π― What's New in v1.0.18
This release introduces comprehensive SAML SSO support with passwordless authentication for the top three identity providers (Okta, Microsoft Entra ID, and PingIdentity), critical authentication fixes for HPE internal users, major documentation improvements, and enhanced error handling for better user experience.
β¨ Major Enhancements
SAML Single Sign-On & Passwordless Authentication
- β Okta - Okta Verify push notifications and TOTP codes
- β Microsoft Entra ID - Microsoft Authenticator with mandatory number matching
- β PingIdentity - PingID push notifications and TOTP codes
- π Implemented passwordless authentication flows for enhanced security
Critical Authentication Fixes for HPE Internal Users (@hpe.com)
- π§ Okta FastPass workaround: Automatically detects and cancels device-challenge-poll remediation (Okta FastPass/device-bound authentication) to fall back to traditional mobile authentication
- π§ StateHandle management fixes: Fixed three critical bugs in authentication state management that were causing "Verification timed out" errors
- β Cross-platform compatibility: Windows/Linux users now use mobile push/TOTP authentication; Mac users fall back to polling if desktop app is available
π Documentation Improvements
- Comprehensive README overhaul:
- Added quick start guide with 3-step setup
- Detailed authentication methods comparison table
- Expanded troubleshooting sections
- New section on unsupported Identity Providers (Google Workspace, Auth0, OneLogin, etc.)
- Environment variable configuration for development/staging environments
- New tutorial sections: Step-by-step guidance for SAML SSO configuration
- Enhanced help documentation: Updated Connect-HPEGL cmdlet with detailed SSO parameters and examples
- Important notices:
β οΈ Enhanced workspaces support is in development (limited support in current version)β οΈ Identity Provider implementations may vary across organizations - issue reporting guidance provided
π§ Error Handling & User Experience
- Improved error messages with multi-line format for better readability
- Enhanced error context with actionable troubleshooting steps
- New: Comprehensive 403 Forbidden error handling - Clear explanations when users lack permissions to create/remove API credentials, including:
- Complete list of roles that cannot manage API credentials
- Required permission levels
- Actionable solutions for resolving access issues
- Better user guidance for common authentication and configuration issues
π Bug Fixes
Critical Authentication Fixes (November 24, 2025):
- Fixed expired stateToken usage in final introspect request (was causing 404 errors)
- Fixed missing stateHandle updates after successful push notification verification
- Fixed missing stateHandle updates after successful TOTP code verification
- These fixes resolve "Verification timed out" errors that occurred even when users approved authentication quickly
General Improvements:
- Improved session validation and credential management
- Enhanced COM region validation with better error messages
π Additional Improvements
- Updated authentication examples for HPE Account and SSO scenarios
- New: Environment variable support for development/testing environments - Override production endpoints using HPE_COMMON_CLOUD_URL, HPE_AUTH_URL, and HPE_SSO_URL
- Enhanced SAML session tracking and state management across authentication flows
- Comprehensive MFA (Multi-Factor Authentication) handling supporting push notifications and TOTP (Time-based One-Time Password) codes across all three Identity Providers
π New Documentation
π Complete SAML SSO Configuration Guide
A comprehensive step-by-step tutorial that covers:
- Setting up SAML (Security Assertion Markup Language) SSO (Single Sign-On) with Okta, Microsoft Entra ID, and PingIdentity
- Configuring passwordless authentication using push notifications and TOTP codes
- Troubleshooting common issues and best practices
- Real-world examples and screenshots for each Identity Provider (IdP)
This guide walks you through the complete integration process, from configuring your Identity Provider to testing the authentication flow with this PowerShell library.
π¦ Installation & Upgrade
See the How to install and upgrade the Module section in the README for the complete 4-step upgrade process.
π¬ Support & Feedback
- π Report Issues: GitHub Issues
- π¬ Get Help: GitHub Discussions
- π Main Blog: PowerShell Library for HPE Compute Ops Management
Full Changelog: v1.0.17...v1.0.18