Release Notes

Release Notes for all BFE Authorization Applications

Release 4.10.10


Enhancements to setting the OAuth field value used for Profile Manager / PTT Login. Changes to the wearable activities.


  • Updated the usage of 'fieldForProfileManagerOAuth' to allow for custom formats, such as using values.

  • Updated logic to force the host device to logout on cancel during WS50 host login.

  • Refactored the wearable sign out logic.

  • Removed the card around the wearable host activity QR code display.

  • Increased the barcode size on handheld sized devices for the wearable host activity.

Release 4.10.7


Auth LDAP - JWT generation updates, PIN/NFC verification screen fixes.


  • Updated the JWT token signing helper to be a reusable object.

  • Fixed alert dialog style to ensure buttons can be configured to be readable when using the dark theme.

  • Added logic to JWT generation in Auth LDAP to use the max session timeout for expiration.

  • Updated Wearable host layout for larger portrait tablets for increased text and button size.

  • Fixed issue where the PIN or NFC verification screen was appearing in the recents activity list.

  • Fixed issue where the PIN or NFC verification screen was only appearing on one side of the screen when the user has applications in split-screen mode. Auth will now disable the split-screen mode when reauthentication is required.

Release 4.10.3


WS50 Authentication support, custom attribute and layout for External Auth users and other fixes/enhancements. Removes support for devices running versions lower than Android 7.0.

Beginning with Auth 4.10.x, your Android devices must be running at least Android 7.0 or higher (minimum SDK level 24).


  • Added capability to receive Session attributes and Layout objects when using Auth - External.

  • Updated for WS50 wearable sign-in feature:

    • Required minimum SDK level bumped to 24 (Android 7.0).

    • New Wearable Login host activity.

    • Updated host activity timeout to 60 seconds for initial and 30 seconds after scanning.

    • Updated to allow passing of siteId and siteName during WS50 login.

  • Added logic to test for valid network connection prior to starting authorization flow.

  • Added MSAL Auth config 'fieldForProfileManagerOAuth' that allows for indicating the field value to use for PFM OAuth. Fixed the ACS Login activity to proper use the OAuth value field.

  • Refactored the logic to place the new 'fieldForProfileManagerOAuth' at base level, and allow usage in OIDC auth flow.

  • Implemented the 'claim_userId' override within MSAL. Possible values are 'userPrincipalName', 'employeeId', or 'id'.

  • Updated call to setting the OAuth value to ensure set in the corner case that "User Read" scope is not configured.

  • Added new OIDC setting verificationTimeoutSecs. When a user is asked to verify using the IDP, Auth will automatically cancel reauthentication when it reaches this timeout value.

Release 4.9.8


Added logout prompt on secondary authorization screens.


  • Fixes for dual PIN screens on force logout.

  • Moved dismissKeyguard to the activity onResume, only if interactive.

  • Changed verification screens to single instance to reduce blinking when turning the screen on (e.g. screen already up, being recreated).

  • Fixed an issue with Verify Barcode losing ability to scan during repeated on/off cycles.

  • Updated the current session object upon successful reauth.

  • Added logging to determine if user-initiated cancel or direct method call.

  • Added capability for LDAP Auth to use shared credentials for NFC+Pin login.

  • Added logout prompt dialog if secondary auth required is true and user clicks on Logout button.

Release 4.9.5

Released March 2024


Ability to customize OIDC authorize parameters, fixes for MSAL logout and Quick Start icons


  • Added configuration 'addlAuthorizeParams' which appends key/value pairs to the authorize calls using config and/or session attributes.

  • Fixed issue where MSAL in shared device mode does not fully logout on reboot.

  • Fixed issue where configured Quick Start icons in the PIN entry screen are not displayed in Android 11

Release 4.9.2

Released January 2024


Updated logic to resign the access token being sent to Zebra Profile Manager (PFM).


  • Updated the PIN Verify timeout to 1 second, which appears to work fine for Demo and OIDC PIN Verify.

  • Updated the IdP Demo Auth to support reauth hint values.

  • Added ability for LDAP to cache credentials for downstream apps.

