Regular channel changelog

Subscribe to get automatic updates: Regular channel changelog RSS feed

Refer to the Changelog archive for release notes published before 16 Sep 2022.

03 Feb 2023

Key features

Deprecate skip option for tenant administrator MFA: ForgeRock has deprecated the option to let Identity Cloud tenant administrators skip 2-step verification. Customers can continue to use the skip option in their tenants, but this functionality will be removed from Identity Cloud on February 3, 2024.

Refer to Tenant administrator mandatory 2-step verification FAQ.

Resolved issues

Issue ID	Summary
FRAAS-9679	Deprecate skip option for tenant administrator MFA

Issue ID

Summary

FRAAS-9679

Deprecate skip option for tenant administrator MFA

31 Jan 2023

Key features

Service accounts

You can now use service accounts to request access tokens for most Identity Cloud REST API endpoints without relying on a particular identity in your system:

Call Identity Cloud APIs programmatically without needing a human identity.
Access AM or IDM APIs in the same way using a signed JWT.
Set scopes on each service account to assign only necessary permissions to access tokens.
Use for automation and CI/CD tooling.

For details, refer to Service accounts.

Resolved issues

Issues marked with an asterisk (^*) were inadvertently excluded from the rapid channel changelog.

Issue ID Summary

Issue ID	Summary
FRAAS-13478	Remove unrelated AM root realm changes from promotion reports
FRAAS-13519	Remove unexpected file changes from self-service promotion reports
FRAAS-13620	Improve performance of promotion report generation by removing unrelated data
FRAAS-8477	Service accounts
IAM-1939	Fix hCaptcha support in Platform UI
IAM-2025^*	Add Uncategorized to the journey category filter
IAM-2224	Replace bullets with checkmarks when validating password policy
IAM-2305^*	Add support for localized logos in end-user UI
IAM-2847	Increase the size of the terms and conditions modal window
IAM-2912	Enable promotions UI to ignore encrypted secrets
IAM-3011	Update risk configuration UI to show only user-modifiable configuration
IAM-3012	Add new `userConfig` endpoint to the `riskConfig` API
IAM-3015	Update risk configuration evaluation UI so that updates use the new APIs
IAM-3016	Fix the `gotoOnFail` query parameter to redirect in case of failure
IAM-3041	Prevent proceeding from the Active Directory modal window without entering base DNs
IAM-3076	Fix Salesforce provisioning connection
IAM-3079	Fix single sign-on (SSO) setup when app name has a space
IAM-3088	Enable suppression of the login failure message from the failure node
IAM-3091^*	Fix localized headers rendering as [object Object]
IAM-3107^*	Remove bitwise filter on Active Directory page
IAM-3108^*	Update Maintain LDAP Group Membership option to not be selected by default
IAM-3109^*	Update cn property to be optional in Active Directory target mode
IAM-3110^*	Update ldapGroups property to be available by default in Active Directory target mode
IAM-3111^*	Fix password hash algorithm
IAM-3122	Fix font weight of the title text on provisioning tab
IAM-3139^*	Fix Revoke button in Users & Roles to revoke users, and not be clickable when there are no users to revoke
IAM-3142^*	Fix Active Directory user filter anomaly when deleting a row
IAM-3145	Fix Active Directory assignment on array attributes to be a merge and not replace
IAM-3146^*	Update user-specific attributes to be editable by administrators
IAM-3177	Add paging back to application list view if workforce feature is not enabled
IAM-3257^*	Fix escaping of ESV placeholders in the advanced email editor
IAM-3335	Fixed display of localized favicon

