authorizationbox:1getstarted:1whats_new

  

What's New

Every 2 weeks we update our Authorization Box with new features and bug fixes. On this page you have an overview of all updates based on our release notes.

All release notes are grouped below.

The Authorization Box was updated on 2022-09-26. Below You will find the most important changes:

Element connectionInfo added to response of GET database
The GET method of the Authorization Box WebAPI has been changed. The element connectionInfo has been added to the response body.

Authorization for the Object Explorer
The Object Explorer has been added to the roles for the function profiles so You can authorize users for the Object Explorer.

Approval request for organization role can not be approved
Existing approval requests for organization roles could not be approved after they were changed by an import. You could press the button Approve, but nothing would happen. This has been fixed.

Number of linked organization roles is incorrect
The number of linked organization roles for a user was always set to 0 and did not show the correct amount of linked roles. This has been fixed.

Export of permission reviews incomplete
The export of the permission reviews (part of the monitoring module) contained less records than visible on screen. This defect has been fixed.

Wrong presentation of column Name for reviews with a description
When You review a critical permission You can enter a description. For reviews with a description the column Name would show the value for column Description in the overview of reviews. This problem has been resolved.

Some permission sets are not shown correctly within the Object Monitor
The issue has been resolved where permission sets were not shown correctly from within the Object Explorer if they were of the type System. Also the type of permission set is displayed correctly now. Before, all permission sets were typed as System.

The Authorization Box was updated on 2022-09-13. Below You will find the most important changes:

Export functionality for approval groups
As part of the Export menu the backup and import functionality for approval groups has been added.

Export functionality for approvers
As part of the Export menu the backup and import functionality for approvers has been added.

Export functionality for pre and post actions
As part of the Export menu the backup and import functionality for pre and post actions has been added.

The Authorization Box was updated on 2022-08-30. Below You will find the most important changes:

Selecting a template while typing
When adding a new authorization template to an organization role You can now use “search as you type” so it is easier to select a template.

Activate or deactivate a user without an authorization request
When You want to activate or deactivate a user You need to create an authorization request. When a user has no organization role assigned and You try to process the request/send an approval request You get the error “You didn't select an organization role to process.”

An exception has been created so You can activate or deactivate a user when no authorization Role has been assigned. You don't need to send an approval request and You can simply process the changes.

Option to change the user in an authorization request has been removed
The option to change the user in an authorization request has been removed. The reason for this is that the option didn't work properly and that most users experienced its functionality as unclear.

Selectlist for templates has been expanded
When adding a template to an organization role, You make use of a selectlist to select the template. This selectlist has been expanded. Previously only the Template Description was shown, but now the Table ID and the Table Name have been added to the list.

Performance of loading table items has been improved
When adding or changing a template the table items are loaded into cache and are kept there longer so the overall performance has been improved. This should be noticeable when adding of changing multiple templates or master templates.

Authorization requests couldn't be processed
The processing of an authorization request didn't work when no approval was required. This has been fixed.

Wrong presentation of column Critical Permission Name
Only concerns Dynamics AX. The overview of Analysis Results Critical Permissions shows the User Name in the column for the Critical Permission Name. This has been fixed.

The Authorization Box was updated every two weeks on Tuesday. During this period, the main focus was on technical migrations and performance improvements. Furthermore we've introduced the possibility of OData. See below other items we've addressed:

  1. Authorization Management: improved the approval experience;
  2. Authorization Monitoring: improved the evaluation functionality;
  3. Backend: improved error handling and performance.

The Authorization Box was updated every two weeks on Tuesday. During this period, the main focus was on technical migrations and performance improvements. Furthermore we've introduced the possibility of approval groups and central framework mangement (please contact us if you have questions about that). See below other items we've addressed:

  1. Authorization Management: improved the authorization request flow and added fields and functionality for better user experience;
  2. Authorization Monitoring: fixed bugs regarding the analysis functionality;
  3. Microservices: improved the authorization processing functionality and import functionality.


The Authorization Box was updated on Tuesday morning November 9. The past few weeks we have been busy with technical improvements and a new module of which more later. Below you will find the main points delivered:

Export Critical Permission Analysis Results:
The Export button on the Analysis Results Critical Permissions page was not active. This has been adjusted so that the results can now be exported again.

