4.17.0 release notes

Known issues

Check the repository for the latest known issues.

Upgrade notes

Breaking changes

None.

UI/UX changes

The login experience now includes a password reset page for users who are required to change their password upon first login. This page ensures that new users and users whose passwords have been manually updated by an admin are prompted to update their credentials before accessing the app.

See the workflow documentation for more details.

Highlights

Change password on first login

System admin users create accounts for CHWs and then share the password with them. To enhance the security of these accounts, the CHT now supports a feature that prompts users to change their password upon their first login.

Details

  • By default, new users and users whose passwords have been manually reset by an admin must change their password on their next login.
  • This requirement can be bypassed for specific user roles using the can_skip_password_change permission.
    • If the permission is enabled for a user, they will not be required to change their password.
    • If the permission is not enabled, the user must change their password before accessing the app.
  • Subsequent logins won’t require a password change unless the admin manually updates the user’s password. In this case, the user will be prompted to change their password on their next login.
  • If the user cannot change the password for any reason, they will be unable to access the app.
  • If a user logs in for the first time, but closes the app before changing their password, they will be prompted again to change their password the next time they open the app.

And more…

Features

  • #9547: Change password on first login

Improvements

None.

Security fixes

None

Performance improvements

None.

Bug fixes

  • #9732: Navigation Issue on Privacy Policy Page When Bottom Back Button is Clicked First
  • #9747: Misconfigurations in outbound push config result in unexpected behavior.

Technical improvements

  • #6250: Replace deprecated “request-promise-native” dependency

Contributors

Thanks to all who committed changes for this release!



Last modified 05.02.2025: Update the change password image and links in release notes and access pages (#1765) (b49e1fa4)
Edit this page Create documentation issue Create project issue