  • Implemented token refresh in MSAL auth.

  • Updated PTT Pro access token to include sub and upn claims.

  • Added logic to regenerate the PFM access token if the extended attribute pfm_resign_accessToken is true. The new token will only have upn, sub, and unique_name claims.

  • Updated the JWT Token helper to use the new 2024 signing cert.

  • Updated base controller to pass configuration information to the Profile Manager Setup logic.

  • Updated the JWT Helper to accept a certificate version number based on Launcher Setting authBrokerCertVersion.

  • Updated the logic to pass the desired certificate version for signing Profile Manager access tokens.

  • Updated auth to use the latest Launcher Provider AAR.

  • Updated logic to add the certVersion to the token claims.

Release 4.8.34

Released December 2023


Handled additional MSAL exceptions, OIDC group fix, and re-authentication fixes.


  • Added logic to handle scenarios where the MSAL SDK throws a auth_cancelled_by_sdk error.

  • Fixed issue where re-authentication can be dismissed when useSecondaryAuth is set to "none".

  • Updated the OIDC parsing of the user information to accept a 'string' version of the groups.

Release 4.8.31

Released November 2023


Various enhancements and fixes for MSAL. General fixes for reauth crashes. Additional languages supported.


  • Added an optional config option 'ignoreAccountChangeBroadcast' for MSAL. This will cause MSAL Auth to ignore change account broadcasts from MS Authenticator while using the InTune shared device mode.

  • Added logic to remove MSAL data files on logout and login.

  • Updated the refresh token logic to ensure it has the current session object.

  • Updated the PIN training logic to use the application context if the parent activity is not available.

  • Updated MSAL build to allow an Organization to configure the alternateResource to allow generation of a non-encrypted access token.

  • Added a check for null parent Activity, if null, use Activity "New Task" flag.

  • Updated MSAL build to use an internal forked version of MSAL 4.6.1.

  • Fixed logout issue when the Logout button is pressed on NFC reauth screen.

  • Masked potentially secure credentials in provider.

  • Reverted MSAL back to 4.6.1 due to issues discovered.

  • Updated MSAL controller to automatically restart login if cleanup of previous accounts is required.

  • Added try catches around key MSAL calls.

  • Removed debug logging of values in auth provider.

  • Added changes to support getting employeeId field.

  • Updated graph user info call to include employeeId attribute.

  • Updated the MSAL gradle file to upload IdP-MSAL AAR.

  • Various fixes for Reauth and MSAL crash.

  • Fixed issue where the reauth screen (PIN, NFC or barcode) intermittently gets dismissed on screen on.

  • Fixed issue where Auth crashes when MS authenticator throws an unknown_error code.

  • Changed the header layout for NFC, PIN and barcode to use left-aligned layout to account for translations.

  • Updated base manifest to include Android 13 requirement for Post notification permission.

  • Added info logging for additional information within MSAL login.

  • Added logic to request for a different access if alternateResource is set in the configuration.

  • Added alternateResource to success event.

  • Added gradle commands to upload IdP-OIDC-Azure AAR.

  • Added a change to force close the Chrome Custom Tab if the post logout redirect does not occur.

  • Fixed issue where credentials are not cleared if there is an error at the end of the logout process.

  • Added the ability for individual IdP to recognize/honor the 'Verify IdP' on Reauth setting. By default, Demo Auth does not honor the setting.

  • Added ability to use a browsable intent to launch Chrome's Custom Tab.

  • Added password into Demo Auth session for Staylinked testing.

  • Fix issue where alternating between barcode and PIN reauth causes a crash.

  • Fixed an issue where reauth text is colliding in smaller screen (MC93) devices.

  • Added additional error messages in LDAP auth.

  • Added localization support for fr-ca and es languages.

  • Updated the Crash Handler library to 3.0.1.

Release 4.8.9

Released July 28, 2023


Added support for remembering previous logged-in user, display password expiration and other fixes/performance improvements.


  • Fixed crash occurring after login on several scenarios.

  • Updated Support library for A11+ log uploads.

  • Updated MSAL Auth to be able to pass a login hint.

