Purpose and Document Scope
This document states all features and functionality that are either added, modified for SAM 4.2 release (June 2020). A brief background of all new functionality or modifications for this release is provided.
This document is intended to provide a high-level overview of functionality changes introduced and modifications to existing functionality that were incorporated into this particular release of SAM. It is not intended for those who require deeper technical knowledge of any specific feature or enhancement.
New and Modified Functionalities
Following is a summary of updates implemented to Secure Access Manager for SAM 4.2 Release:
- Update to the number of pages on the SAM user service agreement
- Governance update – Improved user experience
- Enhanced Activation and Authentication workflow for continuous user experience improvements
- Enhanced messaging for continuous user experience improvements
- Improved security compliance for Exostar Administrators
1. Update to the number of pages on the SAM User Service Agreement
Reduced the number of pages to the agreement by migrating the Terms and Condition to Exostar Terms and Conditions.
2. Governance update – Improved user experience
As a continuation to SAM’s user experience improvement, user functionality will include enhanced user experience and interface.
Updated the activation link expiration period and reminder email timeline:
Configured the validity period for account activation link to 14 days and reduced the number of automated reminder emails to four (4) before account deactivation.
Updated activation email template.
Improved user self-reset password from expired password link:
User will now be redirected to the account recovery if an expired link is used for password reset. This provide user the ability for self-support.
Updated the password reset expiration period and email template.
Change the validity period for the password reset link to 30 minutes.
Updated number of failed attempts for lock account functionality:
Increased the number of failed attempts allowed to seven (7) and lock account time to 15 minutes.
Improved account locking functionality after seven (7) failed consecutive attempts to include password and any 2 step verification access.
Enhanced account lock functionality for seven (7) failed consecutive login attempts across password or all the additional factors.
3. Enhanced Activation and Authentication workflow for continuous user experience improvements
User Activation and Authentication functionality now include a new enhanced and improved user experience and interface.
Users will now be able to login using their full User Principal Name.
Users will now be able to choose to cancel their 2 step verification during account credential elevation.
4. Enhanced messaging for continuous user experience improvements
Enhanced UI error messages to maintain a consistent style while improving the user experience. This is an ongoing effort for improved usability:
Improved user experience by providing more consistent messages and user information on UI.
Improved user experience by displaying error message during session timeout from various authentication workflow.
Improvement to error messaging when user enter invalid or expire verification code.
5. Improved security compliance for Exostar Administrators on access
Improvement to Exostar Administrative role(s) to elevate credential to access resource on SAM.
6. Fixes and Other Enhancements
This section is used to give a summary of all the below, as it relates to the defects fixed as part of the release. Understanding that there are more, we only list critical/high defects and then for the summary.
- Upgraded event handling functionality
- Upgraded provisioning interface
- Upgraded user interface
Risk Based Authentication browser cookie set for 30days
- Turn off Account Lock email notification
Click here to view: SAM 4.2 Release Notes
Click here to view: SAM Release Notes 4.1
Click here to view: SAM Release Notes 4.0