We are pleased to announce the introduction of a new feature flag, "SmsOtpAuthentication", with this release. This feature flag brings forth notable implications for both existing and new organizations. Existing organizations will continue to have access to SMS authentication. However, we now offer the added flexibility of being more selective in activating this product feature to keep the UI a bit more clean and to avoid the risk of "hidden sms costs" with some packages. Furthermore, on-premise customers can configure on a per-organization basis if they want to allow SMS sending for authentication purpose.

For new organizations, the following outcomes arise:

1. Trial (Free) and Personal Packages:
   1. SMS authentication will not be available for all new organizations opting for these packages.
2. Professional and Business Packages:
   1. New organizations subscribing to the Professional and Business packages will have access to SMS authentication.

By implementing this feature flag, we empower organizations to tailor their authentication preferences to their specific needs, ensuring a more customized and efficient experience.

For further details, please refer to Feature Flags and Admin Web Guide (restricted access).

Introducing Preemptive Basic Authentication and flexible timestamp validation options:

• We are thrilled to announce the addition of preemptive basic authentication to our HTTP-based communication protocols.
  • With the preemptive basic authentication, it is possible to proactively send the authentication credentials without waiting for a server challenge. Can be configured in Server Core global configuration.
• Introducing flexible validation options for timestamp URIs
  
  • The addition of the new configuration section enables seamless switching of validation implementations for specific timestamp URIs. This utilizes regular expressions to provide granular control over the validation process. We recognize the importance of security and integrity when handling timestamp URIs, and this enhancement aligns perfectly with our commitment to delivering robust security solutions. By allowing easy customization of the validation implementation, Server Core equips administrators with a powerful tool to adapt and evolve their systems according to changing requirements and best practices. Can be configured in Server Core global configuration.

Introducing enhanced flexibility empowering timestamp customization:

• We are pleased to announce a powerful new feature in Server Core's global configuration. The addition of a dedicated configuration section that allows effortless disabling of the "Nonce" parameter validation for specific timestamp URIs. This functionality, driven by regular expressions, empowers administrators with greater control over their validation processes. We understand that security and customization are paramount in today's evolving landscape. By incorporating this feature, Server Core demonstrates its commitment to empowering administrators with tools to meet their security and compliance needs effectively.

These features support the seriousness in our strategy to enter new markets - including Latin America and Switzerland - through increased flexibility of integration options.