• Added license information to the admin dashboard.
  • Created the users import feature.
  • Created custom skins for the mobile authenticator app configurable via the backoffice.
  • IDS integration with LBFraud.
  • Improved the visual aspect and UX of the dashboard.
  • Improved the visual aspect and UX of the authenticator app.



  • LBAuth API errors format standarization.
  • Improved the security of the storage in Android and iOS authenticator.
  • Made the HTTP-MFA naming case insensitive.
  • Invalidated the old token when the API KEY of your account has been recovered as a security measure.
  • Email is now considered case insensitive.
  • Improved the safezone definition and creation requirements.
  • Removed unnecesary API endpoints to reduce the attack surface.
  • Improved the DEX OIDC login page style.


  • Removed duplicated HTTP code return making the API unstable in some endpoints.
  • Removed the possibility to create duplicated keys in some circunstances.
  • Improved the database requests when requesting by external ID in the services as it wasn’t optimized.



  • Internal routing middlewares security improvement.
  • Improved the performance and feel of the Dashboard timeline.
  • Improved the access creation interface.
  • Fixed the dashboard interface as it was showing the service alias instead the proper external ID.
  • The authenticator application is now able to check for connectivity between the Backend and itself.