Release Notes
Secure Access
Learn more about the latest updates to the Secure Access platform.
June 14, 2025
Secure Access Release Notes
Here’s a summary of the latest updates and improvements to the Beyond Identity Secure Access platform to enhance your experience and security.
What's New
Customizable Proof Prompts Now Available on Windows and macOS
IT administrators can now work with our Support Team to customize the instructional or informational text displayed to users during "proof" prompts on Windows and macOS desktop devices. This enhancement provides organizations with greater flexibility to deliver clear, context-specific guidance during critical user verification moments. Admins can use the updated BIConfigure tool to set, retrieve, or clear this custom text, helping align user prompts with internal policies, reduce confusion, and support compliance efforts. 🔧 Learn how to configure proof prompts
Enhancements
Console Session Behavior
-
Improved Session Management with Access Token Expiration Tracking
Added support for storing the access token’s expiration time in a browser cookie. This improves consistency in session behavior across tabs and windows, enhancing reliability of session timeout handling and reducing unexpected logouts. -
Improved Re-Login Experience After Timeout
Refined the re-login flow in the Secure Access Console for a smoother, more intuitive user experience after session timeout or logout. -
Synchronized Session Timeout Across Tabs
Session inactivity timeout is now shared across all open tabs in the Secure Access Console, ensuring consistent logouts and improved security. -
FedRAMP Compliance: Extended Session Duration
Secure Access session duration has been extended to 12 hours in designated FedRAMP environments, aligning with federal standards while ensuring seamless user experience. -
Improved Partner Branding Stability
Partner logo assets are now self-hosted in the Secure Access Console, improving branding reliability and load performance.
Bug Fixes
-
Unexpected Logouts During Active Sessions
Fixed an issue causing active users to be logged out unexpectedly from the Secure Access Console. -
Region Toggle Now Works Correctly in EU
Resolved a problem where the region toggle displayed incorrect information and produced invalid links in the EU Virtual Data Center (VDC). The toggle now accurately reflects the active region. -
Repeated Logout After “Resume Activity” Prompt
Fixed a bug where users were logged out even after choosing “Resume Activity” during session timeout warnings. Session timers now reset correctly with each interaction. -
Firefox Private Browsing Login Issue
Resolved an issue preventing logins in Firefox Private Browsing mode after configuring Okta as an identity provider (IdP). Authentication payload handling has been improved to ensure reliable login experiences.
May 28, 2025
Secure Access Release Notes
Here’s a summary of the latest updates and improvements to the Beyond Identity Secure Access platform to enhance your experience and security.
What's New
Inactivity Timeout for Enhanced Security
To help keep your data secure, the Secure Access Console now automatically logs users out after 15 minutes of inactivity. If your session times out, simply log in again to continue where you left off.
Learn more about session behavior
Kandji + Beyond Identity Integration
The Beyond Identity Mac Platform Authenticator (PA) is now integrated into Kandji's Auto App Collections, enabling fully automated deployment and updates via the Kandji MDM platform. This eliminates the need for IT admins to manually download and re-upload the latest version of the Mac PA, streamlining operations with zero-touch updates. By selecting options like "Continuously Enforce" and "Automatically enforce new updates," you can ensure your macOS devices will always have the latest, most secure version of the Beyond Identity Authenticator.
Enhancements
BI Authenticator Updates: iOS v2.103.3 (Released May 13)
Streamlined Navigation After Authentication on iOS
We've improved the post-authentication experience in our iOS app to make navigation smoother and more intuitive. After completing authentication, users are now guided back to the previous screen more seamlessly, reducing friction and improving overall usability. This enhancement is part of our ongoing effort to deliver a more polished and user-friendly experience on key mobile platforms.
May 13, 2025
Version 2.103.3 BI Authenticator Release Notes
- iOS
- Navigating back to the previous app after authentication is now visually clearer, thanks to updated graphics.
Changes
April 22, 2025
Version 2.103.1 BI Authenticator Release Notes
- Android: Resolved an issue where some users could not register a passkey via any method, including email registration link, 9-digit code, or credential extension. Users affected by this issue could also not authenticate with existing passkeys.
