Skip to content
English
Sign in
Customer Portal
  • There are no suggestions because the search field is empty.

SurePassID Authentication Server (SPAS) 2025.4 - Release Notes

Release Date: 06/24/2025
Release Type: Major Feature Release

What's New

1. Enhanced Dashboard Analytics

Authentications by API Key and IP Address

A powerful new dashboard provides detailed insights into authentication patterns by API Key and IP Address.

Key Features:

    • Interactive Bar Chart: Visualize authentication counts at a glance
    • Dual Filtering: Filter by API Key and IP Address simultaneously
    • Flexible Time Ranges: Choose from 7, 14, 30, 60, 90, or 365-day views
    • Non-API Tracking: New "(None)" option to see authentications that don't use API Keys

Business Value:

    • Identify authentication trends and patterns
    • Monitor API usage by key and source
    • Detect unusual authentication sources
    • Support security auditing and compliance

How to Access:

    • Navigate to Home > Dashboard
    • Locate the "Authentications by Key & IP" widget
    • Use filters and time range selectors to customize your view

2. Next-Generation Licensing System

JSON-Based License Format (v2)

A modern JSON-based license format that provides richer metadata and better flexibility.

What's Changed:

    • License Versioning: Clear indication of license format (v1 = Legacy, v2 = JSON)
    • Rich Metadata: JSON licenses include product edition, version, component list, and company information
    • Better Visibility: New dashboard section displays all license details in an organized format
    • License Monitoring: Automated daily license expiration checks with email notifications via LicenseMonitorService

License Format Comparison:

Feature

Legacy (v1)

JSON (v2)

Hostname List

Yes

Yes

Max Users

Yes

Yes

Expiration Date

Yes

Yes

Product Edition

No

Yes

Component List

No

Yes

Token Limits

No

Yes

Company Info

No

Yes

Product Version

No

Yes

Backward Compatibility: Existing v1 licenses continue to work. No action required unless you want to upgrade to v2 format.

How to Check Your License Version:

    • Navigate to About page
    • Look for the "License Version" field
    • Will show either "v1 (Legacy)" or "v2 (JSON)"

v2 License Details Include:

    • Product Edition (Community, Essential, Enterprise, EnterprisePlus)
    • Product Version
    • Maximum Tokens
    • Licensed Components (e.g., MFA Server, API Server, RADIUS)
    • Company Name and Contact Information
    • Email Address

3. Custom Email, SMS, and Voice Templates

Database-Driven Notification Template System

All notification templates (email, SMS, and voice/IVR) are now managed through a unified database-driven system using the NotificationTemplateService.

Key Features:

    • 28 Built-in Templates: Pre-configured templates for enrollment, OTP delivery, password reset, account lockout, license expiration, and more
    • Unified Template Editor: Manage all email, SMS, and voice templates from a single admin interface
    • Per-Tenant Customization: Override default templates on a per-tenant basis via the NotificationTemplate table
    • Template Types: Email (11 active), SMS (3 active), Voice/IVR (3 active), plus additional templates for future use
    • TenantWelcome Support: New tenant welcome emails integrated into the Setup Wizard using database templates instead of legacy file-based templates

Supported Templates:

Category

Templates

Email

Enroll, ActivateDevice, SendOtp, PasswordReset, PasswordChanged, PasswordChangeFailed, TenantWelcome, AccountLocked, LicenseExpiring, LoginInformation, AccountUnlocked

SMS

SendOtpSms (128 char max), PushYesNoSms (200 char max), ActivateDeviceSms (128 char max)

Voice/IVR

IvrOtpMessage, IvrAuthSuccess, IvrAuthFailure

How to Manage Templates:

    • Navigate to Settings > Notification Templates
    • Select the template type (Email, SMS, or Voice)
    • Edit the template content with variable placeholders
    • Save to apply changes immediately (no restart required)

4. Tenant-Specific Settings

Database-Driven Configuration per Tenant

Configuration settings can now be managed per-tenant in the database, eliminating the need for application restarts when changing tenant settings.

Key Features:

    • PartnerSettings Table: Stores tenant-specific overrides for global configuration values
    • ConfigParameters Table: Database-driven configuration that supplements web.config
    • Zero-Downtime Changes: Modify tenant settings without restarting the application
    • Hierarchical Resolution: Settings are resolved in order: tenant-specific > database global > web.config default
    • Admin UI: Tenant settings are configurable through the Client Settings and Client Customize pages

Configurable Per-Tenant Settings Include:

    • Notification preferences and template overrides
    • Authentication policies (OTP length, validity windows, failed attempt limits)
    • Branding and customization options
    • Feature toggles per tenant

See Tenant-Specific Configuration Migration Guide for implementation details.

5. Enhanced Audit Filtering

API Key Filter

Filter audit logs by specific API Key to track authentication and activity per integration.

