New security features
This month our focus is particularly on new security features. This includes, in particular, the support of LDAP, SAML and OAuth to simplify logins in large companies. Account administrators can now also set strict password rules and secure account access with geofencing and IP blocking.
The codes that are inserted into the website have also been adapted. These are now „lighter“, load faster and are also safer.
More features and changes
- Easier translation of purposes
- Domain whitelists & blacklists
- Support for own Google Consent Mode triggers
- New macros for texts
- … and many more.
Code change necessary
The IAB updated the IAB TCF Standard and removed several features (e.g. global scope, OOB and consensu.org domain). We have therefore made the corresponding settings in our system. As the consensu.org domain will be removed by the IAB (timeline not yet set), we have updated the stub code (code part that is integrated into your website) in order to reflect the domain change. The new codes will use the domains *.delivery.consentmanager.net and *.cdn.consentmanager.net instead. We expect the sunset phase for these domain changes to be 1 year or longer, but encourage clients to already now start updating their codes.
Update on translations/text
Please note, that the translations of purpose names and descriptions are moved from Menu > Texts to Menu > Purposes > Edit. Along with this change it is now no longer possible to have different purpose names or descriptions per design (but only per CMP). We automatically updated all accounts.
With the coming release we will apply the following changes:
- CMP-633 Set translation of purpose name / description at purpose level instead of text/design level
- CMP-108 SSO: OAuth2 support
- CMP-158 SSO: LDAP support
- CMP-30 SSO: SAML support
- CMP-14 Info on incorrect logins
- CMP-448 Send password mail
- CMP-469 Send password renew email to users
- CMP-526 Geofencing for logins from new countries
- CMP-694 Add right for editing/viewing default texts
- CMP-700 Add possibility to change username
- CMP-770 Increased subaccount users groups
- CMP-530 Add blacklist/whitelist of domains where CMP should be allowed
- CMP-792 Add Google Consent Mode custom triggers
- CMP-785 Legal requirement: Macro [vendorcount]
- CMP-656 Switch domains from consensu.org to delivery.consentmanager.net
- CMP-20 Adjust password rules for subaccounts
- CMP-301 Security: Prevent inline scripts from running
- CMP-771 Additional verification on data copy
- CMP-134 Back link not visible in design settings
- CMP-701 Get CMP variables on code view (ID, Host, CDN)
- CMP-764 Issue on auto reports
- CMP-698 Crawler inclusion
- Deprecated: dataLayer.cmpVendorsConsent / dataLayer.cmpCustomVendorsConsent – use dataLayer.cmpConsentVendors instead. Fields will be removed by Dec 2021