toggle enable/disable audit log

97. SOD; policies-Policy owner name is not getting updated after updating the user name from the Identity hub and without the owner name policy is getting saved

98. AD new bundle- When recon is executed for both existing updates but the application is not linked, still user is still getting updated.

99. Application - Form - When submitted as blank, after assigning the application page is getting blank.

100. Masters - Grade- While clicking on the Add button it shows showing edit page of an existing record

101. Tenant registration- Showing suspicious popup box when clicked on verify your email

102. New tenant registration- If the tenant is already on the registration page then after clicking verify email from the mail box should show tenant is already registered

103. Tenant registration- Taking time to register the tenant

104. Email verification - The email verification link redirects to the otp verification screen.

105. My Workflow> Teams- Add a short menu button

106. Tenant creation not working

107. After release v 3.1.2, for old updated tenant campaign module is disabled

108. Portal-For module update showing error, already exist

109. Push and FIDO scan zoom functionality not available at the time of Device MFA

110. Push and FIDO scan zoom functionality not available at the time of application MFA

111. User setting- The external IDP rule is active-An admin user should not be able to reset the user password when the external IDP rule matches the user condition

Known Bugs

1. Manager notification: receiving user name required manager name

2. Unable to identify application properties data type where value is empty

3. Amaya || Create user operation fails due to an invalid password

4. In forgot password/password breach condition-asking disabled MFA factor also

5. Amaya-Autofill policy map, When the value is not present to the user at the time of application then Amaya passes "$." to the target

6. Campaign - Reviewer can approve self review request

7. After the campaign workflow was triggered on revoked, even though the campaign had ended and the workflow was approved, applications were still getting unassigned.

8. Remote Group- AD Application- When users are removed from a remote group in Cymmetri, those members should also be removed from the group in the Active Directory

9. Amaya- Client ID should be visible in encrypted form

10. Provision Rule - While creating and configuring the custom attribute as "New ", the system is not initiating the rule.

11. AD new bundle- When an AD application is assigned to a remote group, the application is highlighted in the background while assigning but disappears as soon as the application popup box is closed

12. Reports- When the report is scheduled, Scheduler history shows content not found and the execution status is aborted.

13. AD Application- When the Ad test provision fails, and the user tries to delete the application from a user account, then the application should go in a fail deletion state

14. Audit- Taking time to load audit logs

15. AD Application- Showing error when inserting start date in AD

16. In the application setting if shown to the user flags off then the also application shows in recent applications.

17. User lock- When a user account is active, and the same account is logged in through another browser, and by any means, the account gets locked, the first session should get terminated.

18. Branding- When show Unlock link from branding is kept as No, and the admin user account gets locked, then the user is not able to unlock the account from the login page

19. Application- When a user is adding /removing a role then it is not getting reflected without refreshing

20. group push-not taking user in AD at the time of update

21. Passwordless- WebAuthn; Showing not allowed error

22. Delegation-On behalf: when login by the delegate and the on-behalf condition is not satisfied still shows othe n-behalf toggle button and gets removed when refreshed

23. AD Application- Group name should not accept space while creating or updating group name

24. Audit- Audi log should show log when the user is not getting any records in Recon history but showing task executed

New Feature

1. Logic - The FormLogic functionality, enables you to store custom data using flexible, administrator-defined forms. It empowers you to create forms tailored to your specific data collection requirements, providing a versatile solution for various data management needs.

2. 360 Degree Reconciliation - Compare tab added to the current feature, where the user can compare with the source application and target application and further generate reports and download CSV.

3. SkipPasswordExpiry - We are enhancing our Password Policy by introducing a new field, SkipPasswordExpiry, within the PasswordChangeRule. This enhancement allows users to opt out of the password expiry process entirely. When the SkipPasswordExpiry field is enabled, users will not receive warnings or notifications about password expiry, nor will they be prompted to change their password due to its expiration.

4. Connector a. SimpleLDAP application

5. ICICI Client - Role-Based form delivery in IGA.

6. SDK-based integration to send mobile push notifications to mitigate legacy API issues: a. Fido Based Notifications b. Normal Push Based Notifications

7. The LDAP adapter has been updated with a new feature that eliminates the need to enter a username and password for each execution.

Fixes

1. Time-based Application: Timebased application assignment message spelling incorrect

2. Deprovision- When applications are assigned via group and deprovision is executed all the applications should get deleted.

3. Teams - Suspended Users - List View - Edit - It is redirecting to Users but showing blank screen

4. Application Search: When clicking on "View More Applications" and searching for an application, the application is not being found.

5. Pending Staging- When no records are present on the page, the "Select All" button should be disabled like the other buttons.