FRAAS-13478

Remove unrelated AM root realm changes from promotion reports

FRAAS-13519

Remove unexpected file changes from self-service promotion reports

FRAAS-13620

Improve performance of promotion report generation by removing unrelated data

FRAAS-8477

Service accounts

IAM-1939

Fix hCaptcha support in Platform UI

IAM-2025^*

Add Uncategorized to the journey category filter

IAM-2224

Replace bullets with checkmarks when validating password policy

IAM-2305^*

Add support for localized logos in end-user UI

IAM-2847

Increase the size of the terms and conditions modal window

IAM-2912

Enable promotions UI to ignore encrypted secrets

IAM-3011

Update risk configuration UI to show only user-modifiable configuration

IAM-3012

Add new userConfig endpoint to the riskConfig API

IAM-3015

Update risk configuration evaluation UI so that updates use the new APIs

IAM-3016

Fix the gotoOnFail query parameter to redirect in case of failure

IAM-3041

Prevent proceeding from the Active Directory modal window without entering base DNs

IAM-3076

Fix Salesforce provisioning connection

IAM-3079

Fix single sign-on (SSO) setup when app name has a space

IAM-3088

Enable suppression of the login failure message from the failure node

IAM-3091^*

Fix localized headers rendering as [object Object]

IAM-3107^*

Remove bitwise filter on Active Directory page

IAM-3108^*

Update Maintain LDAP Group Membership option to not be selected by default

IAM-3109^*

Update cn property to be optional in Active Directory target mode

IAM-3110^*

Update ldapGroups property to be available by default in Active Directory target mode

IAM-3111^*

Fix password hash algorithm

IAM-3122

Fix font weight of the title text on provisioning tab

IAM-3139^*

Fix Revoke button in Users & Roles to revoke users, and not be clickable when there are no users to revoke

IAM-3142^*

Fix Active Directory user filter anomaly when deleting a row

IAM-3145

Fix Active Directory assignment on array attributes to be a merge and not replace

IAM-3146^*

Update user-specific attributes to be editable by administrators

IAM-3177

Add paging back to application list view if workforce feature is not enabled

IAM-3257^*

Fix escaping of ESV placeholders in the advanced email editor

IAM-3335

Fixed display of localized favicon

19 Jan 2023

Key features

BioCatch authentication nodes: The new BioCatch authentication nodes integrate BioCatch scoring for identity proofing, continuous authentication, and fraud protection.

For details, refer to Marketplace.

Resolved issues

Issues marked with an asterisk were inadvertently excluded from the rapid channel changelog.

Issue ID	Summary
AME-22948*	Create endpoint to log out sessions based on user identifier
FRAAS-11964	Avoid potential performance degradation when removing expired token state
FRAAS-12140	Integrate BioCatch authentication journey nodes
FRAAS-13242	Improve invalid page size error message
OPENAM-13766*	No configuration found for log in with session condition advice deny
OPENIDM-17392	Prevent script typos that cause services to fail from being introduced into the system
OPENIDM-17664	LDAP connector has invalid configuration when whitespace added to Base DN
OPENIDM-17953	Support email addresses that contain non-ASCII UTF-8 characters

Issue ID

Summary

AME-22948*

Create endpoint to log out sessions based on user identifier

FRAAS-11964

Avoid potential performance degradation when removing expired token state

FRAAS-12140

Integrate BioCatch authentication journey nodes

FRAAS-13242

Improve invalid page size error message

OPENAM-13766*

No configuration found for log in with session condition advice deny

OPENIDM-17392

Prevent script typos that cause services to fail from being introduced into the system

OPENIDM-17664

LDAP connector has invalid configuration when whitespace added to Base DN

OPENIDM-17953

Support email addresses that contain non-ASCII UTF-8 characters

12 Jan 2023

Key features

Workforce application and connector management

In new tenants created on or after January 12, 2023, you can use the improved applications page to integrate Identity Cloud with external data stores or identity providers. The applications page acts as a one-stop location where you can:

Register and provision popular federation-capable applications quickly and easily by choosing from a library of templates, such as Salesforce and Workday.
Register and provision your organization’s custom applications.
Manage data, properties, rules, SSO, provisioning, users, and groups for an application.
View the connection status of each application.
Activate and deactivate an application.

For details, refer to Application management.

