new
Provisioning
Changed:
- Add logging who approved a threshold block
- Support input and output context on Powershell v2 Target system (Beta could have breaking changes in future releases only for testing, not production)
- Conditional notification event (Beta could have breaking changes in future releases only for testing, not production)
Fixed:
- Can't reset 2fa when email address contains a space
- Cannot delete agent via HelloID admin
- Unable to uninstall a agent which is disconnected for a while
- Unable to scroll in business rule conditions
Service Automation
Changed:
- Remove PowerShell support from cloud Agent for "Add-Type" and "New-Object"
- Open Delegated Form by specific URL
- Disable form exit when click outside modal
- Add support for double click in dual list form element
Fixed:
- Automation system catalog is empty outside of production environments
- HelloID inbox not refreshed upon approve / deny
- Double pending approval notification in HelloID notification center
- Grid export to CSV does not contain all values
- Editing a global variable to be encrypted doesn't work
- Removed deprecated link "view requests" from Managed Users > Product details
- Product return on user disable doesn't happen after disable by AD sync
- Datetime form element display style incorrect
- Admin portal "Self Service" menu collapses when opening product overview
new
Provisioning
Changed:
- Audit logging on publishing Business Rules
- More summary details on what changed when publishing a rule
- Target Powershell system mapping (Beta could have breaking changes in future releases only for testing, not production)
Fixed:
- HelloID not loading target connectors
- HelloID Elasticsearch reports not loading when the users email field is empty
- WS Fed Error when logging in (sometimes)
- Pending update action which never executes because off a force update
- Tooltip shows an error when retrieval of entitlements results in an error
Service Automation
Changed:
- Show execution state of delegated form
- Notify requesting user of the approval (or deny) of his request by email
- Change formatted output of DateTime and Time form element
Fixed:
- Normalize HelloID incident tags
- Minor changes to product edit screen based on feedback
- Product overview routing category filter backwards compatibility issue
- Prevent Product and Delegated Form category names with commas
- Prevent changing HelloID native data source configuration
- Grid export to CSV does not contain all values
- Product delete confirm modal broken (hotfix)
- Workflow auto deny does an approve (hotfix)
new
Provisioning
Changed:
- Remember filter on grids
- Title/department code in condition overview of Business Rules
Fixed:
- Webhooks could sometimes have an empty body
- Lifecycle notifications not send when a system was selected in the notification
- AzureAD exchange could trigger an update notification without changes when proxy addresses were set to update
Note:
- Provisioning elastic data might not be visible for a few days after the release, after the data migration all data will be available again
Service Automation
Changed:
- Record approver when a product is approved via Admin portal - Administration
- Allow filtering on multiple product categories using specific URL
Fixed:
- Improved Cloud Agent stability
- Removed possible recursive manager lookup in Elastic messages and add the manager to all elastic user objects
- Native data source configuration broken (hotfix)
- Delegated form groups do not show group name in Admin Panel (hotfix)
- Cleanup UI element for 'AD delegated forms' (hotfix)
new
Important
- Provisioning requires the newest agent for communication
Provisioning
Changed:
- Specify the print format for date fields
- Different time schedule options for scheduling
- Improved agent (dis)connection logging details
- Improved visibility of Exchange Online entitlement logging
Fixed:
- Enforcement run is never finished
- Errors retrying grant account on AD when account no longer correlates
- Fixed an issue that could cause the department and title selectors in the business rule conditions to show no data
- Fixed an issue in the AzureAD connector that could cause the Exchange Online password to be overwritten by "*******"
- Fixed an issue that could cause no person lifecycle event mails to be sent
Service Automation
Changed:
- Create API end-point for product overview per user
- Manage dynamic form directly from product edit screen
Fixed:
- Self Service Administration does not support 'Assign' with products having time limits
- Return product on user disable is not working when disabling via AD sync
- Product with max duration time is not returned after duration period
- Scheduled tasks do not run if scheduled on Sunday
- Not possible to assign a product via API which has max. duration setting
- Delegated form opened Elastic message contains no manager data
- Data source editor is missing the right-click menu paste option
General
Fixed:
- Improved stability by Implementing rate limiting on Azure AD -> HelloID sync
new
Provisioning
Changed:
- Pre on/off-boarding notifications
- Notification in account delete event
- Description of business rules
- Ability to transfer to a new leading person when approving a suggestion.
