Skip to content

Release Notes 4.5.0

Overview

This document outlines the updates, improvements, and fixes introduced between versions 4.3.2 (released on Nov 22 2024) and 4.5.0 (released on Jan 17 2025) of the Excalibur v4 software.

New Features

Multi-user support

  • This functionality allows users to register with multiple tenants and access each one using its unique mobile token. Users can manage multiple mobile tokens for both registration and login. Consequently, they can log in to any tenant they are associated with by using the corresponding token linked to that tenant.
  • It also supports registering the same user with multiple tenants using a single token as well as registering the same tenant with different tokens to ensure successful access through any of the associated tokens.

image

Figure 1. Multi-user support on the phone application

Import PAM targets via CSV

  • A CSV import feature for PAM targets has been implemented on the PAM target page, allowing users to upload targets efficiently.

image

Figure 2. Import PAM Targets via CSV

image

Figure 3. Import PAM Targets via CSV - data format

Download a copy of transferred files in sessions

  • Support for file downloads using OAuth has been added, enabling secure access and retrieval of files.

image

Figure 4. Download a copy of transferred files in sessions

Option for default or custom cluster configuration

  • Settings have been added to the dashboard, allowing admins to configure cluster settings. When the "Use Custom Cluster Configuration" option is enabled, the system will apply the specified cluster configuration for creating tenants instead of using the default configuration.

image

Figure 5. Use Custom Cluster Configuration option

Automatized password rotation policies

  • Users can enable automated password changes for PAM targets. This feature requires a dedicated user account with sufficient permissions to update PAM target passwords and execute the changes. Password changes can be scheduled at customizable intervals, ranging from a minimum of 1 hour to a maximum of 1 year.
  • Automated password changes are supported exclusively via the SSH connection method.

image

Figure 6. Create password rotation policies

Security Updates

  • Implemented ECIES hybrid encryption algorithm to encrypt / decrypt sensitive data
  • Enhanced Token app distribution channels for iOS and Android
  • Enhanced console logging for Kubernetes applications
  • Setup health checks for applications running in the cluster

Performance Improvements

  • Improved tenant creation process

Usability Improvements

Added statistics overview page

  • General Statistics: A page that allows users to view general system and tenant statistics, based on their permissions.
  • Device Statistics: A page where users can review statistics related to tokens, such as tokens per platform, token versions, and platform versions.
  • Action Statistics: A page where users can overview statistics for different actions. Currently, three actions are available for review: Registration, Authentication, and Authorization.

image

Figure 7. Statistics Overview

image

Figure 8. Device Statistics

image

Figure 9. Action Statistics

Added button to clear all expired invitations

image

Figure 10. Clear all Expired Invitations

Added warning for unsaved changes

  • A warning has been added to all pages to notify users of unsaved changes when leaving a form, helping to prevent accidental loss of data.

image

Figure 11. Unsaved Changes Warning

Added already assigned groups to the group select when re-inviting a user

…and more minor fixes and improvements