Announcing TestRail 7.4 with New SSO Implementations, MFA, and Enhanced User Management

We’re excited to announce the general availability of TestRail 7.4 for TestRail Cloud customers, which gives you security improvements with expanded SSO implementation standards (available on the Enterprise edition) and Multi-Factor Authentication (MFA). We also added new API endpoints for enhanced user management and access control.

Overview

This release is focused on authentication and user management improvements.  For TestRail Enterprise customers, we’ve expanded Single Sign On (SSO) functionality by adding support for OpenID Connect (OIDC) and OAuth 2.0 standards, adding to TestRails existing support for SAML 2.0. Now more organizations can enforce SSO policies to help ensure users’ credentials aren’t lost, stolen, or reused. 

Speaking of keeping data safe within your TestRail instance, all TestRail customers can now make sure users log in with Multi-Factor Authentication (MFA).  By enforcing authentication with email and popular authenticator apps like Google Authenticator, Microsoft Authenticator, and Duo mobile, you’re better protected from stolen credentials being used to access sensitive data.

That’s not all! We just made it easier to create users and user groups with your LDAP service, like Azure Active Directory, with new API endpoints. You can also now control which projects users and user groups can access and retrieve and update additional user information, such as group membership and administrator access. As an added layer of security for the TestRail API, administrators now have the option to require the use of API keys instead of account passwords.

Sign up for the release webinar, or keep reading for more details!

New SSO Implementations

TestRail’s SSO feature allows administrators to integrate TestRail with their preferred SSO identity provider (IDP) using SAML 2.0, OAuth 2.0, and OpenID Connect protocols. In practice, this means that the management of users can be streamlined, by creating them once in the IDP and then providing them with access to whichever applications are required by the user – TestRail, in this case.

You can enable SSO by navigating to Administration > Site Settings > SSO, choosing your preferred protocol, and filling out the required settings. You can use the SSO configuration page to integrate with any identity provider that supports SAML 2.0, OAuth 2.0, or OpenID Connect.

While SSO is not a new feature in TestRail, support for OAuth 2.0 and OIDC is now available in 7.4, adding to the previous implementation of SAML 2.0. We’ve updated our existing documentation for configuring SSO and have guides for a variety of popular tools using each available protocol:

Click here to learn more about Enterprise SSO implementation

Multi-Factor Authentication

To enhance security for TestRail instances, we’ve added Multi-Factor Authentication (MFA) so you can ensure users authenticate their login via email or popular authenticator apps. This can be enabled for your TestRail instance and then enabled on a per-user basis. Any administrator can enable MFA for TestRail under Site Settings > Security:

t83JtzMgkGjcVWSSez2GT8otDjikOFB qxjJA9LJgJ7OqkO ur7mabn07zOMTR79z9jmopc7QTXsFWzN0CNr6e0Lq0jc0iigheD1konpTgS6J0MReCy5jurWnaMHBp CHv7NbCCI

To then require MFA for your users, you can enable this setting on a per-user basis or by editing your users in bulk. Requiring MFA will also require API keys for your TestRail users who utilize the API. 

Once MFA is enabled, users will be required to enter a one-time use code when logging into TestRail:

PGrjIBElevKqC7APMFylaZGAszUz15AeHz7SnhKvADexMM jqYJd 2z hyb4Z5VTLU0OwwKogf3ytxnBoc2j kYH5CjXmAlqudm3 lx riqPUNMRJChkRXVTMtuCwM5Av4ubMXtg

By default, this code will be sent by email to the user:

kPNUqq qLgVWbiO8 2kqbqLthiUpnpEftHd2Xoes1usTUF8pRWoWIEBp82 gbVntJIb2Man5UQp 9UxwMV3oO0mwk9tc6oruaTSMF99708e3m3xZVnrQL29L0lRu0kYgi

Alternatively, users can connect their individual accounts to an authenticator app that supports the Time-Based One-Time Password algorithm, such as Authy, Google Authenticator, or Microsoft Authenticator.  To configure an authenticator app, users should follow these steps:

  1. Navigate to My Settings > Auth and press the Connect button for an authenticator app:
JYARiJiBo6QoeL2Tt lAdw5GO3zY L9Dod2M229koqaCU xYmQy42E yLrrAhD3xepVM gu33XAej6VlF4TDcS4m CvZMb9VONqzOlbUn6S6s9JGvZCwiahFjsmA9aXRIqBcbiYX
  1. Follow the instructions in the dialog:
g5eOkGUOKvW1qavdfISu5ExZauLsZYbpZnzktypIQgR0iS46bK1dLuLECWLfW6Tnldz82MhJ6n QfWAUL9AAzhGL r1bEfB63WYWYMo4qXwhbMy8KOOCOqnnFwPTNNFy4Wv8eG75
  1. Save your user settings

Click here to learn more about MFA

API Changes

The TestRail API received a number of updates to enhance permission management for individual users, user groups, and projects. User endpoints now return additional user details and project endpoints now return more permission information for users and groups. New endpoints have been added to allow for the creation and management of TestRail users and user groups. 

Here’s a brief breakdown of updates to existing endpoints:

get_user and get_users support the following additional fields for users:

  • email_notifications
  • is_admin
  • group_ids
  • mfa_required
  • assigned_projects
  • sso_enabled

get_project, get_projects, and update_project now support the

following fields:

  • default_role_id
  • default_role
  • groups*
  • users*

The groups and user fields will contain user and group information specific to the project.

We’ve added the following endpoints to TestRail’s API to enhance user and group management

Please Note: If Multi-Factor Authentication is required for users, this will require API keys for these users, regardless of the Site Setting enabled.

Getting TestRail 7.3

You can start a 30-day free trial of TestRail here (cloud or server): http://www.gurock.com/testrail/trial/

If you want to create a subscription for TestRail Cloud, you can do so from within TestRail via Administration > Subscription. Or, if you want to order TestRail Server licenses, you can do so from our website here: https://secure.gurock.com/customers/shop/annual/purchase/

Registered customers can download the full version from our customer portal: http://www.gurock.com/portal/

TestRail Enterprise

To learn more about SSO, Project Level Administration, or any of the other features on TestRail Enterprise, please email us for a trial or quote via [email protected], or you can use the contact form here: https://secure.gurock.com/customers/support/.

Not sure which TestRail plan you’re on? Reach out and we’d be happy to help.

Updating to TestRail 7.4

TestRail Cloud

TestRail Cloud instances are automatically updated to the latest version. You can check your version via the TestRail Help > About TestRail menu item.

TestRail Server

Updates for the on-premise version of TestRail will be made available soon. Please keep an eye out for further updates.

In This Article:

Try a 30-day trial of TestRail today!

Share this article

Other Blogs

Exploring the Impact of AI in QA
Agile, Automation, Software Quality, TestRail

TestRail’s AI in QA Report: Exploring the Impact of AI in QA 

Artificial Intelligence (AI) is not just a buzzword—it’s a transformative force reshaping how we approach quality assurance (QA) in software development. Our “Exploring the Impact of AI in QA” report offers an in-depth look at how AI is being adopted, wh...
Advanced Strategies for Manual Software Testing
Software Quality, Agile, TestRail

Advanced Strategies for Manual Software Testing

Manual software testing isn’t just about basic validation tasks—it involves advanced techniques to ensure thorough quality assurance. Let’s delve into the advanced strategies that you can use to enhance your testing effectiveness: Test case design ...
Key Factors to Consider When Selecting the Right Test Case Management Tool
General, Software Quality, TestRail

Choosing the Right Test Case Management Tool: Key Factors

Understanding the need you have is often the first step in defining the method for managing test cases that will work for you and your team.