6. User Onboarding - Dropdowns are not loading when creating a user after adding an Admin during the registration process.

7. Global search - Pending action is not coming in global search

8. Form logic-Configured Forms -On click setting icon screen getting flicker

9. Selfservice Submit form-Update error message and backend error code if pre and post hook script having error.

10. Form logic-on form submit close form

11. Form logic-Selfservice-My Form Submissions pagination, page getting blank

12. Archived Forms detail-Revision data showing wrong, showing non existing list

13. Form logic-After changing form schema, form detail showing blank

14. Form logic-User submissions-Provide search by taskeid,username,loginid

15. Form logic-on all screen search only working for the exact case, expeted should be work for matching cases

16. Form logic-Form table-sorting not working

17. Form logic-Pre and post hook should be non mandatory

18. Form map with rule-if form map more than defined limit then error message showing only one time

19. Staging users details - Version history log user details not loading

20. Form logic-Configured form and archive form detail, back button behaviour is not as ex[ected, need to click multiple time.

21. Form logic-Form Access Rules-Link form, save button should be disabled till form selection

22. form logic- if request is timeout or fail then feature showing diabled

23. Form logic-User submissions-Provide date filter

24. Workflow || Additional Form Info || Readonly text-based form submissions

New Features

1. Due to the limited resources in QA env and to ensure effective utilization, we are not currently proceeding with the new development to the recommendation service from both the backend and UI at this time. Hence, we kindly request you to exclude the recommendationsrvc service from the QA environment during deployment until further notice.

2. CISO Dashboard service deployment remains the same as the last release since the sprint release for the same is mid-next week. (EoM - September 2024)

3. Reconciliation Enhancement a. Reconciliation Job Notifications b. Reconciliation Job Dashboard c. Handling of Partial Job Failures d. Reconciliation Filters

4. Email Configuration Update a) Mail Username and Password fields no longer require validation, allowing them to be empty. This is because some email servers do not require authentication. b) Other fields, such as Mail Port, Mail Host, and Mail Sender, still require validation to ensure proper email functionality

Fixes

1. Form logic-When TAT is executed then in the detail show the message "Form Logic Workflow Rejected by system"

2. Assign Application- The application page not getting refreshed automatically after deleting/assigning applications.

3. Amaya Policy Mapping- The search button should be present.

4. Amaya || Validation prevents the usage of variables in the URL

5. FormLogic || Step 2 of form || Form config JSON should be mandatory

6. Amaya- The present header key disappeared when saving the value

7. Quick setup policy mapping- When any fields are not filled and an error is shown, the user should be taken to the error field

8. Amaya>Policy Mapping- Showing repeated validation message on UI when clicking on the reset button

9. Amaya- When the JSON body type is changed from raw to any other format, the previous type is cleared, but the response is not being updated accordingly

10. Amaya- After 3-4 attempts of clicking the validate/save button, the validation message is no longer being displayed.

11. Form logic-form detail-Need to provide rule link.

12. Staging Users - Version History - Change the text "Update Version" to "Updated Version"

13. Form logic-When TAT is executed then in the detail show the message "Form Logic Workflow Rejected by system"

14. Onboarding- The page is being skipped when the "Create User" popup box is clicked outside of it.

15. Audit log- UI layout is getting distorted for long role name

16. Application role- The Role page layout is getting distorted when a role with a long name is created

17. Application Role- When a role with a long name, including spaces, is created, the UI (specifically the Cancel and Save buttons) is affected while unassigning the role from a user account.

18. Application Role- UI is getting impacted.

19. Selfservice mobile app-inbox-User detail not showing.

20. CSV Bulk Import- When a bulk file is imported via CSV, attribute fields take time to load

21. Amaya Policy Mapping- The search button should be present.

22. Workflow || Additional Form Info || Readonly text-based form submissions

23. Policy map- Empty values are getting saved in the policy mapping

24. Amaya- When the JSON body type is changed from raw to any other format, the previous type is cleared, but the response is not being updated accordingly

25. UI new user walkthrough- Sentence correction needed

26. UI new user walkthrough- Description should be changed

27. Quick setup policy mapping- When any fields are not filled and an error is shown, the user should be taken to the error field