Unknown Permission Sets:
Users in Business Central may have Permission Sets that no longer exist in that environment. These permissions were not removed when synchronizing from the Authorization Box. This has now been changed to remove the permissions not associated with the assigned organizational role. This is only the case if the setting 'Overwrite Current Permissions' applies.

Error processing template in multi-tenant environment:
An error arose when assigning an organizational role and processing the associated template data. The problem has been resolved.

Agree Configuration:
As soon as an organizational role has been linked to a Critical Permission, the results associated with the relevant organizational role must receive the review ‘Agree Configuration' in a new analysis. This didn't always happen. The problem has been resolved.en.


The Authorization Box was updated on Tuesday morning October 12. Below you will find the most important points:

Export Organization Chart including unknown permission sets:
The organization chart can be exported via Export structure. All permission sets are visible in the permission sets Excel sheet. Previously you only saw the permission sets that are also present in Dynamics. Now you also see the sets that are no longer known but that are linked to an organizational role in the Authorization Box. In Excel, the permission sets can be unlinked by replacing x with a – or by removing the x. Via the option Import permission sets per organization role, the sets that are no longer known can be processed and therefore removed from the various organization roles in the Authorization Box.

Removed database connection still counts in number of databases:
The moment a database connection is removed, it should no longer be counted in the number of applied databases. This was the case, but has now been corrected.

Error not selecting review:
If the review was not selected when assessing an analysis result, an error message was generated. The problem has been resolved.

Sorting reviews monitoring:
The sorting of the reviews has been adjusted. Most recent review is now at the top.

The Authorization Box was updated on Tuesday morning September 28. Below you will find the most important points:

Search option permission set:
On the user, the 'Search' option has been added for the permission sets section. This allows you to quickly check whether a user has a certain permission set.

Error updating web services 2016 connection:
Refreshing the web services from the Authorization Box for a 2016 environment gave an error. The problem has been resolved.

Navigate permission set SUPER from an organization role from BC18:
With a Business Central 18 connection, the permissions for the permission set SUPER were not shown when navigating from an organization role. This has been resolved.

Export organizational structure does not show link to SUPER permission set from BC18:
When exporting the Organization Chart, the Permission Set sheet did not show which organization role the permission set SUPER is associated with. This has been resolved.

Analysis details shows object info at organization role:
When assessing an analysis result on a user, the system showed object information for an organizational role. That is incorrect, this is now only displayed with a permission set.

The Authorization Box was updated on Tuesday morning September 14. Below you will find the most important points:

Attribute Specific approvers authorization requests:
The Specific approvers authorization requests attribute on an organization role has been removed. You can still set a specific approver on an organization role. The feature had no added value here.

Object 0 if object is not selected:
When adding an object for a permission set from the Authorization Box, the system returned a 0 object if nothing had been selected. This was not correct. The system now gives a message that an object must be selected.

Filter by number of analysis results AX:
It was not possible to filter within the analysis results AX connection. This has now been added. The system also filters from a critical permission if you click through on the number of analysis.

Create new AX connection:
When creating a new connection, the correct synchronization tasks are automatically created based on the customer profile.

Reviews of analysis result AX not linked:
The review on an AX analysis result was not linked, so that it was not visible. This problem is solved.

Error when assessing conflict in AX connection:
An error message arose when assessing an analysis result on an AX connection. This has been resolved.

The Authorization Box was updated on Tuesday morning August 31. Below you will find the most important points:

Object name object id 0:
An object name is now also displayed for object 0 under the Objects tab in the review screen. This depends on the type, so for example the object name 'All objects of type Table data'. The sorting has also been adjusted here so that it is sorted first by type and then by id.

Unknown permission sets:
If a permission set is included within the Authorization Box that does not exist in Dynamics/BC, then 'Unknown' is now displayed in the name. This may apply when linking to an organization role, permission set group, or as an excluded permission set monitoring setting.

