2026.6 - Release Notes
Release Date: May 12, 2026 Prepared by: Kryterion Product Team
Executive Summary
This release focuses on authentication, exam security, and candidate experience. SSO now supports OIDC and SP-Initiated SAML logout. Sentinel has been patched for three security vulnerabilities found in penetration testing, and several macOS improvements have been applied. Items requiring CSM coordination are noted throughout.
What's New at a Glance
Category | Highlights |
|---|---|
🔐 Authentication & SSO | OIDC support, SP-Initiated SAML logout, session index persistence |
🖥️ Sentinel Lockdown Browser | Penetration test patches, process enforcement, macOS display fixes |
🧪 Candidate Experience | System check fixes, new UI refinements, SMS opt-in infrastructure |
⚙️ Platform & Operations | Voucher/coupon audit logging, reporting performance |
🐛 Fixes | 8 issues resolved, including 3 security vulnerabilities |
New Features & Enhancements
🔐 Authentication & SSO
OIDC Single Sign-On Support
Programs can now integrate with Webassessor using OpenID Connect (OIDC), expanding the authentication options available to your program.
Administrators can configure OIDC clients directly within the Admin module
The SSO service now initiates and handles OIDC authorization requests
Request tracing has been added to the SSO service to improve diagnosability when authentication issues occur
🔔 Action Required: OIDC configuration requires administrator setup. Contact your CSM for guidance.
SP-Initiated SAML Single Logout
Candidates and administrators using SAML SSO now get a complete logout experience that properly terminates sessions on the identity provider side.
Service Provider-initiated logout is now fully supported
SAML SessionIndex values are now persisted, enabling accurate session tracking and proper logout behavior across federated sessions
SSO Operational Reliability & Request Tracing
Better visibility into SSO request flows means faster diagnosis when authentication issues occur.
Improved logging and tracing across the SSO service
🖥️ Sentinel Lockdown Browser
Security Vulnerability Patches
Three vulnerabilities found in penetration testing, all involving client-side manipulation of exam fees, have been resolved.
Exam purchase price manipulation via client-side parameter tampering — resolved
Exam cancellation refund amount manipulation via client-side parameter tampering — resolved
Reschedule penalty fee manipulation via client-side parameter tampering — resolved
🔴 Security Note: These vulnerabilities are patched in this release. No action is required on your end. Contact your CSM with any questions.
macOS Enhancements
Several macOS issues affecting exam security enforcement and launch reliability have been fixed.
Restored monitor type detection for primary vs. external displays, correcting blackout window rendering on secondary screens
Process termination for disallowed applications is now active on macOS
Cross-platform protocol registration no longer requires a Windows Registry dependency, improving macOS launch reliability
Suspendix Feature Toggle
The Suspendix feature can now be enabled or disabled at the system property level.
Toggle is managed at the system property level
🧪 Candidate Experience & System Check
System Check Fixes
These fixes improve the accuracy of system check feedback before candidates launch an exam.
Corrected error message when a candidate's microphone is disabled in the browser
Fixed video test card that was incorrectly accepting a grey placeholder image when a camera was covered
Forgot Password — Navigation Fix
Candidates had no way to leave the Forgot Password page without submitting the form.
Candidates can now exit the Forgot Password page without submitting
SMS Opt-In Infrastructure
The database, candidate-facing toggle, and admin feature flag for SMS reminders are now in place.
Database changes supporting SMS opt-in have been implemented
A candidate opt-in toggle has been added to the registration flow
A region-level feature flag has been added to the Admin module
📅 CSM-Enabled: SMS delivery is not yet active. Your CSM will coordinate regional activation timing.
⚙️ Platform & Operations
Voucher & Coupon Audit Logging & Access Tracking
Access and activity on vouchers and coupons is now logged, giving program administrators better visibility into how they are used.
Audit logging now tracks access and activity on vouchers and coupons
Fixes & Resolved Issues
Severity | Area | What Was Fixed |
|---|---|---|
🔴 High | Sentinel – Security | Exam purchase price could be manipulated via client-side parameter tampering |
🔴 High | Sentinel – Security | Cancellation refund amounts could be manipulated via client-side parameter tampering |
🔴 High | Sentinel – Security | Reschedule penalty fees could be manipulated via client-side parameter tampering |
🟡 Medium | Candidate UI – System Check | Incorrect error message displayed when microphone is disabled in the browser |
🟡 Medium | Candidate UI – System Check | Video test card incorrectly accepted a grey placeholder when camera was covered |
🟡 Medium | Candidate UI | Forgot Password page had no exit option without submitting the form |
🟡 Medium | Sessions | Recurring automatic session transfers were not processing correctly |
🟢 Low | Recertification | Recert logic for "At Risk" candidates was incorrectly impacted when an Alpha Exam was completed |
Rollout & Availability
Feature | Availability | Notes |
|---|---|---|
OIDC SSO Support | Available now | Admin configuration required, contact your CSM |
SP-Initiated SAML Logout | Available now | Applies to existing SAML configurations |
Sentinel Security Patches | Available now | No action required |
Sentinel macOS Enhancements | Available now | Applies to macOS Sentinel deployments |
SMS Opt-In Infrastructure | Not yet active | Regional rollout coordinated by CSM |
Voucher/Coupon Audit Logging | Available now | |
All bug fixes | Available now |
Known Issues & Limitations
SMS Opt-In: The opt-in toggle is visible in the candidate registration flow, but SMS delivery is not yet active. Your CSM will communicate timing for your region.
Resources & Next Steps
📖 For guidance on new features, visit our Help Center
📬 Questions? Contact your Client Success Manager or reach us at clientsupport@kryterion.com