28. Amaya- After 3-4 attempts of clicking the validate/save button, the validation message is no longer being displayed.

29. Form logic-Form table-sorting not working

30. Form logic-Pre and post hook should be nonmandatory

31. Form logic-User submissions-Provide date filter

32. Form logic-on all screen search only works for the exact case, expected should work for matching cases.

33. Partner portal-add user-country list not loading.

34. CSV Bulk Import- When a bulk file is imported via CSV, attribute fields are taking time to load.

35. Form details UI is different in Pending and Completed Workflow than showing in the selfservice inbox section.

36. Form logic-Selfservice app-My Requests-form detail not showing

37. Skip Password Expiry- Session expires when the refresh button is clicked having skip password expiry enabled

38. FormLogic || Unable to save rule after changing condition

Known Bugs

1. Manager notification: receiving user name required manager name

2. In the application setting if to user flag is off then the also application shows in the recent application.

3. Unable to identify application properties data type where value is empty

4. Amaya || Create user operation fails due to an invalid password

5. Reports- Records are displayed after 11min approximately

6. Deprovision Rule executed via Scheduler - Workflow is not getting initiated for the set of users based on status/end date

7. Workflow List - Getting error " Contact system administrator" on technova tenant

8. FormLogic || Step 2 of form || Form config JSON should be mandatory

9. Recon - Abort sync state - System is getting auto abort and failure log showing nothing and

10. Recon Dashboard History> Search field- A Placeholder should be added specifying search is applicable for only the application name, also No data found should be shown and pagination should get clear when the page is empty

11. Recon Failure sync status - Showing "Reconciliation In Progress" in fail status

12. Application Recon History- Slider should be added at the bottom

13. Recon Dashboard history- Users/groups are getting created in Cymmetri even when the process is aborted from the dashboard

Cymmetri dashboard provides administrators with a centralized and visual representation of key information and controls related to identity management, access governance, and administration.

The dashboard serves as a command center for overseeing and managing the identity lifecycle, compliance, and other aspects of identity and access governance within an organization.

Upon Logging in the admin is landed on the dashboard where they can see the following:

• Shortcut to configure recently added application - Configuration means adding roles, defining provisioning, reconciliation, SSO, etc.

• Users Activity - Total Successful user logins in Cymmetri on that day

• Accounts Locked - User account locked event on that day

• Users Onboarded - New users being onboarded in the system on that day

• Password reset - Password reset activity in the system on that day

• Authentication stats - Number of successful and failed login attempts in a timeframe

• App Identity - It displays the application reconciliation activity with respect to the users.

Cymmetri also displays some important system KPIs to the admin as shown below

Application - Number of applications onboarded in Cymmetri

Active Users - Total number of active users in the system

Total Users - Total number of users onboarded in Cymmetri

Roles - Total application roles created in Cymmetri

Workflows - Total approval workflows created in Cymmetri

Password policy - Total number of password policies created for user authentication in Cymmetri

Rules - Total rules created in the System for provisioning, MFA, approval workflows, etc.

Users unlogged - Number of users who have never logged in to Cymmetri

Additionally, there are some useful system shortcuts placed on the right side of the page to make faster business decisions.

To access Cymmetri, users must use a web browser, such as Google Chrome or Safari, and enter the appropriate address in the address bar as shown below:

URL: https://<companyname>.cymmetri.com/login

Example: https://helpdocs.cymmetri.com/login

Once the address is entered it opens a page as shown below, where the users may enter their username and password to access Cymmetri.

1. Start by clicking on the link register.cymmetri.io to start the registration of your tenant on the Cymmetri Cloud 2.0 and enter your personal details with your work email. Click on Next.

1. Enter your country, and phone number (mandatory to receive OTP), and enter a domain name for your tenant. In case the domain available message is not shown, choose a different domain name. Click on the Start Trial button.

1. You will receive an OTP on your mobile number from the previous step. Enter the OTP here and wait for a few seconds for your tenant to be created.

1. You will be redirected to your domain to create the first Organization Admin user. Ensure that your password matches the password policy.

1. You will receive a message to show that your tenant has been created.

1. Click on the Login button to proceed with the onboarding process

2. Enter your username and press Next

1. Enter your password and proceed with the setup of your tenant by clicking on the Login button.

1. Choose applications from the application catalogue, and click on the application icon for all the applications you wish to add. Then click on the Next button.

1. Enter details to create a second administrator account. Click on the Send Invite button to create an administrator. Click on the Next button to proceed.

1. (Optional) Add users if you wish to. Then click on Finish.

1. You will be redirected to the Dashboard to proceed with the system.

Next Steps:

1. Learn how new users can access your tenant.

2. Manage your users and groups.

3. Manage your applications.

4. Check out your workspace.

5. Add your own branding.

In this section within Cymmetri, a range of general or broad configuration settings and options are managed. These settings encompass various foundational configurations that affect the overall behavior of Cymmetri.

There are different system configurations in Cymmetri mentioned below:

On Behalf

Time Based

In the Time-Based configuration, system administrators can determine whether the system will send repeated notifications to users based on the number of days remaining, as specified in the 'Send Notifications before' field. This occurs when an application is assigned to the user as a time-based application and is about to expire.

