1.34.4197
Release date | 2024-11-08
Always backup the Zervicepoint database before upgrading! If you experience an installation failure you must restore the database before continuing.
This release includes changes to ADFS that make Audience validation more stringent. If you are using ADFS as an Identity Provider, you may need to update your configuration. For more details, see the ADFS section below.
New features and changes
Short description displayed on service tiles in UserWeb
You can now add a customizable short description below each service title.
Add name and identifier table to JavaScript modal
When editing JavaScript in the forms editor you can now see an overview of all the fields in the form, including their names and identifiers.
Custom filtering on service variable in Order Manager
We've added a new feature in the Order Manager that allows you to display service variables directly in the orders list. This makes it possible to view specific variable values, such as EmployeeEmail in the example below, at a glance when reviewing orders.
Ability to change position of description for form fields
Admins can now set the position of descriptions for form fields in AdminWeb, with the option to display them above or below fields in UserWeb.
AdminWeb
UserWeb
Below is an example of how descriptions are displayed with this setting enabled, followed by an example of the description displayed above the field when this setting is disabled.
ADFS login without public access to FederationMetadata.xml
We have enhanced the WSFederation authentication configuration to enable ADFS login without requiring access to the public FederationMetadata.xml document. This update allows administrators to manually configure verification keys when the metadata document is not accessible or provided by the Identity Provider (IdP).
For detailed instructions on configuring these settings, please refer to the ADFS setup guide in the Single Server Setup section of the Zervicepoint documentation.
ADFS Configuration Changes
In this release, we've strengthened the ADFS configuration by enforcing stricter SAML Audience validation. This enhancement increases security by ensuring an exact match for the Audience URI in the SAML token with the configured Audience URI in Zervicepoint, including any trailing slashes.
If the Audience URI in the SAML token does not precisely match the configured Audience URI in Zervicepoint, login attempts will fail. You can verify this by trying to log in to Zervicepoint, if the Audience URI does not match, you will be shown a 500 error page.
To configure the Audience URI in Zervicepoint, refer to the database entry at ConfigurationSystem.GlobalSettings -> FederationRealm. You have two options to ensure alignment with ADFS:
-
Compare with ADFS Configuration: Confirm that the Audience URI in Zervicepoint matches the Audience URI specified in the ADFS Relying Party Trust configuration.
-
Verify Directly from SAML Token: Alternatively, you can inspect the Audience URI directly from the SAML token. To do this, install the SAML-tracer extension in Chrome, navigate to your Zervicepoint portal, and use SAML-tracer to capture the SAML token. In the token's XML structure, locate the Audience element to confirm the exact Audience URI.
Issues corrected
| Issue key | Summary |
|---|---|
| ZSD-5504 | Enabling / disabling TaskActivity in workflow editor does not trigger state change for save button |
| ZSD-5505 | Restrict IsHtml variable in SendEmailActivity to Boolean |
| ZSD-5524 | Mismatch of versions for System.ValueTuple |
| ZSD-5557 | Self-host moment.min.js instead of relying on CDN |
| ZSD-5562 | Missing NewsSection and erroneous parsing of Service block in PowerShell Module |
| ZSD-5563 | Unclear error thrown in provisioning inventory service when duplicate provider names exist |
Known issues
This section provides information about issues with Zervicepoint that were known at the time of writing this document. These issues may not appear in the product documentation, and in some cases may contradict existing product documentation. Whenever possible, these issues will be addressed in later releases.
| Issue key | Summary |
|---|---|
| ZSD-4410 | Hard to read Read Only text in mobile view |
| ZSD-4723 | Posting a dropdown bound to variable to the same form in a task will result in an additional null,null option in the dropdown |
| ZSD-5186 | Central Data sources can't be selected in a Table Page |
| ZSD-5187 | Clicking on "more details" on central provider/data source results in a 500 error page |
| ZSD-5236 | End workflow activity leaves approvals and tasks active |
| ZSD-5329 | Dynamic dropdown returning objects causes DOM destruction |