Critical Permission sorting now defaults to Name:
Previously, the critical privileges were sorted by the second column on the page by default. This column concerns the calculation of the risk. The Critical Permission with the highest risk was thus shown first. The sorting has been adjusted. Now sorting is done by the Name column by default. The advantage of this is that the sorting remains the same. If desired, the calculated risk (second column) can be sorted manually.

The Authorization Box was updated on Tuesday morning August 3. Below you will find the most important points:

Buttons on database connection:
The buttons on the database connection (connection details) have been modified. The actions synchronize all, restore webservices, connector log files and test connection are located under the Database button.

Error requesting permission sets:
An error could occur when requesting the permission sets. The error has been resolved.

SUPER within BC18:
Within a Dynamics 365 Business Central 18 connection, some adjustments have been made so that the permission set SUPER is also correctly processed for the user.

System authorization with extension BC18:
When navigating on a permission set type system with extension (BC18), the associated objects were not displayed. The problem has been resolved.

Optimization synchronization log:
The synchronization log has been optimized so that the data is displayed faster.

The Authorization Box was updated on Tuesday morning July 20. Below you will find the most important points:

Import backup organization structure takes into account app ID and scope:
The import of the organization structure from the backup functionality now also checks for app ID and scope. The combination of the permission set, app ID, and scope is decisive. This allows the same permission set to be associated with an organization role multiple times. The app ID or scope will therefore have to be different.

Continuous Monitoring notification:
Within the Continuous Monitoring functionality, the notification of changes within the authorizations was sent twice. This was incorrect and has been corrected.

To review analysis result:
It could happen that an analysis result had to be reviewed if the user had also been given the right within another company. This was incorrect and has been corrected.

Checks on imports from Organization Chart:
The checks when importing the data were not always correct. The system could indicate, for example, that a business group did not exist when it did. The controls have been adjusted.

Display permissions:
Only the option Yes or Indirect is now displayed within permissions (objects in permission set). If No, the field is not filled.

The Authorization Box was updated on Tuesday morning July 6. Below you will find the most important points:

Additional information permission sets:
Two columns have been added to the permission set overview:
- No. of linked users: Indicates the number of times the permission set has been linked to a user. A permission set can be linked multiple times with one user in combination with different companies.
- No of linked organizational roles: Returns the number of times the permission set has been included in an organization role. A permission set can also be linked to an organization role through a permission set group.

Additional information organization roles:
The following columns have been added to the organizational roles overview:
- No. of linked permission sets or groups: Returns the number of permission sets or permission set groups linked to the organization role.
- No. of linked users: Indicates the number of users who have been linked to the organizational role.
- No. of linked templates: Gives (if licensed) the number of linked templates.

Additional information users:
The following column has been added to the user overview:
- No. of linked organizational roles: Displays the number of organizational roles assigned to the user.

Error by reviewing conflict:
An error could arise when reviewing multiple analysis results conflicting critical permissions. This error has been resolved.

Execute on yes on linked object:
When linking an object to a critical permission, it could happen that the object type table data was set to Yes for execute rights. This was wrong and has now been corrected.

Notification if not set as approver:
In the Requests for approval screen, all approval requests are visible. The application can be reviewed via the eye. If you are not set as an approver for the relevant type, you will not be able to view this request. The system now gives a message, for example: You have not been created as an approver for requests of the type 'Assign authorizations'.

Link Dashboard Administrator:
When linking the dashboard, an error message could be displayed. The problem has been resolved.

Sort screen Request for approval:
The data in the Requests for approval screen is now sorted by Created on.

The Authorization Box was updated on Tuesday morning 8 June. Below you will find the most important points:

Manage permission set from the Authorization Box:
It was already possible to create a permission set from the Authorization box within the recording functionality. Now it is also possible from the permission sets overview. A new permission set can be created here via the 'New' button. The objects (permissions) can also be linked or edited to the set. In Dynamics NAV it is possible to create or change all sets of the type 'System'. Extensions cannot be modified. Within Business Central, only the sets of type 'User Defined' can be created or modified.

Notification:
When analyzing critical permissions it is desirable that the system provides a notification as soon as the analysis has been performed. This was no longer immediately visible by increasing the notification number. The problem has been resolved. The condition is that the notification setting is active.

