Administration release notes
Find out what's new and changed in each version of Administration. This page lists all the releases in the last year, with the most recent release items at the top.
End of support notice for SQL Server 2014
Following the previous notice, Phocas has now stopped supporting SQL Server 2014. More information.
End of support notice for SQL Server 2014
In July 2014, Microsoft stopped supporting SQL 2014. Phocas will end support for SQL Server 2014 from November 2024. More information.
6 August, 2024 (Version 24.7.5)
Following the last release, we made another enhancement to the Configuration page. When you try to save changes that include a validation error, the setting with the error is highlighted in red, so you can quickly identify where the problem is.
It is now not possible for a user with a Viewer license to have a non-viewer profile.
July 18, 2024 (Version 24.6.5)
We updated the Configuration page with a fresh design that aligns with the pages in our other modules. The settings are now organized into tabs, making it easier to find the ones you need to configure. We also enhanced the data validation behind the settings to prevent you from entering invalid details and introduced more messaging to help you resolve such validation errors.
February 26, 2024 (Version 24.2.1)
We now apply a password policy to new user accounts. Passwords must be at least length eight characters long and cannot be the same as the username.
January 8, 2024 (version 23.12.2)
We changed the password validation; you can no longer set your password to something that contains your username.
You will now receive an email if your account is timed-out following the number of incorrect password attempts specified in your organization’s password policy. The email informs you that your account might be under attack if it wasn’t you trying to sign in. The email includes the option to reset your password, if you want to unlock your account sooner, and remove the timeout on your account if you want to keep your password.
You can now create SAML-only users directly from the user maintenance form.
If you have enabled Enhanced SAML Security for your organization, an additional checkbox is available on the user maintenance form (below the Username box). When selected, the user is authenticated by a third-party identity provider (IdP).
This authentication option behaves similarly to the existing LDAP authenticated? options in that it disables the Autogenerate password and Force password change options in the Password section of the maintenance form.
You can only select either the SAML authenticated? or LDAP authenticated? checkboxes, in other words, you can only use one authentication method. If neither checkboxes are selected, the user’s password is automatically generated and the sign in details are sent via email.
November 20, 2023 (version 23.11.1)
New single sign-on (SSO) features
We added new options to the SSO configuration settings that allow Phocas to take action on your behalf:
User details sync - Syncs (updates) a Phocas user account with the user’s details from the third-party identity provider (IdP) each time the user signs in to Phocas.
User account creation - Creates a Phocas account for an IdP authorized user who does NOT currently have a Phocas account when they try to sign in to Phocas.
Template - Applies a template when creating the new user account (used with the above option).
See Enable single sign-on (SSO) and Create a user template for more information on these new options.
Small changes
In the case of a locked or disabled organization, or one with an expired trial period, if users try to sign in to the organization’s Phocas site, they now get to a landing page with a descriptive message.
Users whose accounts have been locked individually (via the user maintenance form or Users page) are now forced to sign out of their accounts. In the next release, this change will also apply to user accounts that have been locked using the bulk user update tool.
November 7, 2023 (version 23.10.2)
New feature - Enhanced SAML security
We implemented an Enhanced SAML Security option in the Single Sign-On (SSO) feature. When you select this option:
The Phocas sign in screen looks different - it promotes the SAML authentication method.
SAML users will only be able to sign in to Phocas using SAML.
SAML user passwords will not be resettable in Phocas.
Non-SAML users can still sign in to Phocas via the link below the Sign in button.