- Ability to manually transfer to a different person within existing aggregation configuration
- deleteDiacriticalMarks automatically replace the ß with ss
- Allow Microsoft.PowerShell.Commands.WebRequestSession and System.Uri types in PowerShell Cloud
- Notification email editor improvements
- Limit target logging:
- 1. Manual (retry entitlement & preview): 500 per action + all levels
- 2. Scheduled (enforcement & force update): 100 per action + only error and warning levels
Fixed:
- Convert to string option was available for non-custom fields which could trigger a person(s) update
- A creation of a snapshot with zero persons causes the snapshot to never end and prevents the creation of a new snapshot
- it's possible to start a second enforcement when the first one is still running
- it's possible to start a second permission update when the first one is still running
- Action is stuck in evaluating when a grant or update is forced for an entitlement of a deleted person
- Security improvements
- MFA (user choice) shows only English text
Service Automation
Changed:
- End-of-Life: Built-in Delegated Forms
- Open new product request by specific URL
- Visibility disabled users in Managed Users / Products
- Add "source" property to Product Request API
- Add support for providing Product action name using API
Fixed:
- Improved stability of SA Agent connections
- Delegated Form activity overview does not show user correctly in some cases
General
Fixed:
- Sometimes an empty message is sent when using the webhook for incidents
new
Provisioning
Changed:
- Added option to convert custom fields in persons and contracts to string
- Add support to return the account object as part of the PowerShell after AD action
- Force update all entitlements for one person
- Notification TO address not required
- Improvements to database initialization
Fixed:
- Fixed idp values not being reported consistently to elastic
- Fixed tenants not being updated in elastic
- Fixed updates not being executed in order for dependent systems
Service Automation
Changed:
- Enhanced security of cloud environment
- Removed deprecated provisioning menu items in admin portal
- Implement new Request History overview
- Add support for requestedFor user object in PS data sources
- Add "Align options vertical" option to radio form element
Fixed:
- Issue with (re)connecting SA Agent (partly work in progress)
- Admin css not loading when turkish language is set in browser
new
Provisioning
Changed:
- Automatic merging of persons
- Only show manageable groups for AzureAD connector
- Create resources (combinations)
Fixed:
- Combination between blocked actions and enforcement could result in evaluating actions that are never executed
- Error publishing existing Business Rule
Service Automation
Changed:
- Support "SetPassword" as an action in the custom Audit messages
- Add Delegated Form opened event to Elastic reporting
- Ask for confirmation on a product return
- All occurrences of "resource manager" are now renamed to "resource owner"
- Added a new native data source "HelloID Users"
Fixed:
- Some privileges in Service Automation are cached and are not reset on logoff -> logon
- Task variable types in delegated form show as [Object object]
- Exception is not shown when creating an audit log record in which the field type is not a string
- Delegated Forms: Task reports Pending although no task is configured
- Forms with an email field cannot be submitted
- Emails sent with send-email task have a broken company logo
- If the requester is one of the resource owners that should approve the request other resource owners receive a mail notification for approval
- Multistep form validation is blocking form navigation
- Value of conditionally visible grid not shown in form data in the activity overview
- Approve / deny comments not working when request comment is hidden
Access Management
Changed:
- Added extra logging when processing webhooks
- Sync EmployeeID and Manager attributes in AzureAD-> HelloID (Pending approval from Microsoft we still have to make manuals adjustments to the Azure AD app)
- Deprecate: Iframe integration
- Login to the report engine now shows an option to logoff when we detect you're logged in as another user
new
Provisioning
Changed:
- Unmerge by approval when a leading person is removed from the source
- Ability to use all contract fields to determine primary contract
- A message is shown when another user has changed the business rules before publishing
Fixed:
- When days before/after are configured before switching they will be applied to the inactive filter
- Intellisense in source mapping
- No audit log records in reports in trainingscluster
- Returning an audit log record from PowerShell target system without a message would result in an error processing the result of the action
- Prevent publishing of a rule if the UI is displaying older configuration
- Manager isn't set on a merged person
Service Automation
Changed:
- Enhanced security Service Automation cloud infrastructure
- Added option to remove chosen item from dropdown list
- Make 'Show summary' an optional condition in Delegated Forms
Fixed:
- Sending email with local agent not working on HelloID Training cluster
- Issue with PowerShell data source resolving tenant information details
- Authorization issue for uploading an icon for self service products
- DateTime form element not displayed correctly for none English languages
- Broken company logo in approval emails
- Conditional visibility not saved correctly for checkboxes
- Email input form element does not allow capitals
Access Management
Changed:
- Support for content security policies in the header
- Support IP6
- Support DNS Sec
- Add audit logging to WS-Fed and WS-Trust login attempts
- Allow manage reports users to create saved searches
- Added navigation links on the reports page
- Only show open incidents on the dashboard
- Added a new general section for reports
- Reports are now available via 443 port
- The agent installer update will keep current settings on services
- Custom domains & certificates will be automatically updated on next Monday outside working hours
Fixed:
- Get user API call returns deleted or disabled users instead of the active user
- Get user enrollment will not always return all the linked applications because of caching
- Issues with Azure Ad Scim sync
new
Provisioning
Changed:
- Support up to 30.000 persons in the vault (See documentation after release for other limits)
- Support up to 200.000 accounts in correlation report
- To manage provisioning you need to enable the provisioning rights in a role
- Added import and snapshot audit reports to elastic
- Added canceled state for imports