Data when editing organization role in authorization request:
An organization role to be deleted can still be edited before requesting approval. The system did not show the correct data. This has been adjusted so that the correct data is now shown. Only the end date can be changed.

The Authorization Box was updated on Tuesday evening 25 May. Below you will find the most important points:

User data based on employee number:
With our module “User Templates”, templates can be set up for, among other things, creating and filling user-related data. For example, based on a template, the User Setup can be filled, the table Salespersons/Purchasers, Resource, etc. The data that the system uses for this can be specified in the authorization request under User data. Here you can also select the Employee number from the Dynamics/BC environment. After selection, the available fields of the Employee from Dynamics/BC are transferred to the Authorization Box.

Error adding subscriber Continuous Monitoring:
When adding a subscriber to a Critical Permission, the system returned an error if this user had not yet set any notifications. This issue has been resolved.

Copy Critical Permissions by default:
Under monitoring, Critical Permissions, our default configuration of Critical Permissions must be taken over by default via the Copy button. This no longer worked, but has now been restored.

The Authorization Box was updated on Tuesday morning 11 May. Below you will find the most important points:

End date mandatory when revoking an organizational role:
It was possible not to specify an end date when revoking an organization role. This has now been made mandatory.

Link organization role to critical permission:
When approving the analysis result by organization role, the system asks if you want to link the organization role. This must be performed with “Yes”. This did not happen, but has now been resolved.

Rejected Permission Sets Organization Role:
When an authorization request for an organization role is rejected, the new permission sets are given the status “Rejected”. After processing the organization role, these sets must be deleted. The system did not do this.

The Authorization Box was updated on Tuesday morning April 13. Below you will find the most important points:

Processing authorizations:
The processing of authorizations took a lot of time. Several adjustments have been made to fix the problem.

Deleted user sync:
The authorizations of users deleted in Dynamics are no longer synchronized. As a result, you will no longer see these users in the synchronization log.

Setting “Default Override Current Permission”:
The “Default Override Current Permission” setting was previously available under general, customer details. This setting has been moved to database level. You can now set this per database connection. The setting is adopted at user level. When changing the setting at the database level, the system asks whether this setting should be applied to all users.

Merge data for import users per organization role:
If, when importing users per organization role, multiple organization roles apply to one user, they will now be bundled into one authorization request. This was not the case.

Permission set and users:
All information must be available on the detail page of a permission set. Linked objects, users, organization roles, and permission set groups. Due to an error, nothing was displayed among users. This has been resolved.

Remove company from company group:
If a company is removed from a company group, this will have an impact on all users to which this company group. This was not implemented correctly in all cases. The problem has been resolved.

The Authorization Box was updated on Tuesday morning March 30. Below you will find the most important points:

Automatic logout:
You were not logged out automatically if there was no activity. This was not correct. After 30 minutes of inactivity, you will now be automatically logged out.
Did you know that you can also authenticate with Microsoft authentication? Contact us for more information.

Setting Dynamics connection disabled:
It has been made possible to disable a Dynamics connection. As a result, there is no unnecessary synchronization and no errors if, for example, the environment is not available. Switching off can be practical, for example, if a test environment is no longer used for testing authorizations.

Reject approval request:
An error arose when rejecting an approval request for a company group. This has been resolved.

Column layout Organization roles:
The order of the columns under the Organization Roles tab for a permission set has been adjusted. Now the name of the Organization Role is displayed first, followed by the Organization Chart.

Organizational Role Approvers:
The Approvers screen also contains the Organization Role column. This remained empty even if specific approvers have been set up for an organizational role. This has been adjusted. Specific approvers are set up on the organizational role itself.

The Authorization Box was updated on Tuesday morning March 16. Below you will find the most important points:

General:
The last sprint was dominated by solving various minor issues and the further development of the Authorization Box.

Notification when processing:
When processing a changed organization role, permission set group, business group, or authorization request, the system will now notify you that it is processed in the background and that you can see the result in the synchronization log.

Page Synchronization Log:
The synchronization log has been adjusted. It is now possible to set how many records you want to see and a Refresh button has been added to update the page with the latest data.

Link to database connection:
The notification for an error in the Dynamics connection contains a link to the Database connection. This link did not work. This has been resolved.