Fixed
April 17, 2025
Version 2.103.0 BI Authenticator Release Notes
- Changes to Secure Work Passkey Extension flow - Documentation
- Passkey Extension for Secure Access - Documentation
- iOS & Android
- Default the initial screen to the listing of all user passkeys, rather than the 1st passkey.
- macOS
- Fixed a minor issue where a long username would cause the Tenant name to be clipped on the user passkey.
- Windows
- Fixed an issue where Domain Connector 2.102.6 would not start.
- Changed default locations and settings to better align with Windows best practices.
- Settings.ini file moved to C:\ProgramData\BeyondIdentity\domain_connector.ini
- The default log folder moved to C:\ProgramData\BeyondIdentity\logs\domainConnector
- The multiDC configuration value now defaults to yes
Changes
Fixed
April 14, 2025
Secure Access Console Release Notes
- We are now publishing a new debug capability for integrations that improves event transparency and accountability in the Beyond Identity Console.
- The new event type, FETCH_DATA_FROM_INTEGRATION, provides information when an attempt to retrieve data from your integrations fails.
- Beyond Identity will retry the connection to your integration approximately once per 15 minutes. Each time the attempt to fetch data from the integration fails, you will see the new event in your Activity log.
- After the connection to the integration is restored, we will send one FETCH_DATA_FROM_INTEGRATION event with a Success outcome to confirm that the connection has been reestablished. Future successful data retrievals will not send more events.
- You can filter these events from your view in the Activity log.
- You can view these events for each integration on the new Logs tab in the Integrations panel:
New event type: Fetch Data From Integration

February 28, 2025
Secure Access Release Notes
Console
v1.55
- Added support for bulk email enrollment from the Identities page
- This functionality is available on request. Contact your Beyond Identity support representative for more information.
- This functionality is available on request. Contact your Beyond Identity support representative for more information.
v1.56
- Fixed a bug where Administrators and Users login to the Beyond Identity Console navigated users to the incorrect login screen if the
?tenant={TENANT_NAME}
query parameter was present in the URL
v1.59
- Added Groups as an optional attribute statement value source
- When creating a new application with Generic SAML, the dropdown field for Beyond Identity Attribute Name now includes
Groups
. This functionality enables bulk assignment for Groups. Both the Beyond Identity Console and the API support this.
- When creating a new application with Generic SAML, the dropdown field for Beyond Identity Attribute Name now includes
Bug fixes
- Improved dashboard performance
- Fixed an API token error with the Okta | Beyond Identity integration which prevented
byndRegistered
custom attribute in Okta from being updated successfully upon end user enrollment in Beyond Identity - Fixed an issue with SCIM-created Groups not being visible in the Application Assignment page
- Resolved an issue with policy attributes evaluating to undefined in the policy activity log
- Improved CrowdStrike policy evaluation accuracy for temporary API return errors that prevented successful user logins
- Fixed a bug with policy activity log displaying the incorrect status of CrowdStrike Device Found attribute
February 6, 2025
Windows Version 2.102.0-6 and macOS 2.102.0-7 BI Authenticator Release Notes
New
Platform Authenticator ProxyBeyond Identity is in the process of adding official proxy support to the Platform Authenticator on the macOS and Windows platforms. This is the first release to preview this functionality.
To minimize the chance of any change in behavior for existing users of Beyond Identity, this feature is not active by default. However, during the preview phase of this feature, the end user of the Platform Authenticator can enable this functionality. The list below details what happens when this feature is enabled.
In a future release, this feature defaults to an enabled state. We recommend any current users of Beyond Identity to turn on the feature with an administrator and to attempt an authentication as normal. With this feature enabled and authentication working as expected, no future change is required on your configuration.
View the Proxy End User Guide for more information.
October 28, 2024
Version 2.100.6 BI Authenticator Release Notes
- Windows - Additional functionality bugs resolved
Fixed
Version 2.100.5 Endpoint Release Notes
- macOS - Fixed MDM detection on iOS when enabling Safari extension
- General - Resolved functionality bugs