Skip to main content
Version: Secure Access

Release Notes

Secure Access

Learn more about the latest updates to the Secure Access platform.

June 14, 2025

Secure Access Release Notes

Here’s a summary of the latest updates and improvements to the Beyond Identity Secure Access platform to enhance your experience and security.

What's New

Customizable Proof Prompts Now Available on Windows and macOS

IT administrators can now work with our Support Team to customize the instructional or informational text displayed to users during "proof" prompts on Windows and macOS desktop devices. This enhancement provides organizations with greater flexibility to deliver clear, context-specific guidance during critical user verification moments. Admins can use the updated BIConfigure tool to set, retrieve, or clear this custom text, helping align user prompts with internal policies, reduce confusion, and support compliance efforts. 🔧 Learn how to configure proof prompts


Enhancements

Console Session Behavior

  • Improved Session Management with Access Token Expiration Tracking
    Added support for storing the access token’s expiration time in a browser cookie. This improves consistency in session behavior across tabs and windows, enhancing reliability of session timeout handling and reducing unexpected logouts.

  • Improved Re-Login Experience After Timeout
    Refined the re-login flow in the Secure Access Console for a smoother, more intuitive user experience after session timeout or logout.

  • Synchronized Session Timeout Across Tabs
    Session inactivity timeout is now shared across all open tabs in the Secure Access Console, ensuring consistent logouts and improved security.

  • FedRAMP Compliance: Extended Session Duration
    Secure Access session duration has been extended to 12 hours in designated FedRAMP environments, aligning with federal standards while ensuring seamless user experience.

  • Improved Partner Branding Stability
    Partner logo assets are now self-hosted in the Secure Access Console, improving branding reliability and load performance.


Bug Fixes

  • Unexpected Logouts During Active Sessions
    Fixed an issue causing active users to be logged out unexpectedly from the Secure Access Console.

  • Region Toggle Now Works Correctly in EU
    Resolved a problem where the region toggle displayed incorrect information and produced invalid links in the EU Virtual Data Center (VDC). The toggle now accurately reflects the active region.

  • Repeated Logout After “Resume Activity” Prompt
    Fixed a bug where users were logged out even after choosing “Resume Activity” during session timeout warnings. Session timers now reset correctly with each interaction.

  • Firefox Private Browsing Login Issue
    Resolved an issue preventing logins in Firefox Private Browsing mode after configuring Okta as an identity provider (IdP). Authentication payload handling has been improved to ensure reliable login experiences.

May 28, 2025

Secure Access Release Notes

Here’s a summary of the latest updates and improvements to the Beyond Identity Secure Access platform to enhance your experience and security.

What's New

Inactivity Timeout for Enhanced Security

To help keep your data secure, the Secure Access Console now automatically logs users out after 15 minutes of inactivity. If your session times out, simply log in again to continue where you left off.

Learn more about session behavior


Kandji + Beyond Identity Integration

The Beyond Identity Mac Platform Authenticator (PA) is now integrated into Kandji's Auto App Collections, enabling fully automated deployment and updates via the Kandji MDM platform. This eliminates the need for IT admins to manually download and re-upload the latest version of the Mac PA, streamlining operations with zero-touch updates. By selecting options like "Continuously Enforce" and "Automatically enforce new updates," you can ensure your macOS devices will always have the latest, most secure version of the Beyond Identity Authenticator.

Learn more


Enhancements

BI Authenticator Updates: iOS v2.103.3 (Released May 13)

Streamlined Navigation After Authentication on iOS

We've improved the post-authentication experience in our iOS app to make navigation smoother and more intuitive. After completing authentication, users are now guided back to the previous screen more seamlessly, reducing friction and improving overall usability. This enhancement is part of our ongoing effort to deliver a more polished and user-friendly experience on key mobile platforms.

May 13, 2025

Version 2.103.3 BI Authenticator Release Notes

    Changes

  • iOS
    • Navigating back to the previous app after authentication is now visually clearer, thanks to updated graphics.

April 22, 2025

Version 2.103.1 BI Authenticator Release Notes

    Fixed

  • Android: Resolved an issue where some users could not register a passkey via any method, including email registration link, 9-digit code, or credential extension. Users affected by this issue could also not authenticate with existing passkeys.

