SGNL Release Notes

1.110

Dec 26, 2024

Improvements and Bug Fixes

  • We’ve improved the clarity of decisions in SGNL Policy Lens
  • We now resolve User IDs to Display Name’s in the Logs in the SGNL Console
  • CAEP Hub now has improved support for Labels

1.109

Dec 19, 2024

Systems of Record

  • We added the option to import new configuration from System of Record Templates
  • We’ve added Advanced Filters for Service Now, to filter only members of specific groups, and their related nodes to SGNL

Administration

  • User Display Name is now available in SGNL Audit Logs

Improvements and Bug Fixes

  • We fixed a bug where a SGNL Client ID was showing in Data Lens

1.108

Dec 12, 2024

Systems of Record

  • We’ve improved the validation of configuration for Entra ID Advanced Filters

Policy

  • Policy Administrators are now able to Approve Policy Versions and have an audit trail with prior approvals

Improvements and Bug Fixes

  • We improved the clarity of a warning in Stream Configuration on Protected Systems

1.107

Dec 5, 2024

Systems of Record

  • You can now filter just members of specific Groups for Entra ID using advancedFilters

CAEP Hub

  • When configuring Supported Events in the CAEP Hub, you no longer need to first have a stream created

Administration

  • We now enable additional logging (e.g. Access Decisions, Ingestion Logs, Transform Logs, etc) to be returned in the SGNL Console

Improvements and Bug Fixes

  • We fixed a bug that made it difficult to compare number values in the simplified Snippet Builder

1.106

Nov 26, 2024

Policy

  • Region and Country Name are now available directly in SGNL Policy

Administration

  • SGNL Logs can now be streamed directly to S3 Buckets from SGNL Admin

Improvements and Bug Fixes

  • We fixed a bug that made it difficult to compare number values in the simplified snippet builder

1.105

Nov 21, 2024

Improvements and Bug Fixes

  • We’ve added a new capability to more gracefully handle access denials as part of our Effective Permissions API, look for updates and improvements in the SGNL Console over the coming weeks
  • We’ve fixed a bug that didn’t allow an empty body to be passed as part of a delete operation in CAEP Hub

1.104

Nov 14, 2024

Improvements and Bug Fixes

  • Enabled additional filter characters in Data Lens

1.103

Nov 7, 2024

Systems of Record

  • We’ve added RoleAssignment, RoleRequest, and GroupRequest entities to the Entra ID SoR

Improvements and Bug Fixes

  • Improved the experience modifying the schema for CAEP and RISC messages as Event Streams

1.102

Oct 31, 2024

Protected Systems

  • Provider Hooks now periodically refresh signing information from provided JWKS URLs

Improvements and Bug Fixes

  • Fixed a bug where you were required to update Authorization Code Flow details if changing configuration on the settings page

1.101

Oct 24, 2024

Systems of Record

  • Additional Logs have been added for Event Streams, simplifying auditing, investigation, and debugging
  • The AWS System of Record can now handle multiple AWS Accounts with a single System of Record instance

CAEP Hub

  • CAEP Hub Metrics and Insights are now available on the dashboard

Improvements and Bug Fixes

  • We’ve added an optimization to merge claims of the same name for Entra ID Provider Hooks

1.100

Oct 17, 2024

Protected Systems

  • Provider Hooks can now validate Entra ID tokens, enabling SGNL as a trusted Custom Claims Provider for Entra ID sign-in

Improvements and Bug Fixes

  • A bug affecting System of Record metrics for some customers has now been fixed

1.99

Oct 10, 2024

Protected Systems

  • We’ve improved the usability of the Google Cloud Platform Protected System in the Protected System Catalog, as well as improving our documentation for GCP

Systems of Record

  • ServiceNow has been enabled to support OAuth2 Authorization Code Flow, enabling the elimination of username and password for connectivity
  • We’ve improved how we filter Group Members sourced for Entra Id in order to improve synchronization performance
  • Crowdstrike as an SoR is now available from the System of Record Catalog
  • Major improvements to the way that Account Entitlements are synchronized into SGNL from Sailpoint IdentityNow have been made available to all Sailpoint customers

Improvements and Bug Fixes

  • DeviceID as a query parameter on the access service is now better supported across the SGNL product
  • Relationships across Systems of Record are now displayed more clearly in Relationships
  • Some Actions are now pre-populated with well-known values, we’ll continue to roll enhancements out across action targets over the coming weeks

1.98

Oct 3, 2024

CAEP Hub

  • Event Streams are now generally available, enabling SGNL to receive any Security Event Token (SET) for use in Actions, Policies, and Broadcasting
  • Templates for standards-based CAEP and RISC are available from the SGNL SoR Catalog, enabling you to add event transmitters directly into SGNL
  • Event Streams have been enabled to use one of Authentication (via a SGNL Auth Token), Token Signing Validation, or both

