Enhancements


Two Factor Authentication Enhancement for Control Panel


Context: Currently we support 2 Factor Authentication on cluster and merchant levels. However, we do not have the option to enable 2 Factor Authentication always or once in 30 days (current setting) for user groups.


Solution: A new ‘Is2FARequireAlways’ flag has been added to the current 2 Factor Authentication for CP in addition to the Cluster and Merchant level configurations.

Is2FARequireAlways flag:
  • When this flag is enabled 2FA OTP would be asked every time for:

    • Non Capillarytech domain - CP user 

    • Merchant / Primary User

    • Support user with merchant account access 



    Sample cases:


Case 1: 

2FA enabled at cluster level

2FA enabled at merchant level

Property Is2FARequireAlways is enabled for the merchant

Support user has access to the Merchant


Login With

Sample Email

2FA OTP every time

Merchant/Primary user

merchant@merchant.com

Yes

CP user - Non CapTech

cpuser@mail.com

Yes

CP user - CapTech/ Martjack

cpuser@capillarytech.com

No, 30 days once

Support user - Non CapTech

noncap@mail.com

Yes

Support user CapTech

username@capillarytech.com

No, 30 days once



Case 2

2FA enabled at cluster level

2FA enabled at merchant level

Property Is2FARequireAlways is disabled for the merchant

Support user has access to the Merchant


Login With

Sample Email

2FA OTP every time

Merchant/Primary user

merchant@merchant.com

No, 30 days once

CP user - Non CapTech

cpuser@mail.com

No, 30 days once

CP user - CapTech/ Martjack

cpuser@capillarytech.com

No, 30 days once

Support user - Non CapTech

noncap@mail.com

No, 30 days once

Support user CapTech

username@capillarytech.com

No, 30 days once


        Note: Case when support user has access on merchants in Case1 and Case2 both:


Support user - Non CapTech

noncap@mail.com

Asks 2FA everytime


Case 3

2FA enabled at cluster level

2FA disabled at merchant level

Property Is2FARequireAlways is disabled for the merchant

Support user has access on the above Merchant


Login With

Sample Email

2FA OTP every time

Merchant/Primary user

merchant@merchant.com

Never

CP user - Non CapTech

cpuser@mail.com

Never

CP user - CapTech/ Martjack

cpuser@capillarytech.com

Never

Support user - Non CapTech

noncap@mail.com

No, 30 days once

Support user CapTech

username@capillarytech.com

No, 30 days once



Subscription module: Product level changes


    Context: As a part of the subscription module that we are building, some product level changes have been released.


    Solution: “Enable Subscription” product level setting with the following options:

  • Enable: Product available for regular and subscription

  • Disable: Product available only for regular

  • Subscription only: Product available only for subscription


    (Control Panel -> Edit Product -> Additional Information -> Other Product Information)

    

CP Snapshot:

  • Subscription Min and Max Quantity: Product level settings to add Subscription Maximum quantity and Subscription Minimum quantity.


    (Control Panel -> Edit Product -> Variants -> Edit Variant -> Other Product Variant Information)


    CP Snapshot: