Yandex Identity Hub release notes

April 2026April 2026

• Added label management for organization user groups.

March 2026March 2026

• Added MFA policy exception management functions.
• Supported additional parameters for binding an access policy to a cloud or folder.

January 2026January 2026

• Added support for SMS as an MFA factor.

December 2025December 2025

• Added a list of allowed --acr-id values when configuring an MFA policy in the CLI.

November 2025November 2025

• Implemented the My account portal for user account management.

October 2025October 2025

• Implemented MFA policy management in organizations.
• Enabled suspension and reactivation of SAML federation users.
• Now you can view which groups a given user belongs to within an organization.

Q3 2025Q3 2025

• Added commands for managing SAML federation domains using the CLI and API. CLI API
• Restored the option to set up access permissions to Yandex Cloud resources using federated user group mapping. Management console Terraform
• Added the option to enforce two-factor authentication for all Yandex account users of an organization. Management console

Q2 2025Q2 2025

• Yandex Identity Hub is now in Public Preview.
• Enabled the use of refresh tokens in the Yandex Cloud CLI. CLI

Q1 2025Q1 2025

• Updated user visibility management in organizations. Management console

Q4 2024Q4 2024

• Added user visibility management in organization. Management console
• OS Login package building script is now available on VMs running Ubuntu 24.04.
• Added the organization-manager.passportUserAdmin role to manage organization users with Yandex accounts.
• In Yandex Audit Trails, added events for federated user group management: CreateGroupMapping, DeleteGroupMapping, and UpdateGroupMapping.
• Implemented user notification about the expiration of their Yandex Cloud SAML certificates.

Q3 2024Q3 2024

• Implemented sending notifications within an organization. Management console
• Added a script for deletion of OS Login packets from a virtual machine.
• You can now see the last authentication date of a service account or federated users. Management console CLI API
• Added federated user deletion event to Audit Trails: DeleteFederatedUserAccounts.

Q2 2024Q2 2024

• Added the ACS URL field for Yandex Identity Hub. Management console
• Added the labels parameter to work with labels when creating federations in Terraform. Terraform
• Added OS Login support for CentOS Stream 9.
• Added validation of user numeric ID (UID) for OS Login.

Q1 2024Q1 2024

• Added an option to delete federated users via the CLI and API. CLI API
• Fixed the Replay Attack vulnerability for SAML.