Improvements
Header | Description |
|---|---|
| Simultaneous logout of multiple clients (RTL-6317) | User's can be logged out of all configured applications using AccountService, while logging out of one of them. All application's have to be part of the same loyalty program. |
AccountServiceIntegration job UserWithMemberMerger
(RTL-6270)
The new job "UserWithMemberMerger" imports external users and converts imported data into user accounts (processed by AccountService)
and member identities (processed by MemberService and CustomerService).
Support for organization membership type in AccountService
(RTL-6289)
AccountService supports registration of pre-existing organization membership types through custom registration form that requires password only.
On boarding messages (text or email) for organizations have templates separated from standard on boarding messages.
Management API for user lookup in Account Service
(RTL-6628)
The Account Service Management API was extended with a method to lookup users based on different identifiers such as Email, Mobile, SSN or subject.
More info can be found here
Improvements
Header | Description |
|---|---|
| Change name of menu item in AccountManagement (RTL-5304) | Some minor text changes has been made to menu items leading to Account configuration and User accounts |
| Changing mobile number (before reg is done) does not reonboard user in vipps (RTL-5557) | When changing a mobile number on a member in EG Loyalty, the on-boarding process in AccountService will be triggered. On-boarding a user can now be triggered again by changing mobile number in ChainWeb. |
| Avoid Address lookup if the Member already exists (RTL-6230) | Added a control mechanism that checks for the origin of the member data to prevent double address lookup's. |
| When creating a new member using BankID we send an invalid link (RTL-5866) | Events are now processed in the correct order, preventing sending of invalid links |
Support for configurable order of objects in the log in page
(RTL-5030)
New configuration makes it possible to decide if the provider section should be on top or at the bottom of the log-in page.
It is also possible to change the order of the different providers within the provider section.
Improvements
Header | Description |
|---|---|
| Log-in button locked state (RTL-5029) | When choosing to log in without password the log-in button gets locked/disabled for 30 seconds. |
Perform phone number address lookup during registration
(RTL-4519)
The new Parameter 'Address Lookup' was added to the Mobile and SSN settings in Account Service Configuration.
It introduced support for performing phone number lookups as a part of the prefetch step during registration.
Changes to provider buttons
(RTL-5637)
Changes has been made to all provider buttons, to make sure they align with the guidelines given by the providers
Improvements
Header | Description |
|---|---|
| Validation of mobile number (RTL-5356) | Mobile number field is validated during login and registration. |
| Logo shouldnt redirect to root, if root is not configured (RTL-5665) | Logo on login page will only link to root if RootRedirectUrl is configured |
Added force identifier verification feature (on login) for unverified users
(RTL-2126)
We now force verification for logins on unverified identifiers.
Improvements
Header | Description |
|---|---|
| Improved logging (RTL-5373) | Fixed conflict when registering on different concepts with Swedish BankID. |
| Improved error handling (RTL-4813) | Added error handling when the end users state cookie has expired for Swedish BankID. |
| Block or Ignore POSTs on Root | Posting to the root address of Account Service does not throw/log internal server error 500 and the 404 Not Found status is displayed instead. |
Onboarding member through Vipps
(RTL-4435)
AccountService supports external authentication for Vipps phonenumber/CIBA flow.
Password requirements
(RTL-4945)
Password is not required for registration with all external authentication registration (Vipps, BankID,Facebook, AppleID).
Automatic check of communication flag
(RTL-5135)
Communication flag for SMS or email is only checked automatically if email address or mobile number is registered.
Improvements
Header | Description |
|---|---|
| Update default text for communication terms (RTL-5263) | The default text for communication description was changed to :
|
| Improvements to alignment of default texts (RTL-4846) | All texts has been left aligned |
Update Default Text in Account Service
(RTL-4921)
The default text in Account Service was unified and updated in all three languages (EN, NO, SE)
Improvements
Header | Description |
|---|---|
| BankID registration (RTL-5132) | Optional configured email or mobile fields will not appear as "invalid format" if they are not filled out |
AccountService UI - Account's list view
(RTL-4750)
A view with information about all accounts in AccountService is available. And can be found in the Chain Web menu: System > Account > Accounts
Access to the view is managed by using the 'View Accounts' permission stored in the 'AccountService' permission group.
Visibility of stores in Account Service registration
(RTL-4287)
It is possible to edit the list of stores displayed in user registration in AccountService.
Only stores that are active and that are not added in the section "Hidden stores" in AccountService management are displayed as possible home stores for new members
Improvements
Header | Description |
|---|---|
| Onboarding identifier (RTL-4956 , RTL-4871) | Only the primary identifier (email/mobile) is used for on-boarding. |
| Http failure response when fetching stores to the registration page (RTL-4605) | Account Service does not fetch stores to the registration page when the home store field is disabled. |
Implement Apple Id support
(RTL-4653)
Added support for apple ID external authentication.
Improvements
Header | Description |
|---|---|
| Terms config in AccountService Management UI (RTL-4463) | Added missing terms and translations to the Management UI |
Open Client (Webshops) Should be able to specify language for Account Service UI
(RTL-3739)
The .AspNetCore.Culture cookie that overrides the browser language was implemented. That means it is possible to specify one of the supported languages: (nb-NO, sv-SE, en-US) causing AccountService to display the UI content in the selected language.
