SecurID® Product Advisories

Read and subscribe to the latest announcements and advisories relating to the SecurID product.

RSA April 2023 Release Announcements

Manage Local Identity Sources

In the Cloud Administration Console, administrators can now add, edit, or delete local identity sources. Administrators can add users to local identity sources through the "Add User" option in the Cloud Administration Console (From Users > Management), CSV file upload, or via the SCIM API.

Import Users via CSV Upload

The Cloud Authentication Service supports importing new local users using CSV file upload. In the Cloud Administration Console, administrators can now upload a CSV file to import new users. This option is only available for local identity sources within the Unified Directory.

Secure Amazon Workspace with My Page Single Sign-On (SSO)

Using My Page single sign-on (SSO), administrators can now secure AWS workspace with the identity provider (IdP) initiated SSO SAML support. In the Cloud Administration Console, you can set the optional “Default Relay State.” If a SAML request message contains dynamic Relay State data, then the SAML responder will return its SAML protocol response using a binding that also supports a dynamic Relay State mechanism. If there is no Relay State in an IdP-initiated request, the default Relay State will return in the SAML response.

Cloud Config API Added for the Epic Hyperdrive

To secure login to the Epic Hyperdrive, a new "cloudconfigs" API has been added to return additional cloud configurations related to the Epic Hyperdrive to support it during multi-factor authentication (MFA) proxy requests from Epic Hyperdrive agents.

Modified Validation Rules for the RADIUS Name and Description

The validation rules of the RADIUS Name and Description fields have been modified to match the configurations used for Authentication Manager. When you add a RADIUS client, the Name field can now contain spaces and dots, and the length of the Description field has been increased to 255 characters.

Enhanced Event Logs and Authentication Tracking

The Cloud Authentication Service now tracks which authentication method(s) a user has used instead of which assurance levels were met to access a protected resource. The Event Monitor logs will now help you to monitor the log events when users are automatically allowed access to an app based on the used authentication methods.

Removal of Ciphers in June 2023

The following table lists the ciphers for incoming and outgoing connections that will be removed or renamed in the Cloud Authentication Service June 2023 release. These ciphers were not working in the previous releases, and hence these are removed or renamed. If you find these ciphers configured, update (remove or rename) them based on the following table. The cipher update will not affect the environment since other working ciphers were configured.

Cipher Connection Action
ECDHE-ECDSA-AES256-SHA Incoming Removed
ECDHE-ECDSA-AES128-SHA256 Incoming Removed
ECDHE-ECDSA-AES128-SHA Incoming Removed
ECDHE-ECDSA-AES128-GCM-SHA256 Incoming Removed
RSA-AES128-GCM-SHA Outgoing Removed
ECDH-RSA-AES128-GCM-SHA Outgoing Removed
ECDH-ECDSA-AES128-GCM-SHA Outgoing Removed
ECDHE-RSA-AES128-GCM-SHA Outgoing Removed
ECDHE-ECDSA-AES128-GCM-SHA Outgoing Removed
RSA-AES128-SHA256 Outgoing Renamed to AES128-SHA256
RSA-AES128-SHA Outgoing Renamed to AES128-SHA

RSA Authentication Agent 7.4.6 for Windows Agent

RSA Authentication Agent 7.4.6 includes display message corrections in language packs.

Identity Router Update Schedule and Versions

This release includes miscellaneous identity router improvements. Identity routers will be updated according to the following schedule.

Date Description

AU: 5/2/2023

EU / IN: 5/4/2023

NA: 5/4/2023

Gov: 5/5/2023

Updated identity router software is available to all customers.
05/27/2023 Default date when identity routers are scheduled to automatically update to the new version unless you modify the update schedule or update manually.

If you postponed the default date, this is the last day when updates can be performed.

Note: Downloading the new identity router image when you deploy new identity routers ensures that you benefit from the latest security improvements.

The new identity router software versions are:

Identity Router
Deployment Type

Amazon Cloud RSA_Identity_Router

Standardized User Experience Across All Authentication Screens – Coming in May 2023

My Page logon screen will be enhanced to include User ID and Password fields on the same screen for a faster authentication.


My Page can be customized to include company logo, icons, color, background image, and text that is specific to your organization and meaningful to your user audience.


My Page customizations will be applied to all authentication screens and flows for a uniform experience.


Customization option is available only for ID Plus E2 and E3 subscriptions.

New and Updated Third-Party Integrations from RSA Ready

The following integrations were recently completed or certified by RSA through the RSA Ready Technology Partner Program. For Implementation Guides, see SecurID Integrations on the RSA Community.

  • CSP Authenticator (update) – updated support for Authentication Manager using RSA MFA API (REST).
  • Dell iDRAC (new) – added support for Authentication Manager using RSA MFA API (REST).
  • Endace (new) – added support for Authentication Manager using RSA MFA API (REST).
  • ForgeRock Access Management (new) – added support for Authentication Manager using RSA MFA API (REST). Support for the Cloud Authentication Service is coming soon.
  • HelpSystems FoxT Server Control (update) – updated support for Authentication Manager using RSA MFA API (REST).
  • IBM DS8000 (new) - added support for Authentication Manager using RSA MFA API (REST).
  • IBM Guardium Data Security (new) - added support for Authentication Manager using RSA MFA API (REST).
Labels (2)
No ratings
Version history
Last update:
‎2023-04-24 09:09 AM
Updated by:
Article Dashboard