Email Config

These settings and configurations within Cymmetri are specifically related to the management and customization of email-related functionalities. This configuration area allows administrators to set up, manage, and customize, the email communications as per the organization's needs.

Suspend Config

Within the Suspend Config section, administrators have the ability to determine the duration a user remains in a suspended state before transitioning to the archived users' section. This can be specified using the "Suspend After" setting.

Scheduler Integration:

The system incorporates a scheduler feature, enabling administrators to automate the transition of users from the suspended state to the archived state. The scheduler runs within defined time frames, streamlining the management of user statuses.

As an example, if the "Suspend After" configuration is set to 0 days, a user will promptly move to the archived users section upon suspension. This allows for flexibility in tailoring user management to specific organizational needs.

Workflow Preference Config

Within the Workflow Preference Config, administrators have the ability to specify the visibility and editability of workflows associated with user access requests for a particular application. This setting allows for tailored control over how approvers interact with the configured workflow.

Visible to the User:

When this option is selected, approvers for the requested application are visible to the user initiating the access request. Transparency is maintained throughout the workflow process.

Hidden from the User:

Opting for this configuration ensures that approvers for the requested application remain hidden from the user. The workflow operates discreetly in the background without user visibility.

Editable by the User:

If this preference is chosen, users initiating access requests have the ability to select approvers based on their availability, providing a more dynamic and user-centric workflow experience.

This functionality applies if a workflow has been configured for the specified application, offering flexibility in managing user access requests in alignment with organizational requirements.

The approvers mapped in the workflow can only be edited only if they are part of the "user list" in workflow configurations.

In conclusion, if the workflow preference config is set to Editable, the requester will only be able to select the approver from the workflow if the approvers are part of a user list.

Reset Password OTP Config

This setting involves whether an OTP (One-Time Password) is required as an additional verification step when users attempt to change their passwords.

User Decommission Config

The User Decommission Config is a vital feature in Cymmetri, allowing administrators to automate user decommissioning based on login activity.

In this configuration, actions are triggered if the user hasn't logged in to Cymmetri in N number of days

Config Days: Set the threshold for user inactivity in terms of days. Users who have not logged in for the specified duration will be subject to the defined actions.

Actions: Choose from three distinct actions to be taken when the specified inactivity threshold is reached:

• None: No action will be taken based on user inactivity.

• Inactive: Users exceeding the configured inactivity period will be marked as inactive.

• Delete: Users who have not logged in for the specified duration will be suspended from the system.

Syslog Configuration

Syslog configuration in Cymmetri allows for the seamless integration of logging and event information with external Syslog servers. By defining specific parameters, administrators can ensure that critical system events, user access information, and other relevant data are transmitted in real-time to a Syslog server.

Syslog Config fields:

1. Syslog Name - Assign a unique name to this Syslog configuration

2. App Name - Specify the application name associated with this Syslog configuration.

3. Server Host Name - Enter the hostname or IP address of the Syslog server that will receive log messages

4. Server port - Define the port number on the Syslog server where log messages will be sent.

5. Protocol - Choose the preferred protocol for Syslog communication - TCP or UDP.

In configuring these parameters, administrators tailor Cymmetri's interaction with external Syslog servers, optimizing the logging process to meet organizational needs.

Webhooks Configuration

Webhooks in the Cymmetri's admin module provide a powerful mechanism for real-time communication and integration with external applications or services. Administrators can configure various webhook settings to enhance the system's functionality and streamline interactions with external components.

Webhook Configs:

1. Protocol - Communication protocol - (Static field)

2. Method - HTTP method for webhook requests - (Static Set to post)

3. Server - Enter the server or endpoint URL where the webhook payloads will be delivered.

4. Server Context path - provide the context path for the specific service within the server.

5. Secret - This secret key, known to both Cymmetri and the external service, helps authenticate the webhook requests.

6. Token Expiry Minutes - Define the duration (in minutes) for which authentication tokens associated with webhook requests are valid.

Application Request Config

This setting determines if a user has the ability to initiate requests for new applications through the Cymmetri self-service page.

When the status is active, the user will see the "Add New" button on the "My Access" page within the "My Workspace" section. By clicking this button, the user can submit an access request for additional applications.

Threshold Delete Config

The Threshold Delete Config is a critical component in Cymmetri, governing the maximum number of users that can be deleted from the system in a single day.

This configuration provides an additional layer of control to prevent unintended mass deletions and ensure the security and stability of Cymmetri

Cymmetri supports the following web browsers: