- 03 Oct 2024
- 2 Minutes to read
- DarkLight
- PDF
Version 3.22 (October 2021)
- Updated on 03 Oct 2024
- 2 Minutes to read
- DarkLight
- PDF
New features and enhancements
Authenticator/host synchronization
A new syncTokenAndHost command has been added to the SOAP authentication interface that allows users to synchronize the device time or event counter of their authenticators with the authentication server.
This is useful for scenarios where an authenticator has not been used for a long period of time or the authenticator clock has drifted too far. The synchronization supports time- and event-based authenticator applications.
Authenticator type limit policy
As of 3.22, OneSpan Authentication Server allows you to restrict the maximum number of assigned authenticators allowed per user for specific authenticator types.
The authenticator type limit is a string value (1024 characters) containing a list of comma-separated key/value pairs of authenticator type/limit and can be managed via a new user attribute, i.e. POLICYFLD_DP_TYPE_LIMIT.
The following commands of the SOAP administration interface have been extended to directly manage the authenticator type limit:
POLICYCMD_CREATE
POLICYCMD_GET_EFFECTIVE_POLICY
POLICYCMD_UPDATE
POLICYCMD_VIEW
policyQuery
New command to remove finished tasks
A new deleteFinishedTasks command has been added to the SOAP administration interface to remove old finished tasks. This allows you to clean up the task list and remove completed tasks regularly to maintain clarity and avoid performance issues with the task management.
The command takes the age in days of the finished tasks to be deleted as parameter. All finished tasks with an end date (completion) older or equal than this value will be deleted. The command schedules a server task itself that processes the server task table. If required, the cleanup task can be configured to recur on a daily or monthly basis.
Fixes and other updates
Issue OAS-10951 (Support case CS0079133): Body field in table is formatted as table header (Documentation)
Description: In the OneSpan Authentication Server SDK SOAP Reference, the USERFLD_DOMAIN entry is incorrectly formatted as header line of the "USERCMD_ENABLE input parameters" table.
Affects: OneSpan Authentication Server SDK 3.21
Status: The documentation has been updated.
Issue OAS-9297 (Support case CS0064510): Assign authenticator fails with certain serial number range parameters
Description: When you attempt to assign an authenticator with the DIGIPASSCMD_ASSIGN command, you can specify a range of serial numbers to automatically pick an authenticator from that range (DIGIPASSFLD_SERNO, DIGIPASSFLD_TO_SERNO). However, the serial number range is incorrectly evaluated if any of the range parameters specify either a serial number that contains alphabetic character prefixes, e.g. VDS0000001, or a number larger than 2147483648. In either case, the first authenticator found in the database is used for assignment, regardless of its serial number.
Affects: OneSpan Authentication Server SDK 3.12–3.21
Status: This issue has been fixed.