RSA January 2026 Release Announcements
a month ago

Cloud Access Service Updates

The following subsections outline the new and enhanced features of the Cloud Access Service (CAS).

 

Support for Signing Both SAML Response and Assertion in CAS

CAS now supports signing both the entire SAML response and the assertion within the response, enabling integration with protected resources that require dual-signature SAML validation. To enable this capability for My Page SSO or a relying party application, add a new application or edit an existing application in the Cloud Administration Console. In the SAML Response Protection section, select IdP signs entire SAML response and assertion within response.

 

FIDO Registration API Transaction ID Support

The FIDO Registration API now includes a Transaction ID, which is also captured in the corresponding user audit events. This enhancement improves visibility and traceability of FIDO registration activities. To view the Transaction ID in user audit logs, go to Cloud Administration Console > Users > User Event Monitor.

 

Identity Router REST API Configuration Network Zone Enhancements

You can now configure the Identity Router REST API in CAS with updated network zone settings, giving you more flexibility, consistency, and future-ready policy and configuration management. To select a network zone, go to Cloud Administration Console > My Account Administrators, click Add an Administrator, and select a Network Zone in the API Configuration section.

 

Network Zone Support in Policies

You can now configure policies using network zone, replacing the legacy Trusted Network attribute to provide enhanced security and greater control. This update streamlines policy management and future-proofs access controls by enabling seamless migration and deprecation of outdated attributes. To set the Network Zone attribute, go to the Cloud Administration Console, create a new policy or edit an existing one, and in the Rule Sets section, choose Network Zone attribute from the Authentication Condition list. 

 

RADIUS Clients Report Now on RADIUS Page

The RADIUS Clients Report is now available on the RADIUS page, providing you with improved visibility into configured RADIUS clients and simplifying monitoring and management. To download the CSV report, go to Cloud Administration Console > Authentication Clients RADIUS.

 

Identity Router (IDR) 12.24.0.0.10 Now Available

The IDR 12.24.0.0.10 release is now available. We recommend that all customers upgrade to this version.

Note: The Identity Router appliance runtime has been upgraded from Java 8 to Java 11 to align with current long-term support standards and enhance security. 

 

Identity Router Update Schedule and Versions

Identity routers will be updated according to the following schedule. Downloading the new identity router image when you deploy new identity routers ensures that you benefit from the latest security improvements.

 

DateDescription

ANZ: February 2, 2026  

CND/ SGP: February 3, 2026  

EU/ JPN : February 4, 2026 

US/ GOV/ IN: February 5, 2026  

Updated identity router software is available to all customers.
Default: Saturday, March 14, 2026 Default date when identity routers are scheduled to automatically update to the new version unless you modify the update schedule or update manually.
Last: Saturday, April 11, 2026 

If you postponed the default date, this is the last day when updates can be performed.

 

Subscribe to status.securid.com for the Cloud Access Service Status Updates

For information about all service incidents and scheduled maintenance windows for the Cloud Access Service, subscribe to https://status.securid.com.

 

Coming Soon 

RSA Authenticator 4.7 for iOS and Android (January-February)

  • Redesigned notification experience providing users with more consistent and clearer presentation of information.
  • Improved security by requiring biometric or device password authentication when registering new Cloud credentials.
    • This only applies to Cloud credentials, not to Authentication Manager (AM)-based credentials.

For further details, see : https://community.rsa.com/s/article/Coming-Soon-RSA-Authenticator-4-7-for-iOS-and-Android.

  • FIPS 140-3 certified cryptographic modules
  • Proximity detection and offline QR code authentication support for passwordless methods with forthcoming versions of RSA Agents.

 

RSA Authentication Manager V8.9 (January)

  • Administrator SDK qualified with JDK 11 and JDK 17
  • BSAFE 7 upgrade (FIPS 140-3 certified)
  • RSA Agent passwordless authentication methods support when deployed in AM /CAS hybrid mode

 

RSA MFA Agent V2.1 for macOS (January)

  • Passwordless authentication methods are supported in AM/CAS hybrid mode through the RSA MFA Agent for macOS, enabling seamless passwordless authentication across hybrid deployments. 
    • This requires RSA Authenticator V4.7 for iOS and Android.
  • Support for FIDO2 security keys is now available.
    • Users can now use FIDO2 security keys for passwordless authentication.

 

RSA MFA Agent V2.5 for Windows (February)

  • Native offline QR code–based passwordless authentication will enable users to authenticate without network connectivity or OTP entry; this will require RSA Authenticator v4.7 for iOS and Android.
  • Passwordless authentication methods will be supported in AM/CAS Hybrid Mode via the RSA MFA Agent for Windows, enabling seamless passwordless authentication across hybrid deployments.
    • This will require RSA Authentication Manager 8.9.
  • Configurable proximity checks will strengthen passwordless authentication by adding an extra layer of security, ensuring access is granted only when the authenticator is activated near the device.
    • This will require RSA Authenticator v4.7 for iOS and Android.
Announcement
Don't see what you're looking for?