Use Cases:

    • Monitor specific application integrations
    • Track API usage by partner
    • Identify authentication patterns by API Key
    • Filter out non-API authentications with "(None)" option

IP Address Filter

Filter audit logs by IPv4 or IPv6 address to track activity from specific sources.

Use Cases:

    • Investigate suspicious IP addresses
    • Track authentication attempts by location
    • Monitor specific network segments
    • Support security incident response

How to Use:

    • Navigate to Audit page
    • Use the API Key dropdown to select a specific key or "(None)"
    • Use the IP Address field to enter an IP address
    • Click Search to apply filters
    • Combine with other filters (Date, Type, Action) for precise results

6. Offline Chart Support

For customers in air-gapped or restricted network environments, charts now support offline rendering.

Configuration (in web.config):

<add key="Server.ExternalNetworksProhibited" value="true" />
<add key="Charts.UseOfflineMode" value="true" />

Benefits:

    • Full dashboard functionality without internet access
    • No dependency on external services
    • Enhanced security for isolated environments

7. UTC Timestamp Formatting Fix

Event log timestamps now include the ISO 8601 'Z' suffix for proper UTC identification, improving compatibility with SIEM systems and log aggregation tools.

Improvements

Dashboard Management

    • Improved user interface for selecting and managing dashboards
    • Better visual layout and controls
    • Enhanced user feedback

Audit Trail

    • Filters now persist across page navigation for better user experience
    • Reduced need to re-enter filter criteria

Notification System

    • Unified NotificationTemplateService for all template CRUD operations
    • IVR templates (IvrOtpMessage, IvrAuthSuccess, IvrAuthFailure) fully integrated
    • AccountLocked and LicenseExpiring notification templates implemented
    • TermsOfUse template fully integrated with database-driven system
    • Template deletion now uses template IDs instead of codes for better data integrity

OTP Validation Messaging

    • Improved error messages when OTP validation fails due to token being disabled or maximum failed attempts exceeded
    • Descriptive messages now distinguish between invalid OTP, disabled token, and locked account conditions

Performance

    • Optimized dashboard data loading
    • Improved chart rendering speed
    • Better handling of large datasets

Security Enhancements

    • Enhanced input validation for audit filters
    • Improved SQL injection prevention
    • Better cross-site scripting (XSS) protection
    • Strengthened access controls for license information
    • RSA validation for v2 JSON license format

Bug Fixes

    • Fixed missing dashboard configuration record that prevented new dashboard from displaying
    • Resolved chart rendering issues in restricted network environments
    • Corrected license display for very long component lists
    • Fixed audit filter persistence across page refreshes
    • Fixed template deletion using codes instead of IDs (now uses grid KeyField)
    • Fixed Setup Wizard to use database-driven templates instead of legacy file-based templates

Tips and Best Practices

Dashboard Usage

    • Use shorter time ranges (7-30 days) for faster loading with large datasets
    • Combine filters to drill down into specific authentication patterns
    • Export dashboard data for reporting and compliance

License Management

    • Check your license version on the About page
    • Contact your account manager to upgrade to v2 JSON format for enhanced features
    • Review license expiration dates regularly
    • License expiration warnings are sent automatically via the LicenseExpiring email template

Notification Templates

    • Use the unified template editor for consistent management of all template types
    • Test email templates before deploying to production
    • SMS templates have character limits (128 or 200 chars) -- keep messages concise
    • Override templates per-tenant when different branding is needed

Audit Filtering

    • Use the API Key filter to monitor specific integrations
    • Combine IP Address filter with date ranges to investigate security incidents
    • Use "(None)" option to see non-API authentications

Upgrade Information

System Requirements

    • SQL Server 2016 or higher
    • .NET Framework 4.8 or higher
    • IIS 10 or higher
    • Modern web browser (Chrome, Firefox, Edge recommended)

Upgrade Process

    • Backup: Always backup your database before upgrading
    • Database Migration: Run provided SQL migration scripts (includes NotificationTemplate, ConfigParameters, and PartnerSettings table updates)
    • Application Update: Deploy new application files
    • Verification: Verify new features are available
    • Testing: Test critical workflows in your environment

Database Changes

    • New dashboard item configuration record added
    • Enhanced audit table structure for API Key tracking
    • New NotificationTemplate table for database-driven templates
    • New ConfigParameters table for database-driven configuration
    • New columns in PartnerSettings for tenant-specific overrides
    • No breaking changes to existing data

Configuration Changes

    • Optional: Add chart offline mode settings (if needed)
    • Optional: Migrate tenant-specific settings from web.config to database
    • No required configuration changes
    • All existing configurations remain valid

Documentation

Updated Documentation

    • Administrator Guide (includes new dashboard and license sections)
    • API Documentation (no changes)
    • Installation Guide (updated for database changes)

New Documentation

    • Dashboard Analytics Guide
    • JSON License Format Specification
    • Audit Filtering Quick Reference

Support

Getting Help

© 2011-2026 SurePassID. All rights reserved.