v2.28.0

• #606 add support for USER and PASSWORD fields in pingfed provider
• #605 send ""credentials are not expired"" to debug log
• #604 modify page processor to work with action-less forms
• #595 Adding Credential Process support during login
• #593 Move login details validation to provider
• #591 exclude default profile prompt
• #590 Fetch credentials for multiple accounts with single login
• #589 3.1.4 RC
• #587 ADFS adding ChallengeQuestionAnswer input name
• #585 Run all compiles with GHA
• #584 Add compile to ci target
• #583 Add linux/arm(64) targets to Makefile
• #581 Bump Go to 1.15
• #577 chore(ci) move to github actions
• #576 fix(prompt) update survey library to fix bad input error
• #575 documentation) README installation version bump
• #574 Allow 401 response and handle refresh for Pingone
• #573 update aad to account for mfa being skipped
• #571 Fix getting destination URL
• #567 Fix keycloak login when SAML response page contains input fields without 'name' attribute

v2.27.1

• Resolve unable to locate IDP oidc form submit URL error due to response body reuse #539
• The roles from list-roles are output to stderr not stdout which is better for scripting #560
• Updating broken URL for IDP Issues #553
• Fail if Jumpcloud 401 does not prompt for MFA #556
• Docs Update - Keep the CLI installation steps consistent #549

v2.27.0

• updated README.md for AzureAD doc #528
• Modify case for handling mfa prompt. #529
• Support SecurIDv2 Authentication (adfs2) #535
• [Azure AD] Fixes #530: Supports KMSI page display logic after MFA #538
• Keycloak follow redirect on 401 response #543
• Issue 527: Duo MFA: pass new SID to subsequent API call to DuoSecurity (with backward compatibility) #532
• Updated the AWS URN to match actual govCloud URN #534
• feat(modules): refactor modules and tidy up some issues #544

v2.26.2

chore(Release) Prepare for a release.

v2.26.1

fix(chocolatey) Update push URL

v2.26.0

• [googleapps] Adding fallback when yubikey fails #470
• fix script's template for fish #472
• Added support for DUO authorized network bypass #458
• Add support for Yubikey with Onelogin #461
• fix script's template for powershell #484
• Get the AWS destination from the Destination, not Audience #481
• Fixes for okta + govcloud #476
• Add console flag to present a link instead of opening browser directly #474
• Fix use of OKTA (Okta verify TOTP) as an MFA provider setting #486
• add Privileged authentication option in NetIQ #490

v2.25.0

• Feature: NetIQ provider #457
• For Okta, optionally allow "--mfa-token" command-line argument. #454
• Bring Go to 1.14 in Travis #465
• missing cmdConsole.Flag into main.go for console function. #453
• Feat/yubikey support for Okta Provider #456
• Print roles immediately if only one role in SAML assertion #467
• Feature: adds HTTP retry for all providers #463

v2.24.0

• FIX/AzureAD: Remove redundant WS call #435
• Add support for new Google Login Page Formats #445
• Removes call to open u2f device in googleapps #446
• Set default to first item for role selection. #448
• [provider][googleapps] - Add bgresponse=js_disabled #449

v2.23.0

• fix using exec-profile #422
• Remove no longer in Dockerfile #431
• Remove glide from Appveyor #432
• feat(help) Add a note about debugging to missing assertion message #428
• Increase waiting sleep for Okta Push to 3 seconds #430
• Add support for AzureMfaServerAuthentication provider. #427

v2.22.1

• Export AWS_CREDENTIAL_EXPIRATION with token expiration #413
• Removes call to open FIDO device in Okta #415
• fix(console) Updated issuer to use correct value #420
• fix(console) Refactor token / config checks to login correctly #412