Security improvements have been made to access the Orchestra Catalog API. Only explicitly authorized applications can access it. All this while ensuring consistent error management. The goal is to improve the quality and robustness of the Catalog API to make it more reliable.
The existing platform login module allows for simple authentication using a username and password. Until now, no secondary mechanism was available, which posed a risk in sensitive access contexts.
In order to strengthen security for accessing the Orchestra platform, a two-step authentication (2FA) mechanism based on the validation of an OTP code received by email has been introduced. This feature can be enabled globally and cannot be customized by the user.
The Gifted, Tracer, Transport Aggregator, Jobs, Dashboard Performance modules have been adapted to use the new secure internal Single Sign-On. This enhance security and homogenizes access to the platform with the other modules already integrated.