We’re excited to announce the general availability of TestRail 7.4 for TestRail Cloud customers, which gives you security improvements with expanded SSO implementation standards (available on the Enterprise edition) and Multi-Factor Authentication (MFA). We also added new API endpoints for enhanced user management and access control.
This release is focused on authentication and user management improvements. For TestRail Enterprise customers, we’ve expanded Single Sign On (SSO) functionality by adding support for OpenID Connect (OIDC) and OAuth 2.0 standards, adding to TestRails existing support for SAML 2.0. Now more organizations can enforce SSO policies to help ensure users’ credentials aren’t lost, stolen, or reused.
Speaking of keeping data safe within your TestRail instance, all TestRail customers can now make sure users log in with Multi-Factor Authentication (MFA). By enforcing authentication with email and popular authenticator apps like Google Authenticator, Microsoft Authenticator, and Duo mobile, you’re better protected from stolen credentials being used to access sensitive data.
That’s not all! We just made it easier to create users and user groups with your LDAP service, like Azure Active Directory, with new API endpoints. You can also now control which projects users and user groups can access and retrieve and update additional user information, such as group membership and administrator access. As an added layer of security for the TestRail API, administrators now have the option to require the use of API keys instead of account passwords.
Sign up for the release webinar, or keep reading for more details!
TestRail’s SSO feature allows administrators to integrate TestRail with their preferred SSO identity provider (IDP) using SAML 2.0, OAuth 2.0, and OpenID Connect protocols. In practice, this means that the management of users can be streamlined, by creating them once in the IDP and then providing them with access to whichever applications are required by the user – TestRail, in this case.
You can enable SSO by navigating to Administration > Site Settings > SSO, choosing your preferred protocol, and filling out the required settings. You can use the SSO configuration page to integrate with any identity provider that supports SAML 2.0, OAuth 2.0, or OpenID Connect.
While SSO is not a new feature in TestRail, support for OAuth 2.0 and OIDC is now available in 7.4, adding to the previous implementation of SAML 2.0. We’ve updated our existing documentation for configuring SSO and have guides for a variety of popular tools using each available protocol:
Click here to learn more about Enterprise SSO implementation
To enhance security for TestRail instances, we’ve added Multi-Factor Authentication (MFA) so you can ensure users authenticate their login via email or popular authenticator apps. This can be enabled for your TestRail instance and then enabled on a per-user basis. Any administrator can enable MFA for TestRail under Site Settings > Security:
To then require MFA for your users, you can enable this setting on a per-user basis or by editing your users in bulk. Requiring MFA will also require API keys for your TestRail users who utilize the API.
Once MFA is enabled, users will be required to enter a one-time use code when logging into TestRail:
By default, this code will be sent by email to the user:
Alternatively, users can connect their individual accounts to an authenticator app that supports the Time-Based One-Time Password algorithm, such as Authy, Google Authenticator, or Microsoft Authenticator. To configure an authenticator app, users should follow these steps:
Click here to learn more about MFA
The TestRail API received a number of updates to enhance permission management for individual users, user groups, and projects. User endpoints now return additional user details and project endpoints now return more permission information for users and groups. New endpoints have been added to allow for the creation and management of TestRail users and user groups.
Here’s a brief breakdown of updates to existing endpoints:
get_user and get_users support the following additional fields for users:
get_project, get_projects, and update_project now support the
following fields:
The groups and user fields will contain user and group information specific to the project.
We’ve added the following endpoints to TestRail’s API to enhance user and group management
Please Note: If Multi-Factor Authentication is required for users, this will require API keys for these users, regardless of the Site Setting enabled.
You can start a 14-day free trial of TestRail here (cloud or server): http://www.gurock.com/testrail/trial/
If you want to create a subscription for TestRail Cloud, you can do so from within TestRail via Administration > Subscription. Or, if you want to order TestRail Server licenses, you can do so from our website here: https://secure.gurock.com/customers/shop/annual/purchase/
Registered customers can download the full version from our customer portal: http://www.gurock.com/portal/
To learn more about SSO, Project Level Administration, or any of the other features on TestRail Enterprise, please email us for a trial or quote via [email protected], or you can use the contact form here: https://secure.gurock.com/customers/support/.
Not sure which TestRail plan you’re on? Reach out and we’d be happy to help.
TestRail Cloud instances are automatically updated to the latest version. You can check your version via the TestRail Help > About TestRail menu item.
Updates for the on-premise version of TestRail will be made available soon. Please keep an eye out for further updates.
We are thrilled to announce the launch of TestRail’s new brand. You have probably noticed a few new things already: updated colors, a refreshed logo, and our new “testrail.com” website. But our new brand goes beyond just colors and design....
We’re excited to announce the general availability of TestRail 7.6 for cloud customers on the Early Access track. We just made it even easier to complete your work in less time with the introduction of Test Parameterization for TestRail Enterprise custome...
The TestRail team is proud to announce the release of the TestRail CLI Tool. Sending automated test results to TestRail just got a lot easier. By parsing and uploading JUnit style test results into TestRail directly from the command line or by running the C...