1.97

Sep 26, 2024

Administration

  • New Logs for Transformed requests and responses are now available

Improvements and Bug Fixes

  • We fixed an issue where templates exported from the console sometimes would not re-import list attributes

1.96

Sep 19, 2024

CAEP Hub

  • We’ve improved some of the look and feel of CAEP Hub Insights and Logs
  • We now provide better reporting on in-progress actions

1.95

Sep 5, 2024

Protected Systems

  • You can now choose different methods to augment tokens with Okta OIDC Transforms

Improvements and Bug Fixes

  • We fixed an issue with the OAuth2 Authorization Code Flow that would sometimes impact our ability to refresh an access token

1.94

Aug 28, 2024

CAEP Hub

  • New actions have been added for Salesforce
  • New actions have been added for Entra ID

Protected Systems

  • Okta OIDC Transforms are now available, enabling a Token Hook to talk directly to SGNL and have claims added based on the returned Search API Assets

Improvements and Bug Fixes

  • We fixed an issue with the configuration experience for Splunk Log Streams that would cause transmission of events to fail

1.93

Aug 21, 2024

Improvements and Bug Fixes

  • We improved the OAuth2 Authorization Code UI to make it more user friendly
  • We’ve fixed an issue where the CAEP Hub Insights metrics would sometimes show incorrect values

1.92

Aug 14, 2024

CAEP Hub

  • CAEP Hub Insights is now available, enabling visibility into the CAEP Hub Workflow
  • We’ve added a new action for Salesforce to revoke user sessions
  • We’ve added a new action for Slack to revoke user sessions
  • We’ve added a new action for Snowflake to revoke user sessions

Improvements and Bug Fixes

  • We fixed a bug in the OAuth2 Authorization Code Flow configuration, where attempting to patch the configuration would sometimes result in an error

1.91

Aug 8, 2024

Improvements and Bug Fixes

  • We’ve made some general improvements this week to better support some new functionality that’s just around the corner

1.90

Aug 1, 2024

CAEP Hub

  • CAEP Hub is now Generally Available, including more actions, better configurability, and more options to take action on activities that happen within your organization
  • We’ve improved validation of actions during configuration to provide more granular feedback on misconfigurations
  • We’ve added a path from Protected Systems to CAEP Hub, so you can more quickly get in and create new Rules or Triggers from the Protected System pages

1.89

Jul 25, 2024

Policy

  • You can now archive policies and snippets – simply head on over to the Settings page for the object you want to archive, scroll to the bottom and hit archive. If you need to unarchive a policy or snippet, simply select the filter on the details page to show Archived Policies or Snippets

Systems of Record

  • We now allow Path Relationships to be created across as many entities as needed, no longer limiting this to 2 entity relationships

1.88

Jul 18, 2024

Policy

  • We’ve rolled out a new capability called Access Reporting – here you can ask, and report on 2 important questions “Who can access this Asset (or set of Assets)” and “What can this principal access?”. We’re always looking for feedback so please reach out with questions and comments

Protected Systems

  • Protected Systems and Actions now support the OAuth2 Authorization Code Flow

1.87

Jul 11, 2024

Administration

  • Added support for multiple Log Streams per Client

Improvements and Bug Fixes

  • Fixed an issue where some Policy Lens requests would log access decisions in the Access logs

1.86

Jul 3, 2024

Protected Systems

  • Added support for precedence configuration in Transforms, enabling you to specify the resulting output of two values that may otherwise conflict in downstream systems

1.85

Jun 27, 2024

Protected Systems

  • We’ve made significant improvements to Transforms on Protected Systems – you’re now able to select multiple attributes and add them to the configuration for a response to calling systems like Okta

Administration

  • Added support for streaming SGNL Logs to Splunk

Improvements and Fixes

  • We fixed an issue where deleting an attribute from an entity caused an error when referenced in a snippet

1.84

Jun 20, 2024

Improvements and Bug Fixes

  • We’ve improved the accuracy of our IP Address to City evaluations during access requests

1.83

Jun 13, 2024

CAEP Hub

  • The current date and time can be evaluated as part of Triggers

Improvements and Bug Fixes

  • We improved the Okta Search API Transform on Protected System to de-duplicate matching claims and paths
  • The policy builder has been improved to flag when an update to a snippet is available

1.82

Jun 6, 2024

Systems of Record

  • We’ve extended our searching and filtering capabilities to Systems of Record
  • We’ve added minor improvements to the Active Directory System of Record

1.81

May 30, 2024

Protected Systems

  • We’ve simplified the selection of attributes for Transforms, just to those in the Assets that you have configured for the Protected System
  • The Okta Search Transform has been improved to deliver an optimized response to the Okta Inline Hook

CAEP Hub

  • The AWS Session Revoke action is now available