Upcoming Releases

IMPORTANT INFORMATION ABOUT THESE PRE-RELEASE NOTES

• These are pre-release notes and are subject to change

• Release notes are not considered final until close of business on the date of release

• This article will be updated with features, functionality, and bug fixes as our development continues

• If you have any questions about these features or want to request a more in-depth discussion about the best way to leverage them, then reach out to us at productmanagement@axiad.com

Planned Release Date: January 20 2026

Conductor HI

UP 2.21/UCMS 4.26

Features

This release significantly advances Axiad’s identity assurance and recovery capabilities by tightly integrating identity verification, self-service recovery, directory integration, and operator controls directly into Axiad Conductor workflows. Together, these enhancements reduce help desk dependency, improve security posture, and give administrators fine-grained control over how identity verification drives access recovery and onboarding outcomes.

At a high level, the release delivers four major value pillars:

1. Secure, Privacy-Preserving Self-Service Account Recovery

This release introduces a public, unauthenticated recovery entry point that allows users to securely initiate account recovery without revealing whether an account exists.

Users submit a configured identifier and, if valid, receive an email that triggers a standard Axiad Confirm identity verification flow. The experience is intentionally privacy-preserving: the same response is shown regardless of identifier validity, preventing account enumeration or data leakage.

Upon successful identity verification, users can recover access through administrator-defined mechanisms (such as temporary access credentials or password resets), with all expiration, retry limits, and verification rules enforced by existing Confirm configurations.

Customer impact:

• Reduces help desk load for lost authenticators, forgotten PINs, and similar events

• Preserves zero-trust and privacy principles even on public recovery pages

• Delivers a consistent, policy-driven recovery experience across environments

2. Full Active Directory Parity for Axiad Confirm

Axiad Confirm now supports Active Directory as a first-class identity source, achieving functional parity with Entra ID wherever technically feasible.

Administrators can configure AD as a direct datasource integration, map attributes, and use AD-sourced users seamlessly across Confirm onboarding, verification, and recovery workflows. Where permitted, workflows can generate Temporary Access Passes for Entra-synced users and reset Active Directory passwords, including enforcing password policy and “change at next logon” behavior.

Customer impact:

• Extends Confirm to hybrid and AD-centric environments without compromise

• Eliminates directory-driven gaps between cloud and on-prem identity verification

• Enables consistent recovery and verification experiences across identity sources

3. Help Desk Visibility and Control Over Identity Verification State

This release gives Help Desk operators clear, actionable visibility into a user’s identity verification (IDV) status directly from the Unified Portal’s User Details page.

Operators can view current IDV state, initiation and completion timestamps, and—based on permissions—take controlled actions such as initiating verification, reconfirming identity, or deleting confirmation data. All actions are fully audited.

Customer impact:

• Improves operational clarity and reduces ambiguity during user support interactions

• Enables controlled exception handling without bypassing audit requirements

• Aligns Help Desk tooling with real-world identity recovery workflows

4. Workflow-Driven Identity Verification Outcomes in Conductor

Axiad Conductor workflows can now natively incorporate Axiad Confirm with configurable post-verification outcomes, turning identity verification into an enforceable, reusable workflow primitive rather than a one-off step.

Administrators can enable Confirm per workflow, define success/failure messaging, and configure post-verification actions such as generating Temporary Access Credentials or issuing initial Active Directory passwords. These actions can be combined and tailored per workflow type, allowing identity verification to directly drive secure onboarding, recovery, and access enablement.

Customer impact:

• Makes identity verification an integral part of workflow execution, not an external dependency

• Reduces manual steps and operator intervention after verification

• Provides consistent, repeatable enforcement of identity assurance across use cases

Bug Fixes

• PM-16667 – Fixed issue where users could enter PINs exceeding the maximum length defined in the PIN Policy, causing verification failures.

• PM-15972 – Resolved IDEMIA Legible ID mismatch that caused enrollment failures.

Known Issues

• PM-16907 – Confirm step configuration is not copied when duplicating a credential workflow.

• PM-16841 – No UI error message displayed when a user has no active workflow; system returns a 500 Internal Server Error.

• PM-16671 – Email verification fails silently if email server configuration is incorrect; modal remains open with disabled buttons.

• PM-16274 – Legible ID not displayed for fresh devices on the scanner page.