  • Lazy load Android keychain as needed to improve performance.

  • Capture last password set time to be able to calculate password expiration.

  • Added ability to cache the previous logged-in user, if enabled.

  • Updated to specify the client secret on the token refresh to get the device secret.

Release 4.8.0

Released June 22, 2023


Updated SDK for MSAL and support for BF Browser with MSAL.


  • If authorization_user_agent is set to browser, attempt to use BF Browser as preferred browser.

  • Updated to use MSAL SDK 4.6.1

Release 4.7.20

Released June 9, 2023


  • Updated the PFM Login to set the password field to a default setting.

Release 4.7.19

Released June 6, 2023


  • Updated Google OIDC Support.


  • Allow for setting the client_secret header during token request for Google OIDC.

  • Fixed logic to not overwrite the logout URL with what is returned from the wellknown API.

Release 4.7.16

Released May 25, 2023


  • Group handling updated in MSAL and added NFC logout.


  • Fixed MSAL group handling to support large number of groups.

  • Update to apply configuration setting limit_to_launcher_groups to MSAL auth.

  • Added capability to force a logout by tapping on pre-configured NFC tag.

Release 4.7.15

Released May 9, 2023


  • Bug fix for Auth crashing if useSecondaryAuth was set to none or if reauthentication training was skipped.

Release 4.7.14

Released April 26, 2023


Configurability of multiple LDAP connections, which avoids manually prepending domains to the username during login.


  • Added the ability to generate a unique JWT token when authenticating using LDAP for additional verification/security using a customer's own signing key.

  • Added the ability to use multiple LDAP connections and domains so that users do not need to enter their domains during login.

  • Added the ability to perform a Launcher "force logout" from a webpage using Javascript.

  • Added the ability to use the userId and username from the Azure access token if Graph API access is not available.

  • Implemented support for auth_default_group configuration setting when using the MSAL Auth.

Release 4.7.11

Released April 13, 2023


Users will now be redirected back to the application they were using previously after reauthentication verification.


  • Introduced secondaryAuthWhenScreenOff in settings, which will by default open the reauthentication screen during screen-off, allowing an application that was open before sleeping a device to still be displayed after reauthentication. This behavior also requires Launcher 3.19.4, and will require Draw Over permissions for Auth.

  • Added support for token response type when performing the authorization call in the OIDC flow (previously, only code response type was supported).

  • Updated ACS logout flow to use the same browser used during the login flow.

Release 4.6.3

Released March 17, 2023


Introduces LDAP version 4 and support for Chrome Custom Tab.


  • Upgraded LDAP Auth to version 4.

  • Added support for Chrome Custom Tab (CCT) implementation from other browsers (not limited to Chrome).

  • Updated MSAL Auth to limit groups to direct membership only (e.g. no transitive groups).

  • Added functionality to prevent user from tapping the Back button during reauth verification.

Release 4.5.14

Released February 10, 2023


Workaround to an MSAL issue where the Microsoft Graph directory object APIs fail on first token call after a reboot or install.

Release 4.5.12

Released January 27, 2023


Supports Azure MSAL login with Shared Device mode.


  • Implemented full support for Azure MSAL using InTune in Shared Device mode.

  • Fixed reauthentication issue for scenarios where PIN or NFC entry is not required.

Release 4.5.9

Released December 21, 2022


Bug fixes.


  • Fixed an issue where the maximum PIN attempt counter was not getting reset.

  • Fixed an issue with ACS login when using the BlueFletch Browser for authentication.

Release 4.5.4

Released November 30, 2022


  • Additional functionality to support Android 12.

Release 4.5.1

Released November 18, 2022


  • Bug fix to prevent a crash from occurring upon receiving an invalid configuration.

Release 4.4.1

Released September 14, 2022


Device secret is available for native SSO.


  • Added support for device_sso scope for Okta and made the Okta device secret available for apps to perform native SSO.

  • Added ability to perform a silent authorization with the IDP after reauthentication verification

Release 4.3.19

Released August 30, 2022


A major push forward for BlueFletch Authorization support, combining different flavors of OIDC applications into standard OIDC and Azure OIDC binaries.