Event hooks

Event hooks let you trigger scripts during various stages of the lifecycle of users, roles, assignments, and organizations.

You can trigger scripts when one of these identity objects is created, updated, retrieved, deleted, validated, or stored in the repository. You can also trigger a script when a change to an identity object triggers an implicit synchronization operation.

Post-action scripts let you manipulate identity objects after they are created, updated, or deleted.

For details, refer to Event hooks.

Daon IdentityX authentication nodes

The new Daon authentication nodes let you integrate with the Daon IdentityX platform for MFA with mobile authentication or out-of-band authentication using a separate, secure channel.

For details, refer to Marketplace.

Onfido authentication nodes

The new Onfido authentication nodes let you use Onfido’s solution for collecting and sending document identification and, optionally, biometrics to the Onfido backend for verification.

For details, refer to Marketplace.

Resolved issues

Issues marked with an asterisk were inadvertently excluded from the rapid channel changelog.

Issue ID	Summary
DATASCI-1548	Update the filter text on the Autonomous Access dashboard from "All Risk Scores" to "Risk Score"
DATASCI-1550	Update text on the Autonomous Access dashboard’s Copy on User Detail page
FRAAS-11158*	AM cache outdated during restart of Identity Cloud services
FRAAS-11574	Integrate Daon authentication journey nodes
FRAAS-11575	Integrate Onfido authentication journey nodes
FRAAS-11964	Avoid potential performance degradation when removing expired token state
FRAAS-12477	Add list of encrypted secrets to promotion reports
FRAAS-12492*	Add classes to the scripting allow list
FRAAS-12494	Unlock the environment and stop checking progress after successfully promoting an environment
FRAAS-12545	Remove the option to keep orphaned configuration nodes from the promotions API
FRAAS-12552	Add redirect for custom domain login screen
FRAAS-12713	Promotions API failed to generate a report
FRAAS-12917*	Email invites to sandbox tenant administrators sometimes do not work
FRAAS-12939	Add proxy state to output of lock state endpoint for promotions API
FRAAS-12988	Prevent placeholder support being enabled unless a specific migration flag value is set
FRAAS-13057	Add only standard placeholders (not user-defined placeholders) prior to enabling placeholder management
FRAAS-13082*	Provisional report endpoint can return 500 if requested repeatedly before cache is built
FRAAS-13121	Provisional reports can cause promotion service to run out of memory and restart
FRAAS-13244	Unable to log into tenant to perform self-service promotion
IAM-2658	Application management improvements
OPENAM-19485	Access multi-tenant social providers without requiring multiple secondary configurations
OPENIDM-17556	Ensure RDVPs are not erased for all types of managed objects for all types of PUT operations
OPENIDM-17616*	Add support for direct assignments
OPENIDM-18024*	Implement weighted assignments
OPENIDM-18037*	Create endpoint for aggregating effective assignments and user identity object type outbound mapping values
OPENIDM-18063*	Include Google Apps connector in bundled connectors
OPENIDM-18388*	Do not schedule clustered-recon-resilience jobs for reconById invocations

Issue ID

Summary

DATASCI-1548

Update the filter text on the Autonomous Access dashboard from "All Risk Scores" to "Risk Score"

DATASCI-1550

Update text on the Autonomous Access dashboard’s Copy on User Detail page

FRAAS-11158*

AM cache outdated during restart of Identity Cloud services

FRAAS-11574

Integrate Daon authentication journey nodes

FRAAS-11575

Integrate Onfido authentication journey nodes

FRAAS-11964

Avoid potential performance degradation when removing expired token state

FRAAS-12477

Add list of encrypted secrets to promotion reports

FRAAS-12492*

Add classes to the scripting allow list

FRAAS-12494

Unlock the environment and stop checking progress after successfully promoting an environment

