Skip to main content

Release Updates

Product updates to SecureAuth® Identity Platform base release 26.0.0.

Release 26.0.0

Release date: January 30, 2026

Updates

Air-gapped deployment support

Continues to support air-gapped deployments for strict network isolation introduced in release 24.5.0. For implementation details, see Air-gapped deployment overview.

Authenticate OTP verification in Help Desk

Help Desk users can verify end user identity using codes from the SecureAuth Authenticate app. This option is available only in Help Desk pages using the SA IdP theme. See Help Desk user verification process.

Additional account management settings

Administrators can now show or hide the following settings on the Account Management and User Portal pages, allowing help desk staff and end users to view or clear them as needed:

Help Desk page

  • Password Throttling

  • MFA Throttling

  • Cookie Keys

  • OTP Validation

  • OIDC Consent

User Portal / Self-Service page

  • Cookie Keys

  • OTP Validation

  • OIDC Consent

Support for specific Distinguished Name (DN)

Added support for creating LDAP users under a specific Distinguished Name (DN) for Active Directory datastores.

Fixes

  • Improved risk engine timeout handling to prevent authentication delays during database latency issues.

  • Fixed issue on the Account Management page where Reset buttons appeared for authentication methods set to "Show Disabled". The Show Disabled setting now prevents the Reset action from appearing in the UI.

  • Resolved issue where group restrictions configured in the New Experience failed to validate membership when using OpenLDAP or Tivoli datastores.

  • Resolved task cancellation errors that caused data store and profile property retrieval failures during broker timeouts.

  • Resolved datastore search issue where users with identical usernames across different domains were looked up in the wrong datastore during authentication.

  • Fixed issue in Policy configuration on the Login Workflow tab where the Save Changes button did not activate when enabling username or password suppression on existing conditional username rules.

  • Resolved PIN display issue on the User Account page where encrypted PIN values triggered an "Invalid format" error message after logout and login.

  • Resolved issue where TOTP failover to on-premises authentication did not occur when cloud services returned 404 Not Found errors.

  • Resolved issue in Advanced Settings where custom application URLs did not display correctly when copying existing realms or creating new realms, causing the "view in browser" option to fail.

In this section: