New Update: ESP (3769)

[Harry Hornbill]

Hello everyone,

The latest update of ESP (3769) has been released to live.

The change log for this update is as follows:

New

• Added support for TOTP two-factor authentication for guest logins
• Added methods to support TOTP for Microsoft and Google authenticator apps.
• API Keys now support rules that can restrict key use by IP Address
• Added utility operation to return the IP address the Hornbill service is seeing for our API calls
• Added utility::geoip to get geo location information from an IP address
• Its now possible to create a user account without specifying a direct login password. In this case, the account will not be able to be directly logged into
• You can now specify an expression to dynamically control when a webhook is triggered.
• A new WebHook option has been added, which allows you to use JSON native datatype values in the webhook record payload
• There is a new WebHook option that allows you to include unmodified record fields in webhook payload

Change

• The operation admin::userApiKeyGet has been extended to allow getting keys for all users

Fix

• System was not correctly identifying the caller IP for SAML/SSO authorization requests
• Fixed problem with API expired state not being changed after updating expiry date
• admin::keysafeGetTypeInfo is defined as taking multiple typeId parameters
• BPM access control did not correctly filter the workflow list when access was granted to specified Role or Group