FRAAS-12545

Remove the option to keep orphaned configuration nodes from the promotions API

FRAAS-12552

Add redirect for custom domain login screen

FRAAS-12713

Promotions API failed to generate a report

FRAAS-12917*

Email invites to sandbox tenant administrators sometimes do not work

FRAAS-12939

Add proxy state to output of lock state endpoint for promotions API

FRAAS-12988

Prevent placeholder support being enabled unless a specific migration flag value is set

FRAAS-13057

Add only standard placeholders (not user-defined placeholders) prior to enabling placeholder management

FRAAS-13082*

Provisional report endpoint can return 500 if requested repeatedly before cache is built

FRAAS-13121

Provisional reports can cause promotion service to run out of memory and restart

FRAAS-13244

Unable to log into tenant to perform self-service promotion

IAM-2658

Application management improvements

OPENAM-19485

Access multi-tenant social providers without requiring multiple secondary configurations

OPENIDM-17556

Ensure RDVPs are not erased for all types of managed objects for all types of PUT operations

OPENIDM-17616*

Add support for direct assignments

OPENIDM-18024*

Implement weighted assignments

OPENIDM-18037*

Create endpoint for aggregating effective assignments and user identity object type outbound mapping values

OPENIDM-18063*

Include Google Apps connector in bundled connectors

OPENIDM-18388*

Do not schedule clustered-recon-resilience jobs for reconById invocations

14 Dec 2022

The following issues were released on November 29th, but inadvertently excluded from the changelog.

Resolved issues

Issue ID	Summary
FRAAS-8589	Promotion hangs when waiting for Identity Cloud services
FRAAS-9155	Promotion reports not showing changes for all connectors
FRAAS-11830	Promotion reports rendering new line characters inside JSON strings
FRAAS-11158	Restart of AM can lead to outdated cache
FRAAS-12049	Promotion reports not showing changes to custom endpoint scripts
IAM-2465	Password policy to force password expiry not working
IAM-2706	Embedding images in the theme editor only displays alternative text
IAM-2739	Email suspend message displayed without line breaks
IAM-2939	Add translation configuration key for "Passwords do not match" message
IAM-2973	Self-service promotions migration UI flow should enable promotions UI features
OPENIDM-16830	Speed up search for organizations
OPENIDM-18388	Do not flag reconById invocations as clustered
OPENIDM-18483	Add name field to resourceCollection query fields for group identity objects

Issue ID

Summary

FRAAS-8589

Promotion hangs when waiting for Identity Cloud services

FRAAS-9155

Promotion reports not showing changes for all connectors

FRAAS-11830

Promotion reports rendering new line characters inside JSON strings

FRAAS-11158

Restart of AM can lead to outdated cache

FRAAS-12049

Promotion reports not showing changes to custom endpoint scripts

IAM-2465

Password policy to force password expiry not working

IAM-2706

Embedding images in the theme editor only displays alternative text

IAM-2739

Email suspend message displayed without line breaks

IAM-2939

Add translation configuration key for "Passwords do not match" message

IAM-2973

Self-service promotions migration UI flow should enable promotions UI features

OPENIDM-16830

Speed up search for organizations

OPENIDM-18388

Do not flag reconById invocations as clustered

OPENIDM-18483

Add name field to resourceCollection query fields for group identity objects

02 Dec 2022

Resolved issues

Issue ID	Summary
IAM-3102	Validation fails for ESV list type

Issue ID

Summary

IAM-3102

Validation fails for ESV list type

29 Nov 2022

Key features

Group management

You can now create and manage groups that are shared across AM and IDM within your Identity Cloud instance. New tenants have group management enabled by default, and existing tenants can follow an upgrade path to enable it.

For more information, refer to Group management.

ID Cloud Analytics Dashboard enhancements

You can now take advantage of the following enhancements to the analytics dashboard:

The journey chart now lets users drill down at specific points on a trend line to view individual journey outcomes for that date/hour. Journeys are sorted by a ranking of percentage failures, but can also be sorted based on number ranking.
Two new widgets — Top Five Journeys by Outcome and Top Five Journeys by Usage — that rank trending journeys based on outcomes and usages are now available.