- Added source import logging limit
- Scheduled: 100 logs max, warning + error only
- Manual: 100.000 logs max, all levels
Fixed:
- Display name not shown on blocked persons
- Contract Priority Logic not working correctly when using 0 in sequence value and the FTE, Hours per week, Percentage has value 0
- Contracts overview in Person details view does have an issue with height when having multiple contracts
Service Automation
Changed:
- Reduced load on HelloID infrastructure by reducing polling calls from Directory Agent for Automation Tasks
- Add configurable options to the "comment" field in product summary
- Add product request, approval and deny comments in Elastic reports
- Add support for email notifications using SA (cloud) agent
- Automatically Delegated Form task retry when local SA agent is back online
- Add form data to elastic reports for Self Service Products
- Delegated form tasks can now be retried when previously succeeded
- Pending delegated form tasks can now be cancelled
Fixed:
- Form names in Delegated Form activity overview are not always displayed
- Email approval buttons are visible in some cases when they shouldn't
- Elastic custom audit message from Delegated Form task is missing "isError" and "activityId" properties
- PowerShell data source execution in editor did not worked anymore for cloud agent
- Fixed an issue where intellisense mapping did not work anymore in a very specific situation
- Approval Workflow configuration screen did not load anymore
- HelloID incident not closed after successful task execution
- Write-Information; Write-Error; Write-Warning and Write-Verbose now support complex objects in their responses (shown in the logs as json-strings)
Access Management
Changed:
- A incident is only shown when a general HelloID issue takes place in the same region as the portal exists in
- All mails send or attempts from all modules are stored in our report engine and visible as report under the Access Management section
- Support sending admin notifications to all tenants in a particular tenant region
- We changed the time and date selection in our report engine (using the default of Elastic)
- The ability to search data in a report with a new search bar
- Add support for domain hint in Azure OIDC IDP
- We prevent the creation of new tenants when we are releasing a new version of the management portal
- We prevent the selection of already assigned subscriptions to other tenants in the management portal
- Tenant name is added to the subscription of a PAYG invoice (makes it easier to see for which tenant the invoice is)
- A notification is sent to cleanup HelloID tenants when tenant is more than 3 months expired
new
Provisioning
Changed:
- Updated the default post PowerShell scripts to include entitlementContext variable
- Updated the default Powershell permission script so that the reference in case of sub permissions are working the same for all scripts.
- Improved auto-save functionality
- Support for null values (Seen as furthest in the future) on an end date when calculating the primary contract
- Option to disable a Target system so no new actions will be executed but the entitlement state will be preserved.
- Improvement performance of the snapshot overview and various other screens
- For improved performance and user convenience, the contract mapping preview now displays a single selectable contract instead of the whole person model including all contracts
- Improved customer logging for snapshots
- Identification of a person (external id) was stored for a maximum of five releases now it's stored for a period of three months. So if a person returns within three months it's seen as the same person as before and the logging is still visible.
Fixed:
- Warning not shown when getting groups in the AD target connector has too many results without searching
- Evaluation report link from the email does not load
- Notification center for schedules did not always display schedule started messages
- Reopening an email template after saving with a reference to a system shows an id instead of the name of the system
- Autocomplete isn't fully working when mapping the source
- Extra component: Agent Tag to HelloID incident when Agent is offline
- Removed detailed agent logging (script & parameters) when any Powershell script fails
Service Automation
Changed:
- Changed mechanism for internal authentication between SA services. This was the main cause for the recent HelloID SA instability.
- Enhanced API support for product assignment and product task running
- Removed "Configurable in form" option for PowerShell data source inputs
- Create HelloID incident on Delegated Form task failure using new SA agent
- Add link from HelloID incident (on Delegated Form task error) to corresponding Delegated Form activity
- Send message to Elastic when a product is returned
- Remove "Directory Configuration" option from Delegated Form
- Add warning in product edit screen if resource owner group is empty
- Enhanced reliability for storing SA-Audit messages to Elastic reporting
Fixed:
- Product time limit interferes with hide approval buttons in approval email
- Security enhancement retrieving data source information in front-end client
- Added validation for invalid duallist data source configuration using API end-point and form editor
- DateTime element not displayed in correct language
- Default Product action send email no longer supports multiple to-addresses (hot fixed)
- Add extra Tag to HelloID incident when Agent is offline
- Removed unsupported image icon for Markdown form element
- Dutch translation for managed users page
- Missing request history timeline card for returned state using DeleteProductOwnership API
- Product assign fails (Admin portal) when the product has an action configured in the requested state
- Conditional visibility between 2 grids is not saved correctly on first time
- Readonly textinput field shows "no value" in form when summary setting is "Hide value"
- Checkbox FormControl is editable on read-only display
Access Management
Changed:
- Validate headers when importing CSV with tokens
- License usages are now of a type integer in the audit logging. With this, we're able to use them in reports
- Support accounts are now automatically revoked after 24 hours for security reasons.
- Tenant domain is added to the subject of an email that is sent when an incident occurs
- Removed request secure access button when configuring an application (requesting proxy at support)
Fixed:
- License usages are missing from audit logging
- Azure AD SCIM Directory Synchronization failed for some tenants
- Extra component: Agent Tag to HelloID incident when Agent is offline
Load More
→