Many features added, inlcuding support for mulitple secondary reauthorization paths and support for frictionless authorization.


  • Added missing EditBadgeActivity to Datawedge profile.

  • Fixed an issue with incorrect extra constant for PIN activity result.

  • Ensured that FastLoginController data is cleared out on initial login and login cleanup.

  • Refactored the Fast Login logic to be cleaner.

  • Created new controller specifically for Fast Login flow.

  • Moved Fast Login related logic into new Fast Login controller.

  • Updated ReauthController to disable alternate reauth if using Fast Login.

  • Updated central auth file names to better reflect contents.

  • Made GetPinActivity reusable via new GetPinController.

  • Added the ability to reset a badge via separate ResetBadgeActivity.

  • Added the ability to edit a badge.

  • Started logic to be able to switch reauth methods during training.

  • Added new configuration option 'alternateSecondaryAuth' which can either be NFC, PIN or face as an alternative to the useSecondaryAuth method.

  • Updated the build pipeline to build EMM versions for Demo, OIDC and OIDC-Azure.

  • Updated profile manager support for backward compatibility with Auth3.

  • Applied fixes for face recognition and ET5x barcode scanning.

  • Added check for face secondary auth in auth controller.

  • Created a Datawedge status listener in BarcodeAuthController to handle disconnect/connected status from ET5x scanners.

  • Added a fix for badge login on password change.

  • Added a check against persisted credentials before and after login in case the user had to update their password during login.

  • Added logic to prevent error message if password manager data is null/empty.

  • Moved timber.d log to prevent multiple getEncryptedCredential calls.

  • Added logic to allow customer defined applications to call SessionActivity. Must be specified in config extended attribute "authSessionClients".

  • Added support for Force Logout from the PIN Training UI.

  • Added additional logging to OIDC Post Callback activity.

  • Fixed code to set the parent activity during reauth processing.

  • Removed duplicate set of auth parent as not needed.

  • Reverted back to cleanupAndSendResponse with correct Force Logout action.

  • Refactored onVerificationCancelled to distinguish between a home/back press vs logout/cancel button tap during verify.

  • Reverted back initial force logout fixes as not needed.

  • Added support for new IdP that relies on an external/customer-built auth activity.

  • Added resolution check for external activity and added callback for errors.

  • Updated login-silent to always revert to regular login for external IdP.

  • Updated logic that when verification prompt is shown, user can hit cancel or logout, and then the Launcher will take action based on configuration setting.

  • Updated logic so that when verification prompt is shown and user taps back or home button, should revert back to Launcher lock screen.

  • Fixed verification cancel logic on NFC.

  • Fixed a crash on barcode verification due to unregistered scan receiver.

  • Updated code to match the cancel/logout button with the current theme, if present.

  • Applied changes to allow login via browser provider.

  • Made onLoginCancelled and onLoginFailure public to allow other activities to cancel auth.

  • Updated OIDC Auth to set the Session Location based on Config Site Id.

  • Created a new CredentialContentProvider for storing encrypted credentials.

  • Added AzureAD OIDC support.

  • Added logic to check for missing authorization configuration object to prevent exceptions.

  • Added a try / catch around the Theme fetching config logic, but still having issues on Android 11 with get provider info.

  • Added barcode to central auth login.

  • Added a barcode capability for reauth.

  • Moved CredentialProviderHelper and CryptoHelper to separate central auth provider module/aar.

  • Added a try catch back to BaseActivity get theme.

  • Fixed an issue where initialization vector is null during encryption.

  • Added face recognition support (must use version 1.5.+ of EMS Vision).

  • Fixed an issue where we need to return the reauth flag otherwise the Launcher's custom login intent keeps getting called on successful reauth.

  • Added try-catch around provider access in the helper.

  • Reimplemented the session activity for apps and Velocity.

  • Fixed PIN reauth cancel issues.

  • Changed provider to signature-level protection.

  • Fixed null pointer exception crash if epmConfig is not present in the configuration.

  • Fixed an issue where credential provider is not getting cleared on logout.