For more information, refer to Identity Cloud analytics dashboard.

Resolved issues

Issue ID	Summary
FRAAS-12379	Add support for groups and assigning users to groups
ANALYTICS-25	Add journey ranking and ability to drill down into journey outcomes to the analytics dashboard

Issue ID

Summary

FRAAS-12379

Add support for groups and assigning users to groups

ANALYTICS-25

Add journey ranking and ability to drill down into journey outcomes to the analytics dashboard

09 Nov 2022

Key features

Self-service promotions: Self-service promotions let you promote configuration between environments without raising a support ticket. You can perform self-service promotions from development to staging tenant environments, and from staging to production tenant environments. You cannot promote sandbox environments.

For more information, refer to Introduction to self-service promotions.
Configuration placeholders visible in all APIs: Configuration placeholders let you set ESVs in your configuration.

For more information, refer to Introduction to configuration placeholders.
Duo authentication node: The new Duo authentication node lets you use Duo’s solution for adaptive authentication, bring your own device security, cloud security, endpoint security, mobile security, and two-factor authentication.
Twilio authentication node: The new Twilio authentication node allows you to use Twilio for two-factor authentication during account setup, sign-on, and other scenarios. The node lets you integrate Twilio’s APIs to build solutions for SMS and WhatsApp messaging, voice, video, and email. The node uses Twilio’s latest Lookup API, which uses real-time risk signals to detect fraud and trigger step-up authentication when needed.

For details, refer to Marketplace.

Resolved issues

Issue ID	Summary
ANALYTICS-52	Correct the value in the All Journeys field
DATASCI-1437	Correct prefilled username fields in Filters window
DATASCI-1474	Don’t show explainability if not specified in response after applying Unusual Day of Week filter
DATASCI-1497	Let users see previously selected risk reasons after closing the Filter window
DATASCI-1504	Prevent the truncation of text on the right side of pages
FRAAS-10979	Configuration placeholders visible in all APIs in new customer environments
FRAAS-11570	Add Duo authentication node
FRAAS-11571	Add Twilio authentication node
FRAAS-11825	Add translation configuration key for no search results message
FRAAS-12219	Self-service promotions available in new customer environments
FRAAS-12301	Add Marketplace nodes to journey editor menu
FRAAS-12413	Remove blank page shown when user returns to login page following successful login to custom domain
FRAAS-12625	Handle ESVs as string type if no type is set
IAM-1935	Expose ESV variable type in the UI
IAM-2038	Prevent theme styles rendering in the hosted pages editor
IAM-2066	Show the entire answer to a long security question after clicking the visibility icon
IAM-2259	Do not let users save email templates that contain JavaScript
IAM-2312	Render SVG images correctly
IAM-2411	ForgeRock favicon displays briefly before the customer’s favicon
IAM-2502	Remove flashing red text from security questions window
IAM-2633	Support localization for radio display fields in Choice Collector node
IAM-2696	Remove legend from Risk Score window
IAM-2869	Update UI regex validation for ESV list type

Issue ID

Summary

ANALYTICS-52

Correct the value in the All Journeys field

DATASCI-1437

Correct prefilled username fields in Filters window

DATASCI-1474

Don’t show explainability if not specified in response after applying Unusual Day of Week filter

DATASCI-1497

Let users see previously selected risk reasons after closing the Filter window

DATASCI-1504

Prevent the truncation of text on the right side of pages

FRAAS-10979

Configuration placeholders visible in all APIs in new customer environments

FRAAS-11570

Add Duo authentication node

FRAAS-11571

Add Twilio authentication node

FRAAS-11825

Add translation configuration key for no search results message

FRAAS-12219

Self-service promotions available in new customer environments

FRAAS-12301

Add Marketplace nodes to journey editor menu

FRAAS-12413

Remove blank page shown when user returns to login page following successful login to custom domain

