Release Date: 09 June 2020
What’s New?
DOCUMENTS & DATA
Enforce DUO
- DUO will be enforced across all Client instances.
- We have enabled it on a per application basis, meaning that it’s either on for the Kurtosys App on different environments (app-rel/app/app-us). There is no middle ground to switch it off for certain clients.
- For users that will be loading data via the API any Super Admin user can apply the API Loader User role.
- In light of this we are also reiterating that there will be no sharing of users going forward
- Each person accessing an instance will have their own user, using their own device to authenticate
- In cases where developers need access to production we will create a user, and deactivate the user once the testing is done.
- The first time you log into an instance it will require you to select one of three methods:
- Push
- Text
- Call
- Once you have set up one of these methods you will be able to access the Kurtosys App.
- If you would like to set up more authentication methods you can go to the User Profile section and ENABLE more methods.
- You can also DISABLE your current methods in the User Profile section, for example if you are getting a new mobile device or changing your phone number.
- For internal practice please use Push notification as it’s free (both Call and Text have costs attached each time you authenticate).
- If your phone is lost, stolen or broken another Client Admin person on that client instance should be able to impersonate your user and DISABLE your current 2FA methods and you can set up a new method on login.
Delegated SSO
- We now have the ability to enforce SSO as the only sign in method on a per Client basis.
- The SSO section in System Administration has been renamed to Authentication
- Here you can control the login method on a per application basis (Enabled toggle)
- Setting up SSO remains in this section
- For Kurtosys employees that need to access client instances that use Delegated SSO we have built a bypass:
- Use the URL extension, and it will allow the Username and Password fields to show
- app-rel.fundpress.io?internalBypass (when we switch the domain: rel.kurtosys.app?internalBypass)
- app.fundpress.io?internalBypass (when we switch the domain: uk.kurtosys.app?internalBypass)
- app-us.fundpress.io?internalBypass (when we switch domain: us.kurtosys.app?internalBypass)
- You’ll need the role Kurtosys Employee (can be assigned by a Super Admin), which will then allow you to actually sign in via Username and Password.
- If you don’t have the role assigned you, you will be able to see the fields with the URL extension, but you won’t be able to login
- Use the URL extension, and it will allow the Username and Password fields to show
- In the Authentication > Login Strategies section you will now see a list of all the apps in the specific client instance (it does not filter for only apps that need a login yet)
- In this section you are still able to set up your SSO as usual
- In the below screenshot I’ve highlighted the two rows that impact the Kurtosys App login, whichever of these are enabled will allow you to use that login method, but at least one of them need to be enabled at all times.
Bulk Select & Download
- Users can now download documents from the Document Hub in bulk by selecting the files and downloading from the button at the top right
- This will download the files as a zip file
- There is a 500 MB file size limit (all the documents selected should not exceed this limit)
- Documents that are stored via a URL (not hosted on our servers) can’t be downloaded in bulk
- Reason for this is that we don’t know the size of the document hosted in the URL
- You will receive a warning toaster message if the document is stored via a URL and the bulk Download option will be disabled
- The Select All box that is in the Title row of the page will only select what is on that page, and not all the documents that are in the Document Hub
- Users can also bulk delete using bulk select functionality
- The user is able to select documents, and search for other documents using the search bar, the selection is remembered in the background
- Because of this we also made a Clear Selection option