We’re excited to announce the general availability of TestRail 7.4 for TestRail Cloud customers, which gives you security improvements with expanded SSO implementation standards (available on the Enterprise edition) and Multi-Factor Authentication (MFA). We also added new API endpoints for enhanced user management and access control.
Overview
This release is focused on authentication and user management improvements. For TestRail Enterprise customers, we’ve expanded Single Sign On (SSO) functionality by adding support for OpenID Connect (OIDC) and OAuth 2.0 standards, adding to TestRails existing support for SAML 2.0. Now more organizations can enforce SSO policies to help ensure users’ credentials aren’t lost, stolen, or reused.
Speaking of keeping data safe within your TestRail instance, all TestRail customers can now make sure users log in with Multi-Factor Authentication (MFA). By enforcing authentication with email and popular authenticator apps like Google Authenticator, Microsoft Authenticator, and Duo mobile, you’re better protected from stolen credentials being used to access sensitive data.
That’s not all! We just made it easier to create users and user groups with your LDAP service, like Azure Active Directory, with new API endpoints. You can also now control which projects users and user groups can access and retrieve and update additional user information, such as group membership and administrator access. As an added layer of security for the TestRail API, administrators now have the option to require the use of API keys instead of account passwords.
Sign up for the release webinar, or keep reading for more details!
New SSO Implementations
TestRail’s SSO feature allows administrators to integrate TestRail with their preferred SSO identity provider (IDP) using SAML 2.0, OAuth 2.0, and OpenID Connect protocols. In practice, this means that the management of users can be streamlined, by creating them once in the IDP and then providing them with access to whichever applications are required by the user – TestRail, in this case.
You can enable SSO by navigating to Administration > Site Settings > SSO, choosing your preferred protocol, and filling out the required settings. You can use the SSO configuration page to integrate with any identity provider that supports SAML 2.0, OAuth 2.0, or OpenID Connect.
While SSO is not a new feature in TestRail, support for OAuth 2.0 and OIDC is now available in 7.4, adding to the previous implementation of SAML 2.0. We’ve updated our existing documentation for configuring SSO and have guides for a variety of popular tools using each available protocol:
- OAuth 2.0 – Azure
- OAuth 2.0 – Google
- OAuth 2.0 – Okta
- OpenID Connect – Azure
- OpenID Connect – Google
- OpenID Connect – Okta
- SAML 2.0 – Azure
- SAML 2.0 – Google
- SAML 2.0 – Okta
Click here to learn more about Enterprise SSO implementation
Multi-Factor Authentication
To enhance security for TestRail instances, we’ve added Multi-Factor Authentication (MFA) so you can ensure users authenticate their login via email or popular authenticator apps. This can be enabled for your TestRail instance and then enabled on a per-user basis. Any administrator can enable MFA for TestRail under Site Settings > Security:
To then require MFA for your users, you can enable this setting on a per-user basis or by editing your users in bulk. Requiring MFA will also require API keys for your TestRail users who utilize the API.
Once MFA is enabled, users will be required to enter a one-time use code when logging into TestRail:
By default, this code will be sent by email to the user:
Alternatively, users can connect their individual accounts to an authenticator app that supports the Time-Based One-Time Password algorithm, such as Authy, Google Authenticator, or Microsoft Authenticator. To configure an authenticator app, users should follow these steps:
- Navigate to My Settings > Auth and press the Connect button for an authenticator app:
- Follow the instructions in the dialog:
- Save your user settings
Click here to learn more about MFA
API Changes
The TestRail API received a number of updates to enhance permission management for individual users, user groups, and projects. User endpoints now return additional user details and project endpoints now return more permission information for users and groups. New endpoints have been added to allow for the creation and management of TestRail users and user groups.
Here’s a brief breakdown of updates to existing endpoints:
get_user and get_users support the following additional fields for users:
- email_notifications
- is_admin
- group_ids
- mfa_required
- assigned_projects
- sso_enabled
get_project, get_projects, and update_project now support the
following fields:
- default_role_id
- default_role
- groups*
- users*
The groups and user fields will contain user and group information specific to the project.
We’ve added the following endpoints to TestRail’s API to enhance user and group management
- add_user – create a new TestRail user
- update_user – update an existing TestRail user
- get_group – get information on a specific user group
- get_groups – get information on all user groups in TestRail
- add_group – create a new user group
- update_group – update an existing user group
- delete_group – delete a user group
- get_roles – get all available user roles in TestRail
Please Note: If Multi-Factor Authentication is required for users, this will require API keys for these users, regardless of the Site Setting enabled.
Getting TestRail 7.3
You can start a 30-day free trial of TestRail here (cloud or server): http://www.gurock.com/testrail/trial/
If you want to create a subscription for TestRail Cloud, you can do so from within TestRail via Administration > Subscription. Or, if you want to order TestRail Server licenses, you can do so from our website here: https://secure.gurock.com/customers/shop/annual/purchase/
Registered customers can download the full version from our customer portal: http://www.gurock.com/portal/
TestRail Enterprise
To learn more about SSO, Project Level Administration, or any of the other features on TestRail Enterprise, please email us for a trial or quote via [email protected], or you can use the contact form here: https://secure.gurock.com/customers/support/.
Not sure which TestRail plan you’re on? Reach out and we’d be happy to help.
Updating to TestRail 7.4
TestRail Cloud
TestRail Cloud instances are automatically updated to the latest version. You can check your version via the TestRail Help > About TestRail menu item.
TestRail Server
Updates for the on-premise version of TestRail will be made available soon. Please keep an eye out for further updates.