FRAAS-12625

Handle ESVs as string type if no type is set

IAM-1935

Expose ESV variable type in the UI

IAM-2038

Prevent theme styles rendering in the hosted pages editor

IAM-2066

Show the entire answer to a long security question after clicking the visibility icon

IAM-2259

Do not let users save email templates that contain JavaScript

IAM-2312

Render SVG images correctly

IAM-2411

ForgeRock favicon displays briefly before the customer’s favicon

IAM-2502

Remove flashing red text from security questions window

IAM-2633

Support localization for radio display fields in Choice Collector node

IAM-2696

Remove legend from Risk Score window

IAM-2869

Update UI regex validation for ESV list type

18 Oct 2022

Resolved issues

Issue ID	Summary
FRAAS-12373	Fix Choice Collector nodes so that they can show more than two options

Issue ID

Summary

FRAAS-12373

Fix Choice Collector nodes so that they can show more than two options

07 Oct 2022

Resolved issues

Issue ID	Summary
IAM-2846	Fix login issues caused by allowing non-mandatory login journey attributes to have empty values (reverts IAM-1678)

Issue ID

Summary

IAM-2846

Fix login issues caused by allowing non-mandatory login journey attributes to have empty values (reverts IAM-1678)

05 Oct 2022

Resolved issues

Issue ID	Summary
AME-22684	Include grace period configuration in the OAuth2 provider settings
DATASCI-1165	Remove Automated User Agent from the list of risk reasons filters
DATASCI-1358	Let users filter dashboards by date, risk scores and features
DATASCI-1365	Update the Risk Activity page when applying a filter without requiring users to refresh the page
DATASCI-1394	Show the times that events occurred correctly without requiring users to refresh the display
DATASCI-1395	Let users see their last five risky authentication attempts
DATASCI-1397	Remove risk administration options from end users' navigation menus
DATASCI-1406	When filtering activities using a date range, include the activities that occur on the end date
IAM-1678	Allow login journey attributes that are not required to have empty values
IAM-1682	When editing email templates, cut text correctly
IAM-1932	When placeholders are used, display read-only strings in the Platform UI
IAM-1933	Alter AM XUI to display readonly strings wherever placeholders are in use
IAM-2028	Remove excess space from journey editor fields that do not require floating labels
IAM-2064	Replace fields for specifying numeric thresholds with a risk score definition slider in Autonomous Access Decision nodes
IAM-2080	Let users create customized footers on Page nodes
IAM-2141	Add option to customize Page node background color
IAM-2142	Add option to customize Page node button width
IAM-2143	Add option to customize label text for Page node fields
IAM-2227	Remove spurious "No configuration exists for id external.email" pop-up warning
IAM-2249	Add option to display Message node as a link
IAM-2250	After importing journeys, let user delete all imported journeys with a single delete action
IAM-2251	Provide a value when the object.password variable is specified in an email template
IAM-2258	Remove tenant information from the Realm menu
IAM-2285	Make H2, H3, and H4 HTML headings bigger when there’s no higher-level predecessor heading
IAM-2290	Show the correct number of events per country on the Activity Risk dashboard
IAM-2294	Show previous authentication attempts when doing anomaly lookups
IAM-2320	Change the default navigation background color of Account pages without changing the dashboard color
IAM-2329	Change the color of the Autonomous Access event log indicator to red
IAM-2351	Correct pagination on the Autonomous Access Risk page
IAM-2373	Make dashboard analytics pipeline logs in Autonomous Access work as expected
IAM-2468	Wrap long security questions
IAM-2521	Don’t reuse authId during password validation
OPENAM-18112	Provide better error message when an LDAP authentication node encounters a TLS connection issue
OPENAM-18933	Do not override the Success URL node’s value
OPENAM-19196	Do not wait for cache timeout before OAuth2 clients reflect changes to Javascript origins
OPENAM-19868	Correctly handle multi-line text in Email Suspend nodes
OPENIDM-16420	Update the default email validation policy to conform with RFC 5322
OPENIDM-17533	Allow configuration changes to the repo.ds.json file to take effect without restarting IDM
OPENIDM-17720	Fix null pointer exception when the repo.ds.json file is misconfigured
OPENIDM-17836	Fix for startup error message caused by ObjectMapping constructor exception
OPENIDM-17911	Fix email validation errors in the IDM admin UI (native console)
OPENIDM-18272	Save managed object properties correctly in Identity Management native console
SDKS-1720	Point developers to the ForgeRock SDKs when they create an OAuth2.0 client in the Platform UI
SDKS-1721	Point developers to the ForgeRock SDKs when they configure CORS in the Platform UI

