Transcript
We will go over this month's new available features. Generally Available Features Fine-grained Authorization FGA is a new product offering from Okta. It's authorization as a service that enables developers to design authorization models from coarse-grained to fine-grained and everything in between in a way that's centralized, fast, and easy to use. With FGA, you can get much more granular with access rules, increasing security posture. Define authorization models for all of your applications in FGA, taking authorization out of the application, increasing developer efficiency. And since FGA allows developers to define authorization models based on the relationship a user has to a resource, they can better manage complexity as they add more users who need access to more resources. Progressive Factor Enrollment Using the post-login action, you can now easily customize your MFA flows to prompt users to enroll in specific factors. After a user enrolls in a factor, they can use that factor as a secondary method of authentication in future logins. Customer Identity Cloud now includes two new commands in the post-login API object, enroll with and enroll with any. These commands, paired with our recent Customize MFA Factor Selection feature release, allow you to specify precisely how to enroll and challenge the user with MFA factors based on contextual signals about the user, the organization, or the application they are logging into. These changes provide greater flexibility with MFA to design an authentication flow that reduces friction, cater to your end user's preferences, and align authentication with your organization's security policies. One-Time Password Mobile Enrollment for Guardian Guardian is a mobile application for iOS and Android devices that allows users to complete MFA with push notifications or temporary one-time passwords. Guardian can deliver the push notifications to users enrolled devices typically mobile phones or tablets or generate one-time passwords directly within the app. Users can then quickly respond to these push notifications or retrieve a one-time password to complete their login. Previously, the only way for users to enroll in Guardian was via a QR code. For users who didn't have access to scan the QR code on another device, this prevented enrollment. To give users more flexibility and make the enrollment process easier, end users can now manually enroll with a verification code as an alternative to using a QR code. Thanks for viewing the Customer Identity Cloud Monthly release highlights. Information and documentation on the latest updates can be found at auth0.com.