  • Added ability to use the keyboard on the PIN entry screens.

  • Updated build in an attempt to fix module resolution when using individual AARs.

  • Removed the NO_HISTORY flag to allow OidcAuthActivity to receive activity results.

Release 3.9.15

Released December 2, 2021


Quick start icons available on the Pin Code verification screen and MSAL fixes.


  • Updated logic to only do a silent auth on reauthentication, otherwise always force entering credentials.

  • Enhancement to display an icon for quick start application package (secondaryAuthQuickStartPackage) on the Pin verification screen and use the the quick start icon (secondaryAuthQuickStartIcon) if supplied.

Release 3.9.12

Released October 27, 2021


Updates for LDAP authentication.


  • Added support for config replacement for LDAP host and domain.

  • Added support for switching domains if username contains domain notation, e.g. DOMAIN\username.

Release 3.9.10

Released October 20, 2021


Various bug fixes within the PIN Training UI when rendered within landscape orientation.


  • Updated APK to use the new Crash Handler version.

  • Added logic to clear Okta and AppAuth preferences on logout.

  • Removed the dialog theme option on the PIN Training UI.

  • Added a method to allow custom auth to define it's own OAuth2 configurations.

  • Fixed an issue with Face Reauth where it was not getting triggered during re-authentication flow because of missing reauth data.

  • Updated the App Auth Library, removing portrait orientation settings.

  • Fixed bug so that during user re-authentication, if the user has not set a PIN code, then user is forced to the login UI.

Release 3.8.35

Released September 1, 2021


Additional logging within Token Refresh, updates to language translations, and various bug fixes.


  • Added additional checks in checkForSecondaryAuthFlow function to ensure auth data is provided in the current session.

  • Added EMS exception handler library to report errors to Support Dashboard.

  • Updated translations.

  • Ensured the package version is reported in the device logs, not just the AAR version.

  • Added error log for unable to load banner image, and added permission request for read external storage.

  • Added Addtional Token Refresh logging.

Release 3.8.28

Released August 25, 2021


Changes around Profile Manager and Reporting.


  • Removed setupProfileManager in login flow. Now for ACS/PFM login, must declare it in launcher.json as a custom intent.

  • Updated builds to use latest support library that fixes Android 10 log reporting via device Id.

Release 3.8.26

Released June 24, 2021


Changes around Profile Manager and OKTA.


  • Fix pin screen layout when using on smaller landscape devices

  • Adjust PFM token refresh to -15 minutes prior to expiration (instead of -5 minutes)

  • Add additional delays between Okta, PFM logout broadcast and ACS browser logout to help ensure ACS/keycloak cookies are cleared out

Release 3.8.18

Released April 27, 2021


Changes around Profile Manager and OKTA.


  • Attempt to retry when Chrome Custom Tab hangs when calling PFM/ACS authorize

  • Cleanup Pin/NFC training/verification flow

Release 3.8.9

Released April 8, 2021


Changes around logout from Profile Manager and OKTA.


  • Added application version to the log file.

  • Changed the ACS Refresh timer flow, fixed the building of the Pending intent

  • Added Notification to the ACS Refresh token service and made Sticky.

  • Updated OKTA Token refresh to NOT rebuild the session, but to update the Provider extended Attributes.

  • Within ACS Token refresh, logged out the condition where ACS Refresh token is not returned from ACS endpoint

  • Updated logic to NOT send a REFRESH Token message to launcher

  • Moved the ACS Auth Activity finish logic to the onPause method, in order to allow CCT to start up

  • Look for user information PARAMS, if there, add to the extended attributes

  • Adding new com.bluefletch.ems.auth://logout redirect url for Okta logout

  • Ensure that stopForeground applies to all OS versions.

  • Fix the HOME button press during PIN Training. Will now log the user out of current session if home button pressed during training and secondaryAuthRequired is true.

Release 3.8.8

Released April 7, 2021


Changes for closer integration with Zebra Profile Manager (PFM) during Login flow.


  • Changes to support BlueFletch Browser with PFM ACS login

  • Updates to build pipelines.