Issue ID

Summary

AME-22684

Include grace period configuration in the OAuth2 provider settings

DATASCI-1165

Remove Automated User Agent from the list of risk reasons filters

DATASCI-1358

Let users filter dashboards by date, risk scores and features

DATASCI-1365

Update the Risk Activity page when applying a filter without requiring users to refresh the page

DATASCI-1394

Show the times that events occurred correctly without requiring users to refresh the display

DATASCI-1395

Let users see their last five risky authentication attempts

DATASCI-1397

Remove risk administration options from end users' navigation menus

DATASCI-1406

When filtering activities using a date range, include the activities that occur on the end date

IAM-1678

Allow login journey attributes that are not required to have empty values

IAM-1682

When editing email templates, cut text correctly

IAM-1932

When placeholders are used, display read-only strings in the Platform UI

IAM-1933

Alter AM XUI to display readonly strings wherever placeholders are in use

IAM-2028

Remove excess space from journey editor fields that do not require floating labels

IAM-2064

Replace fields for specifying numeric thresholds with a risk score definition slider in Autonomous Access Decision nodes

IAM-2080

Let users create customized footers on Page nodes

IAM-2141

Add option to customize Page node background color

IAM-2142

Add option to customize Page node button width

IAM-2143

Add option to customize label text for Page node fields

IAM-2227

Remove spurious "No configuration exists for id external.email" pop-up warning

IAM-2249

Add option to display Message node as a link

IAM-2250

After importing journeys, let user delete all imported journeys with a single delete action

IAM-2251

Provide a value when the object.password variable is specified in an email template

IAM-2258

Remove tenant information from the Realm menu

IAM-2285

Make H2, H3, and H4 HTML headings bigger when there’s no higher-level predecessor heading

IAM-2290

Show the correct number of events per country on the Activity Risk dashboard

IAM-2294

Show previous authentication attempts when doing anomaly lookups

IAM-2320

Change the default navigation background color of Account pages without changing the dashboard color

IAM-2329

Change the color of the Autonomous Access event log indicator to red

IAM-2351

Correct pagination on the Autonomous Access Risk page

IAM-2373

Make dashboard analytics pipeline logs in Autonomous Access work as expected

IAM-2468

Wrap long security questions

IAM-2521

Don’t reuse authId during password validation

OPENAM-18112

Provide better error message when an LDAP authentication node encounters a TLS connection issue

OPENAM-18933

Do not override the Success URL node’s value

OPENAM-19196

Do not wait for cache timeout before OAuth2 clients reflect changes to Javascript origins

OPENAM-19868

Correctly handle multi-line text in Email Suspend nodes

OPENIDM-16420

Update the default email validation policy to conform with RFC 5322

OPENIDM-17533

Allow configuration changes to the repo.ds.json file to take effect without restarting IDM

OPENIDM-17720

Fix null pointer exception when the repo.ds.json file is misconfigured

OPENIDM-17836

Fix for startup error message caused by ObjectMapping constructor exception

OPENIDM-17911

Fix email validation errors in the IDM admin UI (native console)

OPENIDM-18272

Save managed object properties correctly in Identity Management native console

SDKS-1720

Point developers to the ForgeRock SDKs when they create an OAuth2.0 client in the Platform UI

SDKS-1721

Point developers to the ForgeRock SDKs when they configure CORS in the Platform UI