What's New
      Back to home
      1. Knowledge Base
      2. What's New

      Identity Project System Enhancement

      Overview of Recent Enhancements to Security and System Reliability

      Login Just Got an Upgrade

      We’re modernizing Alleva’s authentication framework by moving from a legacy, fragmented identity server to Azure AD B2C. This industry-standard solution will deliver a smoother, more secure login experience for all users.


      What This Means

      Azure AD B2C (Business-to-Consumer) is a cloud-based identity management service from Microsoft. It provides:

      Centralized login management across the Alleva platform

      Enterprise-grade security and compliance

      Support for modern authentication standards (OAuth 2.0, OpenID Connect, SAML)

      Single Sign-On (SSO): Log in once and stay signed in as you move between systems

      Multi-Factor Authentication (MFA): Adds an extra layer of protection for your account

      Better compatibility with third-party tools and future integrations


      Improvements You’ll See

      1. Seamless & Secure Login Across Platforms

      Fix: Users will no longer be unexpectedly logged out when switching between the New and Legacy systems.

      Why it matters: Prevents frustration and lost work when navigating across systems.


      2. Smarter Session Timeout Handling

      Fix: Sessions will now properly time out after inactivity, prompting reauthentication.

      Why it matters: Previously, users could remain in forms too long without reauthenticating, leading to lost data or unexpected redirects. This improves data integrity and user trust.


      3. Consistent Lockout Functionality

      Fix: Lockouts and session expirations will now behave consistently in all parts of the app.

      Why it matters: Prevents long-lived sessions that could pose security risks, and ensures users are aware when they need to log in again.


      4. Cleanup for Cross-Location Users

      Fix: A backend data update will address an issue with cross-location user configurations.

      Why it matters: Ensures accurate, secure access across multi-location facilities.

      Why Azure AD B2C?

      • Reliability: Microsoft’s infrastructure guarantees high uptime and performance.

      • Stronger security: Modern standards protect against common attacks like credential stuffing or token reuse.

      • Scalability: Supports growth without the patchwork maintenance burden of the old identity server.

      • Future flexibility: Makes it easier to add new sign-in providers (Google, Apple, etc.) later if needed.