  • Fixed incorrect checking for null pfm_acs_browser config

  • Use the browser specified during login to perform ACS profile manager authentication.

  • In the event the configuration changes, removes the auth browser shared preference.

  • Fixed issue where cancelled PIN training is resulting in previous session being reused if secondaryAuth is required.

  • Will call PFM logout first then call the logout URL if it is available.

  • Fixes issue on PFM logout where stored ID token was getting cleared before the logout occurred. General logic cleanup, will now logout PFM before clearing ACS cookies.

  • Prevents auth crashing if specified browser is not installed (falls back to CCT).

  • Added self-contained token refresh alarm and service for PFM's ACS server.

  • Added a default refresh timeout of 45 minutes, and changed to perform refresh 15 minutes from expiration.

Release 3.8.4

Released February 24, 2021


Changes for closer integration with Zebra Profile Manager (PFM) during Login flow.

Release 3.8.0

Released February 22, 2021


Fixes for screen rotation within AppAuth, and updates to formatting of PIN/NFC when in landscape.

Release 3.7.0

Released February 12, 2021


OKTA updates to session object.


  • If 'custom_fields' exist in OTKA user object, will place a copy in the Session Objects Extended Attributes

Release 3.6.2

Released February 11, 2021


PIN code enhancements


  • Set a fixed # of PIN digits

  • Prevent usage of more than 3 consecutive digits

  • Prevent usage of more than 3 sequential digits

  • Prevent usage of PINs that belong in a user configured comma-delimited list.

  • Forcibly log out currently logged in user if # of maximum PIN retries were exceeded.

Release 3.5.1

Released January 13, 2021


Bug Fixes related to OKTA Token refresh and improved Profile manager integration.


  • During logout of LOCAL ADMIN, OKTA Logout is not completing. As not logged into OKTA, logout logic is now bypassed.

  • Launcher properly notified of OKTA Refresh token update.

  • OKTA code to allow login by authenticating directly with Profile Manager ACS server.

Release 3.4.7

Released December 2020


Bug Fixes


  • Fixes issue with Okta error message on logout

  • Fixes issue where PIN entry fails using a different language

  • Okta groups now supported within the AppAuth module

Release 3.4.1

Released December 2020


Support for Zebra Profile Manager integration.


  • Per Launcher configuration setting, upon login or logout, will notify Zebra Profile Manager of action.

  • Fix for auto token refresh.

  • Fix for OKTA Session Auth when only one multi factor auth requirement option is available.

  • Support for Android 10 Device Id.

Release 3.3.6

Released November 2020


Common logging support and start of Internationalization.


  • Internationalization for Auth apk

  • Update German translations from external review

  • Passing the cookie retrieved from login

  • Okta Session support for Multi Factor auth question, sms, okta verify

  • Passing of Access Token to Profile Manager

  • Fix Okta auth setting within Pref utils, to support Profile Manager

Release 3.2.2

Released September 8, 2020


NFC as secondary authentication, MSAL fix


  • Officially supports NFC tags as secondary auth, useSecondaryAuth="nfc"

  • Fix issue for MSAL auth in Android 9 devices preventing logout/cleanup.

Release 3.1.2

Released August 30, 2020


Pin changes, MSAL and OAuth2 Enhancements/Fixes, UI improvements, BF Browser support, Logging


  • Changed MSAL token generation to allow third party signature validation

  • Updated MSAL to use $top parameter to retrieve large group memberships

  • Secondary Auth may now be set to required

  • Fixes group retrieval for some LDAP configurations

  • Add option to perform a logout if the user cancels the secondary auth training.

  • Add option to change the minimum pin length (minimum of 4, default of 6).

  • Pin pad now follows the font style and light/dark theme set in the configuration

  • Fix AppAuth issue where user receives an invalid code error if the user cancels the secondary auth pin creation screen.

  • Fix AppAuth issue where the user is not prompted to re-enter credentials if they cancel the pin reauth screen.