Company Group status:
When a company was removed from a group, it was given the status “Modified”. This was incorrect and has been changed to “To be removed”.

The Authorization Box was updated on Wednesday morning February 17. Below you will find the most important points:

Create NAV UP user via authorization request:
Creating a new user via an authorization request resulted in an error. This has been fixed.

Permission set object types:
Objects of type 14 and 15 can be linked to a permission set. Previously, this gave problems. This has been resolved.

Delete authorization request:
Authorization requests created through the import could not be deleted from the authorization request. The system reported that you were not authorized. This has been adjusted so that these new authorization requests can still be deleted.

Missing Dynamics User Message:
The system gave a message if the system could not synchronize a user because they are not present in Dynamics/BC. This notification was unnecessary and will no longer be sent.

Processing to Dynamics/BC:
With the February 2 release, processing to Dynamics/BC is performed in the background. In some situations this processing could take a lot of time. This has been optimized so that the data must be processed within minutes. You can see the status of this in the synchronization log under menu user management.

The Authorization Box was updated on Tuesday morning February 2. Below you will find the most important points:

Processing authorizations to Dynamics / BC:
When processing an authorization request, the permission sets associated with an organization role are also assigned to the user in Dynamics / BC. In the new situation, this processing is performed in the background. It is therefore possible that the result is not immediately visible in the Authorization Box. If changes have been processed, the system creates a synchronization log record. This shows the basis on which the synchronization took place (for example an authorization request) and for which user this was done.

Delete Authorization Request:
In the authorization requests list, the delete option is only available if the request has the status New or Canceled. It is also possible to delete the authorization request itself if it has the status New or Canceled.

Message when company group is deleted:
A business group can only be deleted if it is not in use. The system will check this and indicate in the message why the company group cannot be deleted.

Message when deleting permission set group:
A permission set group can only be deleted if it is not in use. The system will check for this and indicate in the message why the permission set group cannot be deleted.

Error removing objects from critical privilege:
When removing objects from a critical privilege, the system returned an error. The problem has been resolved.

The Authorization Box was updated on Tuesday morning, January 19. Below you will find the most important points:

Display Permission Sets & Columns:
On the page with all Permission Sets, the column names were shown in English with the language set to Dutch In addition, the permissions under a Permission Set were displayed incorrectly. This has now been resolved.

Error in backup Organization Chart:
Importing the Organization Chart resulted in error messages that prevented the Excel being processed. This has now been resolved.

Error message in “harmonica” after activating / deactivating user:
When a user was activated / deactivated, an error message was displayed in the processed authorization requests under the “harmonica” Organization Roles. This has been resolved.

Response notification Authorization Request:
The mail and notification that people receive after approving an Authorization request have now been adjusted.

Incorrect review screen, Conflicting Permissions:
Under the harmonica “Analysis Result Conflicting Critical Permission’ when clicking through the “Review eye”, user were redirected to incorrect review screens This has been resolved.

Delete Permission Set shown as “Change”:
When removing a Permission Set from an Organization Role, the request indicated that the Permission Set was modified instead of deleted. This is now shown as type “Delete”.

The Authorization Box was updated on Tuesday morning January 5. Below you will find the most important points:

Error message when cancelling authorization request:
The system returned an error when cancelling an authorization request. The error has been resolved.

No notification after import from organization chart:
As soon as the import of permissions per organization role or users per organization role has been processed, the system must provide a notification. This did not happen. The problem is solved.

Reject approval request:
Under the function profile of the Controller, an approval request could be rejected. However, this gave an authorization notice. The right has been added to the function profile.

Profile ID in request for approval:
An incorrect profile ID was displayed in the approval request. The problem has been resolved.

Dynamics change log entries:
Within the analysis results, the column “No. of change log entries” has been added. This information can be important for analysis results at user level. It indicates whether the user has made changes to the analyzed data in Dynamics. The functionality itself was already available in the Authorization Box and is now shown in more places.

The Authorization Box was updated on Tuesday morning, December 15. Below you will find the most important points:

Incorrect display when deactivating user:
When a user was deactivated, the tick ‘Activated in Dynamics’ was not removed in the user overview. The user card did show that the user was deactivated. The incorrect display in the overview has now been adjusted.

