New and Modified Functionalities
Following is a summary of changes in SAM 4.0 Release (July 2019):
Revamp Activation, User Authentication functionalities to new IAM platform and user will experience modern UI/UX.
Enhanced Account Recovery functionality on new Interface and experience to include additional account recovery method.
GDPR Retention Policy – Update Data archival and retention policies for SAM to meet GDPR requirements
Risk Based Authentication – Risk Based Authentication will trigger at application level.
Pre-populate Login Reference when user forwarded to SAM login with the login reference value.
1. User Activation: Revamp user first time login functionality using modern UI/UX experience
First Time Login (FTL) process will include new and enhanced user experience and interface. Features that will be enhanced are:
New User activation First Time Login email
Setup new password
Setup security questions and answer
Resend Activation email
2. User Authentication: Revamp account authentication functionality modern UI/UX experience
User Account Authentication functionality will include new and enhanced user experience and interface.
Remote Identity Provider (RIDP) users and Non-RIDP user authorization will experience a new interface and experience flow.
Account verification methods are - Phone OTP, Mobile Id and Hardware OTP.
3. Account Recovery: Enhancing Account Recovery functionality to include additional account recovery method
Forgot and Expired Password flow will allow user to recover their account by completing one for the following additional verification steps:
Security Questions and Answer
4. Risk Based Authentication: Modifying Risk Based authentication at application level
Risk based authentication will trigger at application level (service provider). When an application has turned on the RBA, user access will require a risk check. User will be required to authenticate with an additional factor based on an increase in risk as per Risk Based Authentication Rules.
5. Other New and Enhancement Requirements
Following is a list of additional enhancements in SAM 4.0:
Email OTP and Restriction functionality: Turn off email OTP for RIDP user at RIDP provider level
Enhance SAM inviter API to include a user proof level in the API response when searched for
Fall Back Exostar CAPTCHA when Google invisible CAPTCHA is not acceptable
Ability for SP Admin to view/modify application external user ID
Improve the performance of suspension configurations