  • Added configuration option to use BF Browser instead of CCT

Release 3.0.3

Released June 23, 2020


Custom CA support, support for https redirect, Android X, bug fixes


  • OAuth2 auth changes to support use of a self-signed/custom CA user certificate installed on the device

  • Ability to support https callback redirect URL (for some IdPs that require https protocol)

  • Fixes for losing pin credentials in some scenarios when using Okta auth

  • Upgraded code to use Android X libraries

Release 1.8.1

Released March 30, 2020


Null pointer checks during Secondary Authorization flow


  • Null pointer checks during Secondary Authorization flow

Release 1.7.1

Released February 20, 2020


OKTA Pie Bug fix.


  • Tweaks to OTKTA Auth check on PIE OS

  • Logic checks when starting the service broker

Release 1.6.2

Released February 18, 2020


Enhancements to PIN secondary auth functionality and bug fixes.


  • PIN Re-authentication now does not require a separate binary, and is now built into the base Auth apk.

  • Set minimum pin entry to 6 digits.

  • Fixes issue where LDAP Auth would crash if no groups were returned.

  • Fixes for OKTA Groups within OKTA Rest.

  • Android 9 foreground service fix

Release 1.4.3

Released January 22, 2020


Builds for OKTA Rest APK's now going to production. After OKTA Logout, go to HOME Launcher.


  • Start building OKTA REST Auth Clients. Our pipeline has been building them, but we have been removing prior to deploying to GCP.

  • Use correct logout function for demo auth.

  • After Logout, force to go to HOME launcher

Release 1.3.7

Released December 2, 2019


Added Force Logout support for OKTA logouts. This is to ensure clearing the cookies within Chrome.


  • Force OKTA logout URL Support

  • Added a Flag to stop onResume processing during LOGOUT Tab display

Release 1.3.5

Released November 19, 2019


Changes to the Session Token Refresh logic and updates to OKTA Auth, including warming up the Custom Tab browser for quicker logoff.


  • Updated the app icons

  • Support for new OAUTH field within Session object

  • Hide the OKTA logout page

  • Modified the code to WARM UP the Chrome tab browser.

  • Updated logic to warm up the browser before logout. seems to fix the display of the error message

  • Additional changes for Session Token Refresh

Release 1.2.1

Released November 5, 2019


Additional changes for Session Activity.


  • Changed Session activity to better support Velocity

  • If an Error dialog is being displayed, do not attempt to display another one

Release 1.1.4

Released November 5, 2019


Updates to the Session Activity and UI / Theming changes.


  • Changed Session activity to better support Velocity

  • If an Error dialog is being displayed, do not attempt to display another one

  • Updated the OKTA Rest Logic to allow for Overriding Client Info via Config or * Strings in custom APK's

  • Updated logic to make startLogin abstract.

  • Added providerSettingsAvailable method that needs implemented. Have changed all the auth providers to implment providerSettingsAvailable

  • More UI tweaks. Default Login input text now follows accent color, and can use new transparent/wallpaper functionality from Launcher.

  • Fixed NFC background issue. added error message dialog within one Login update positioning of alert. changed text

  • When detecting an Error condition within OKTA / ONE LOGIN, display a message

  • Removed NFC Background

  • Added ROLE logic

  • For Okta, display a default background if not provided from new launcher

  • Added new Session Activity. Purpose is to allow for getting the Session Data from the start Activity for Result.

  • Fixed Background and Banner display

  • Updated logic and added new Logo Image. fixed display of the logo

  • OKTA Cache busting logic on User info

Release 1.0.60

Released October 8, 2019


Initial release of ADFS support


  • Removed the Configuration setting overrides within the AUTH logic.

  • Added Store Manager login . store, stpass

  • Initial check-in for using ADAL on ADFS 3.0

  • Added a way to default the Domain

  • Fixed issue where user taps on home button to cancel

  • Added trust all SSL option for LDAP authentication; updated to newer unboundid ldap sdk.

  • Added support for new Auth settings

  • Added backward compatibility for ADAL with older launchers.

Release 1.0.57

Released August 7, 2019


Fix for building User Session Groups.


  • Changed the comma to a BAR, which is what Launcher is looking for in the groups separation

Last updated