Yandex Identity Hub release notes

Labels next to update description indicate the interface supporting the update: management console, CLI, API, or Terraform.

December 2025December 2025

• Added a list of supported values for the --acr-id parameter in the yc organization-manager mfa-enforcement create and yc organization-manager mfa-enforcement update commands. CLI

November 2025November 2025

• Implemented the My account portal for user account management. Management console

October 2025October 2025

• Implemented MFA policy management in an organization using the CLI and API. CLI API
• Added CLI and API commands for suspending and reactivating SAML federation users. CLI API
• Now you can use the CLI to view which groups a given user belongs to within an organization. CLI

Q3 2025Q3 2025

• Added commands for managing SAML federation domains using the CLI and API. CLI API
• Restored the option to set up access permissions to Yandex Cloud resources using federated user group mapping. Management console Terraform
• Added the option to enforce two-factor authentication for all Yandex account users of an organization. Management console

Q2 2025Q2 2025

• Identity Hub is now in Public Preview.
• Enabled the use of refresh tokens in the Yandex Cloud CLI. CLI

Q1 2025Q1 2025

• Updated user visibility management in organizations. Management console

Q4 2024Q4 2024

• Added user visibility management in organization. Management console
• OS Login package building script is now available on VMs running Ubuntu 24.04.
• Added the organization-manager.passportUserAdmin role to manage organization users with Yandex accounts.
• In Yandex Audit Trails, added events for federated user group management: CreateGroupMapping, DeleteGroupMapping, and UpdateGroupMapping.
• Implemented user notification about the expiration of their Yandex Cloud SAML certificates.

Q3 2024Q3 2024

• Implemented sending notifications within an organization. Management console
• Added a script for deletion of OS Login packets from a virtual machine.
• You can now see the last authentication date of a service account or federated users. Management console CLI API
• Added federated user deletion event to Audit Trails: DeleteFederatedUserAccounts.

Q2 2024Q2 2024

• Added the ACS URL field for Yandex Identity Hub. Management console
• Added the labels parameter to work with labels when creating federations in Terraform. Terraform
• Added OS Login support for CentOS Stream 9.
• Added validation of user numeric ID (UID) for OS Login.

Q1 2024Q1 2024

• Added an option to delete federated users via the CLI and API. CLI API
• Fixed the Replay Attack vulnerability for SAML.