Not specifying a language, specifying a none-supported language or any other value defaults the page to the browser language.
Support scale-out for SignalR
(RTL-3965)
Created provider structure for notifications and added Azure SignalR service, so we now Support Scale-out for SignalR.
Improvements
Header | Description |
|---|---|
| Shortened URL loose validity after swap (RTL-4507) | Verification links from e-mail or text message won't lose validity when swapping AccountService slots. |
| Modify 'not valid before' parameter of Azure SignalR access tokens (RTL-4563) | The 'not valid before' parameter of Azure SignalR access token is set to current dateTime minus 5 minutes in order to make the integration between SignalR server and AccounService instance more reliable |
Changing identifier value to the current identifier (RTL-4456) | When sending a request to change user identifier via PUT api/external/user/{userIdentifier}/identifier the response returns '200 Ok' status code if request contains the same identifier as the current user's identifier. Since changing the identifier to an existing one requires no processing it is marked as a successful request. |
Invalid returnURL (RTL-4145) | Fixed invalid return URL's for bankid, it now returns the correct error message. |
Missing translations in AccountManagement module (RTL-4129) | Account permissions are translated into Norwegian and Swedish.
|
Multiple concurrent requests to change identifiers (RTL-4006) |
|
Navigating between windows (RTL-3938) | A back arrow is displayed above the header allowing to go back to the previous window in Firefox, Chrome and Edge. |
Missing fields in AccountService Management (RTL-2578) | Account Service Management UI contains all configuration fields , which enable easier configuration by using the designed UI. |
Date:
Logo Should Always Redirect to Root(which in turn uses config)
(RTL-3558)
After pressing AccountService logo during BankID login option user is being redirected to the login session and has no more difficulty with the page being only refreshed.
AccountService added features
(RTL-3595)
Added functionality/config for looking up RP certificates by using thumbprint as opposed to common name.
(RTL-3586)
Added multi tenant support for BankID.
...
External Frontend Usage Leads to Missing SSN on Users
(RTL-2950)
Clients' data regarding SSN that are registered using external frontend are properly saved and stored in the Account Service database in dbo.User table, as well as, in the MemberInfoService database in Ident.Person table.
Update MergeUser Procedure to Fit Extended Identitynumber/Loyalty Index
(RTL-3396)
The MergeUser procedure was updated and it is possible to export users from MyPage to AccountService using the UserMerger job.
Only Login with BankID
(RTL-3531)
Added configuration to disable registration with BankID when BankID login is activated. The purpose here will be that our customers can choose one to have both, or one of the possibilitets with BankID
...
Date:
Update Npm packages
(RTL-3223)
Solution doesn't depend on npm packages with high or critical vulnerability - Npm packages were updated properly.
Failed Dependency Application Insights Logging
(RTL-3230)
The 404 dependency calls to MemberInfoService GET/api/MemberIdentity/[LoyaltyProgram][IdentifierType] are marked as succeeded instead of failed operations when the failure is a result of a normal part of the flow and should not confuse the user.
Config UI - Do not Serialize Enums to Numbers
(RTL-3238)
When setting the desired configuration for Account Service in specifically designed UI (System->Concepts->LoyaltyPrograms->Configuration) enums saved to json configuration stored in DB are serialized as strings. What is more, AccountService accepts json configuration where enums are serialized both as numbers and string.
Membership registration
(RTL-3257)
Membership registration works for members where email was already registered without SSN.
...
Register with social security number
(RTL-2760)
Fixed an issue that made it possible for users to register for any existing SSN (in MemberService).
AccountService checks if the email matches the email on the membership.
Logging
(RTL-2764)
AccountService will logs client side errors (exceptions) in AppInsight under the "Browser" (Server|Browser) category. This will make it easier to detect problems in the end users browser.
Autofill with saved password
(RTL-2804)
The "City" field is not automatically filled with the login saved in the browser.
Login with Facebook
(RTL-2956)
AccountService supports multiple external authentication providers.
...
Swagger is not being displayed
(RTL-3055)
Broken error handling was improved and Swagger page is available now.
Registration fails with 500 when registering only passwords (Marqet setup)
(RTL-3144)
Due to a bug in frontend, which caused users have empty phone number, MQ clients failed to complete user registration in AccountService. The bug originates from RTL-2620 and this hotfix restores MQ registration flow.
Fix for error logging related to verification page
(RTL-3172)
Open verification link in different browser does not generate client side error
Registration of members with SSN but missing email
(RTL-3179)
During registration if we find a member with correct SSN and missing email we assign this membership to the registering user.
Correctly initialize array
(RTL-3208)
It is possible to finish registration in Account Service from invitation link based on Member created in Chain Web.
...
It is possible to add birth date as a field in registration process - it can be typed manually or picked by using calendar. It is configurable whether or not it is mandatory to be of a certain age to be allowed to register.
Improvements
| Module | Description |
|---|---|
Add support for data analysis terms in registration process | Support for data analysis terms in registration process has been implemented. Now by applying proper configuration, it is possible to:
|
| WebApp: Add support for terms approval in registration process | Support for terms approval in registration process has been implemented. It is possible to add member terms checkBox with descriptions and link - which can be customizable by using configurationJson in dbo.loyaltyProgram table. If we don't add the configuration, then user will see member terms checkbox with descriptions and link - and during registration process user must accept member terms to register |
...