Fixes for Critical Permissions:
An error message was displayed when saving Critical Permissions. In addition, it was not possible to review multiple Critical Permissions at the same time. These issues have now been resolved.

Conflict results:
Clicking the Conflict results brought up a blank screen without showing the results. This has now been resolved.

Incorrect Organization Role display:
When clicking through to an Organization Role in an authorization request, the screen of the Organization Role was displayed incorrectly. This has now been resolved.

Adjustment notification processing Organization Chart:
When importing the Organization Chart ‘Users per Organization Role’ the notification message was given that Permission Sets have been assigned or revoked. Instead of Permission Sets, Organization Roles had to be shown. This has now been adjusted.

The Authorization Box was updated on Tuesday morning December 1. Below you will find the most important points:

Deactivate / activate data user:
A user can be deactivated from the Authorization Box where a date from and a date until can be specified. This data was not reflected in the approval request. This has been adjusted. The same goes for activating a user.

Controller function profile:
The function profile of a controller in the Authorization Box was incorrect. In the approval request was not all the information visible. This has been resolved.

Review date filter:
Analysis results can be reviewed. The reviews can be found in the menu Monitoring, Reviews. It is possible filter the reviews by date (from).

Use web services for data in BC365 cloud environment:
The setting “Use web services for data” in a database connection with a BC16 / BC17 environment gave an error. This bug has been resolved.

The Authorization Box was updated on Tuesday morning November 17. Below you will find the most important points:

Authorization request for Windows User:
Creating an authorization request for a new user by selecting the Windows user went wrong. The request that was created could not be mutated. The problem has been resolved.

Profile ID not visible on organization role:
Within the organization role overview, the linked Profile ID was neatly displayed. On the organization role details the field was empty. This display issue has been resolved.

Analysis result organizational role:
If an object to be analyzed was linked to an organization role via a permission set group, the organization role was not included in the analysis result. This bug has been fixed.

UNKNOWN in change log entry:
The description of the change log entries sometimes contained the text UNKNOWN. The problem has been resolved.

Notifications and email:
The notification and email for an approval request and response for an adjustment to an organizational role is supplemented with the department under which the organizational role falls.

The Authorization Box was updated on Tuesday morning November 3. Below you will find the most important points:

Open last message:
The number of unread messages is shown at the top right next to the envelope. All messages are opened via “Read All Messages”. This screen did not immediately display the most recent message. This has been restored.

Continuous Monitoring:
With Continuous Monitoring you can be kept informed by the system of changes within authorizations. Technical improvements have been made within this module.

Error opening user:
An error could occur when clicking through to the user. The problem has been resolved.

Approval request information:
Changes to an organization role may require approval depending on the approval settings. However, the changes were not shown in all cases in the approval request. This has been adjusted so that the changes are shown based on the change log entries.

Export Processed Authorization Requests:
After selecting processed authorization requests, they must be exportable. A blank screen was shown for this action. The bug has been fixed so that now the export works.

Permission Set Status in Organization Role:
When a permission set was deleted in an organization role, it was given the status “Changed”. This was incorrect and has now been changed back to “To be deleted”.

Date / time in changes:
The time in the changes shown on an approval request was two hours behind. The problem has been resolved.

The Authorization Box was updated on Tuesday morning October 20.Below you will find the most important points:

Help Authorization Box:
Via your e-mail address (top right) and then Help, you can navigate to the online help of the Authorization Box. We have updated the 2-Control Online Software Help and it is now written in DokuWiki.

Responses within processed requests:
Within the processed authorization request, we have added a Responses (approval entries) tab. Below this tab you can see which user has approved the authorization request, if applicable.

Screen Record Permission Set:
Within the screen with the recording parameters, we have made a number of improvements so that it is only possible to start a recording after everything has been set correctly.

Navigate by organization role:
When navigating an organization role from the user or an authorization request, the correct screen was not displayed. The problem has been resolved.

  • authorizationbox/1getstarted/1whats_new.txt
  • Last modified: 2022/09/26 15:46
  • by jan