User (2020.10)
Content
Announcements
There are no announcements for the 2020.10 release.
MarketONE User Features
This release includes the following new general User features:
Runtime-to-OIDC Token Association to support DAG-based Service Revocation
The 2020.09 release included support for OAuth 2.0 Device Authorization Grant (DAG) flows (in accordance with RFC 8628). DAG functionality enables users to onboard and authenticate with an associated devices (e.g., set-top-box) before they access services through that device. During the onboarding and authentication flow, MarketONE creates (among other entities) a Runtime entity that represents the device. The system also issues an access token against the device for authentication.
As of this release, access tokens are associated directly to the Runtime entity (aka. device) within the MarketONE datastore. This change enables MarketONE tenants to notify MarketONE when an end user's subscription status changes and, as a result, remove any access to services through the device itself. If the end user's subscription status changes with the tenant, then the tenant's back-end system (e.g. Billing/Operations Support System, or B/OSS) can send this to MarketONE as a system event. MarketONE then removes any existing tokens from the Runtime, and this prevents any further access to the subscription-based service through the device.
MarketONE tenants can leverage the MarketONE POST /runtime/event API to send updates to MarketONE.
Multi-Factor Authentication - Unregister Notification
MarketONE's Multi-factor Authentication (MFA) enables an end user to register an email address, mobile number, or RFC 6238-compliant third-party application to their MarketONE User ID as an MFA option, as an optional extra layer of login security. The User can also unregister these options at their discretion. Amdocs officially released this feature in the 2020.09 release.
As of this release, MarketONE now sends a notification message to all of a user's registered contact channels when the end user unregisters an MFA method from their User ID. This provides a clear record of the action to the end user.
API Enhancement - Serialize Entity Attributes as JSON Object
The MarketONE data model consists of primary entities, and each entity is composed of properties. These resources are returned to client applications through MarketONE User API (e.g., a GET /user API returns the currently authenticated user's corresponding User entity properties and attributes to the client).
Previously, MarketONE User APIs serialize attributes as a list of simple objects with distinct name and value strings. As of this release, entity attributes are now serialized as a proper JSON object.
This removes the redundant name/value pairings, simplifies the API payload structure for easier consumption by client application UIs, and overall improves system performance.
Note: This change does not affect MarketONE User Process API responses, as those APIs return resources to client applications in their own particular structure that already confirms to JSON.
Process Enhancement - Accept / Decline Process Includes Onboard New User Flow
When an end user opts to share their account or service with another end user (i.e., when they opt to associate their Account / Subscription to another User entity), they submit the invitee's email address or mobile number to the Invite User to Share A/S/F Process. This Process then sends the invitation out to that channel with a Action Token.
Once the token is received, this invokes the User Accepts or Declines Invitation Process. As of this release, the User Accepts or Declines Process now provides a proper onboarding flow consistent with the Onboard User with Email/Mobile Process (without needing to end the current Process). This streamlines onboarding for prospective new users, so that invitees can quickly and seamlessly onboard, accept, and gain access to shared accounts and services.
Notification and Messaging Enhancements
User friendly messaging updates for:
- Email subject lines
- Unregister MFA message body
- Email notification when user is invited to platform
- Notification templates use display names, but if display name does not exist, then a generic greeting is used
Comprehensive Testing of all Business Reports
All business reports have been redesigned with a new technology stack for better, faster performance. These reports have been tested in this release.
Bug Fixes
The following bug fixes have been fixed as of the 2020.10 release.
| Summary | Description |
|---|---|
| The User Accepts or Declines Service Invite Process creates a new, orphaned User ID when the invitee declines the invitation (and explicitly declines to create their own User ID). | The Process now works as expected. When an invitee declines the invitation to MarketONE User, the Process ends with no new User ID creation. |
Known Issues
The following issues are known and are actively being resolved:
| Summary | Description |
|---|---|
| Admin Portal user can't see all values of access token. | On the New OIDC Client screen, the Access Token Expiration field needs to accommodate more than 3 digits. |
| Generic message when user creates ID using invalid password. | On the IdP UI, when a user creates an ID but enters an invalid password, they receive a generic message that needs to be adjusted so that it notifies the user what the actual issue is with their invalid password. |