April 17, 2025

Version 2.103.0 BI Authenticator Release Notes

    Changes

  • Changes to Secure Work Passkey Extension flow - Documentation
  • Passkey Extension for Secure Access - Documentation
  • iOS & Android
    • Default the initial screen to the listing of all user passkeys, rather than the 1st passkey.

  • Fixed

  • macOS
    • Fixed a minor issue where a long username would cause the Tenant name to be clipped on the user passkey.
  • Windows
    • Fixed an issue where Domain Connector 2.102.6 would not start.
    • Changed default locations and settings to better align with Windows best practices.
    • Settings.ini file moved to C:\ProgramData\BeyondIdentity\domain_connector.ini
    • The default log folder moved to C:\ProgramData\BeyondIdentity\logs\domainConnector
    • The multiDC configuration value now defaults to yes

April 14, 2025

Secure Access Console Release Notes

    New event type: Fetch Data From Integration

  • We are now publishing a new debug capability for integrations that improves event transparency and accountability in the Beyond Identity Console.
  • The new event type, FETCH_DATA_FROM_INTEGRATION, provides information when an attempt to retrieve data from your integrations fails.
  • Beyond Identity will retry the connection to your integration approximately once per 15 minutes. Each time the attempt to fetch data from the integration fails, you will see the new event in your Activity log.
  • After the connection to the integration is restored, we will send one FETCH_DATA_FROM_INTEGRATION event with a Success outcome to confirm that the connection has been reestablished. Future successful data retrievals will not send more events.
  • You can filter these events from your view in the Activity log.
  • You can view these events for each integration on the new Logs tab in the Integrations panel:
  • Logs View

February 28, 2025

Secure Access Release Notes

Console

v1.55

  • Added support for bulk email enrollment from the Identities page
    • This functionality is available on request. Contact your Beyond Identity support representative for more information.
      Bulk enrollment

v1.56

  • Fixed a bug where Administrators and Users login to the Beyond Identity Console navigated users to the incorrect login screen if the ?tenant={TENANT_NAME} query parameter was present in the URL

v1.59

  • Added Groups as an optional attribute statement value source
    • When creating a new application with Generic SAML, the dropdown field for Beyond Identity Attribute Name now includes Groups. This functionality enables bulk assignment for Groups. Both the Beyond Identity Console and the API support this.
      Attribute statements

Bug fixes

  • Improved dashboard performance
  • Fixed an API token error with the Okta | Beyond Identity integration which prevented byndRegistered custom attribute in Okta from being updated successfully upon end user enrollment in Beyond Identity
  • Fixed an issue with SCIM-created Groups not being visible in the Application Assignment page
  • Resolved an issue with policy attributes evaluating to undefined in the policy activity log
  • Improved CrowdStrike policy evaluation accuracy for temporary API return errors that prevented successful user logins
  • Fixed a bug with policy activity log displaying the incorrect status of CrowdStrike Device Found attribute

February 6, 2025

Windows Version 2.102.0-6 and macOS 2.102.0-7 BI Authenticator Release Notes

    New

    Platform Authenticator Proxy

    Beyond Identity is in the process of adding official proxy support to the Platform Authenticator on the macOS and Windows platforms. This is the first release to preview this functionality.


    To minimize the chance of any change in behavior for existing users of Beyond Identity, this feature is not active by default. However, during the preview phase of this feature, the end user of the Platform Authenticator can enable this functionality. The list below details what happens when this feature is enabled.


    In a future release, this feature defaults to an enabled state. We recommend any current users of Beyond Identity to turn on the feature with an administrator and to attempt an authentication as normal. With this feature enabled and authentication working as expected, no future change is required on your configuration.


    View the Proxy End User Guide for more information.

October 28, 2024

Version 2.100.6 BI Authenticator Release Notes

    Fixed

  • Windows - Additional functionality bugs resolved

Version 2.100.5 Endpoint Release Notes

    Fixed

  • macOS - Fixed MDM detection on iOS when enabling Safari extension
  • General - Resolved functionality bugs