August 2024 - Release Notes

Workflow

SSO Login Behaviour Change

We are happy to share that we have updated the SSO login behaviour to deliver a more streamlined experience.

Current Behaviour

Regardless of SSO setting, users are taken to the Checkbox login page. Once the user enters an email and presses “Next” a SSO login process may be initiated depending on whether customer account and user email domain matches SSO settings.

New Behaviour

The new behaviour differs based on the customer’s SSO settings. There are 3 configurations:

  1. No SSO settings or "Enable SSO but do not enforce": There should be no change. Users will still be taken to the Checkbox login page.
  2. "Enforce SSO for users within registered domains": For accounts that need both SSO and password login, users will see a “Redirecting to Single Sign-On in 3,2,1…” screen when clicking on a Checkbox link (if they are not already logged in). This screen will appear for 3 seconds and also has a “Login in password” button for users to click if required. If no action is taken, the user will be taken through the SSO login process. In most cases, where the user is already logged in on their SSO provider (e.g. Azure, Okta, etc.), then the user will be automatically logged into Checkbox with no manual intervention required.
  3. "Enable and enforce SSO for all users": For accounts enforcing SSO, users will not see the “Redirecting to Single Sign-On in 3,2,1…” screen. All users will automatically go through the SSO login process.

For the new Mixed SSO and Enforced SSO login flows to work, customers need to have a custom subdomain e.g. customer.checkbox.ai. If no subdomain is setup, then the login flow will be the old behaviour (i.e. user taken to the generic Checkbox login page).

If you do not have a subdomain setup but would like to take advantage of the new streamlined login process, please contact your CSM.

Under the new behaviour, logging out on Mixed and SAML accounts redirects back to the IDP portal which may log in the user again if they are still logged to SSO.

Navbar is now hidden on assessments created using the /create URL path

For assessment created via the /create path, the Checkbox navigation bar is now hidden to avoid polluting the user interface and potentially creating confusion for the end user.

Bug Fixes

  • Fixed issue where user has permission to ViewAllUser but getting white page in User Management Page
  • Resolved issue around XML file uploads in self-serve SSO
  • Fixed issue where Double vertical scroll bar displayed in Chrome Browser
  • Fixed issue where WAIT not triggered on DocuSign completed status
  • Fixed issue where Internal Assessment Link Provided instead of External Assessment Link on PARALLEL block
  • Fixed issue where SSO not enforced properly for WORKFLOW approval
  • Fixed issue where user logged out if they log in via a second browser