Page tree




SAM Release Notes 4.0

New and Modified Functionalities

Following is a summary of changes in SAM 4.0 Release (July 2019):

  •  Revamp Activation, User Authentication functionalities to new IAM platform and user will experience modern UI/UX.

  •  Enhanced Account Recovery functionality on new Interface and experience to include additional account recovery method.

  •  GDPR Retention Policy – Update Data archival and retention policies for SAM to meet GDPR requirements

  •  Risk Based Authentication – Risk Based Authentication will trigger at application level.

  •  Pre-populate Login Reference when user forwarded to SAM login with the login reference value.


1.  User Activation:  Revamp user first time login functionality using modern UI/UX experience

First Time Login (FTL) process will include new and enhanced user experience and interface.  Features that will be enhanced are:

  •  New User activation First Time Login email

  •  Setup new password

  •  Setup security questions and answer

  •  Resend Activation email


2.  User Authentication:  Revamp account authentication functionality modern UI/UX experience

User Account Authentication functionality will include new and enhanced user experience and interface.

  •  Remote Identity Provider (RIDP) users and Non-RIDP user authorization will experience a new interface and experience flow.

  •  Account verification methods are - Phone OTP, Mobile Id and Hardware OTP.


3.  Account Recovery:  Enhancing Account Recovery functionality to include additional account recovery method

Forgot and Expired Password flow will allow user to recover their account by completing one for the following additional verification steps:

  •  Security Questions and Answer

  •  Email OTP

  •  Phone OTP

  •  Mobile ID

  •  Hardware OTP


4.  Risk Based Authentication:  Modifying Risk Based authentication at application level

Risk based authentication will trigger at application level (service provider).  When an application has turned on the RBA, user access will require a risk check.  User will be required to authenticate with an additional factor based on an increase in risk as per Risk Based Authentication Rules.


5.  Other New and Enhancement Requirements

Following is a list of additional enhancements in SAM 4.0:

  •  Roche customization/Branding 

  •  Email OTP and Restriction functionality:  Turn off email OTP for RIDP user at RIDP provider level

  •  Enhance SAM inviter API to include a user proof level in the API response when searched for

  •  Fall Back Exostar CAPTCHA when Google invisible CAPTCHA is not acceptable

  •  Ability for SP Admin to view/modify application external user ID

  •  Improve the performance of suspension configurations

How useful was this content?

Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 2 rates