Available for testing on pre-live sites in the UK and Ireland on November 25, then going live on December 2. Released in the US on December 7.
Generally the release is timed to commence at 21:00 UK/Ireland Release and 10:00 US release (UK times) and usually there is no loss in service as part of this Scheduled Engineering work. If we expect a transient loss in Service to occur this will be be within the opening 1 hour window of the release, and we would advise in the release notes.
govService Platform
Improvements
- Microsoft is deprecating their Basic Authentication (Basic Auth) and the end of Basic Auth will impact all govService customers using Office 365 for Inbox. We have built out a new LIM which authenticates using the OAuth2 protocol, which Microsoft will still support. Customers need to re-authenticate in order to update to the new LIM; we plan to release a user guide in early December that will walk customers through the re-authentication steps. Please see the FAQ at the bottom of the page for more details.
- We have added a feature to the reporting mapping tool to enable users to export all PII Blocklist fields into a CSV. This enables users to review the list of fields outside of the mapping tool in bulk. Updates still need to be applied within the mapping tool.
A new Export button is available on the top right of the page of the PII Blocklist tab in the mapping tool. Pressing the button creates a file in the format:
pii-blocklist-fields-yyyy-mm-dd-hh-mm-ss.csv
where yyyy-mm-dd is the date of the download, and hh-mm-ss is the time of the download
The format of the file is:
field_id, field_dataname, field_label, is_pii
The value of is_pii is "False" if the field has been unblocked to migrate to redshift and "True" if it remains on the blocklist. - Update: to manage capacity we'll be enabling retention on a per-customer basis. Please ensure your retention periods are configured as retention may be enabled at any date. Compliance Console: All unconfirmed user accounts are now removed based on a default 365-day retention period. An unconfirmed user account is an account where the user registered an email/password but never completed their user profile, so is unable to access their account. Additionally, for some customers, the user database may have been partially populated when the site was created and these accounts will not have been confirmed. These unconfirmed user accounts are not visible in the UI or Permissions Manager. We suggest customers reduce the default value from 365 days to a more appropriate value, such as 30 days. See GDPR: Compliance Console for further information.
- We have made security improvements to Printable Integrations.
- We have made a security improvement to V1 Integrations.
Bug Fixes
- An intermittent issue has been resolved in Realtime Reporting where text fields greater than 256 characters mapped to a text field could on occasion cause the submission data migration to abort, resulting in some submission data not being transferred to redshift.
- Customer Service Hub: We have fixed a bug with General Enquiries that was preventing general enquiries from displaying if too many entries had been configured.
- Payments: We have fixed a bug where payment Integrations were returning a generic reference code ('REF/FSPA-NEW') rather than the reference code provided by a given payment connector. The correct payment reference now appears within Integration logs.
- We have fixed a bug that was preventing MyAccounts data being displayed for certain users.
LIM Update FAQ
What is the LIM update?Microsoft is deprecating their Basic Authentication (Basic Auth) and the end of Basic Auth will impact all govService customers using Office 365 for Inbox. We have built out a new LIM which authenticates using the OAuth2 protocol, which Microsoft will still support.
Reference
here for the full press release from Microsoft
Am I impacted?Customers using the Inbox functionality with Office 365 as their email provider are impacted by this change; if you do not use Office 365 for Inbox, you are not impacted. (Note: Customers using on-prem exchange are not impacted.)
What should I expect from this update?This update includes a new authentication interface and enhanced security update. As a customer, if you are impacted (see above), you will need to re-authenticate your credentials to ensure that this will not impact your experience with the Inbox functionality.
When will this take effect?The update is included in govService release 490, which was made available on pre-live sites in the UK and Ireland on November 25, will go live in the UK and Ireland on December 2, and will be available in the US on December 7. We will be providing customers with a detailed user guide near the beginning of December, which will walk through how to re-authenticate and the steps for proper set-up.
When is the deadline to re-authenticate, and what will happen after that deadline?Microsoft have not been explicit in their communication as to when they will disable Basic Auth on Office 365 accounts. Out of caution, we recommend upgrading to the latest LIM with the enhanced security protocols as soon as it is available and re-authenticating by January 1st, 2022. Beyond this date, you risk potential loss of inbox files, all relevant data, and access to your inbox when Microsoft implement the change on their end.
