TestRail 7.4 Default

Cloud release date: 13-February-2022

Server & Docker release date: 5-April-2022

We’re excited to announce the general availability of TestRail 7.4 for TestRail customers, which gives you security improvements with expanded SSO implementation standards (available on the Enterprise edition) and Multi-Factor Authentication (MFA). We also added new API endpoints for enhanced user management and access control.

Overview

This release is focused on authentication and user management improvements.  For TestRail Enterprise customers, we’ve expanded Single Sign On (SSO) functionality by adding support for OpenID Connect (OIDC) and OAuth 2.0 standards, adding to TestRail's existing support for SAML 2.0. Now more organizations can enforce SSO policies to help ensure users’ credentials aren’t lost, stolen, or reused. 

Speaking of keeping data safe within your TestRail instance, all TestRail customers can now make sure users log in with Multi-Factor Authentication (MFA).  By enforcing authentication with email and popular authenticator apps like Google Authenticator, Microsoft Authenticator, and Duo mobile, you’re better protected from stolen credentials being used to access sensitive data.

That’s not all! We just made it easier to create users and user groups with your LDAP service, like Azure Active Directory, with new API endpoints. You can also now control which projects users and user groups can access and retrieve and update additional user information, such as group membership and administrator access. As an added layer of security for the TestRail API, administrators now have the option to require the use of API keys instead of account passwords.

New SSO Implementations

TestRail’s SSO feature allows administrators to integrate TestRail with their preferred SSO identity provider (IDP) using SAML 2.0, OAuth 2.0, and OpenID Connect protocols. In practice, this means that the management of users can be streamlined, by creating them once in the IDP and then providing them with access to whichever applications are required by the user – TestRail, in this case.

You can enable SSO by navigating to Administration > Site Settings > SSO, choosing your preferred protocol, and filling out the required settings. You can use the SSO configuration page to integrate with any identity provider that supports SAML 2.0, OAuth 2.0, or OpenID Connect.

While SSO is not a new feature in TestRail, support for OAuth 2.0 and OIDC is now available in 7.4, adding to the previous implementation of SAML 2.0. We’ve updated our existing documentation for configuring SSO and have guides for a variety of popular tools using each available protocol:

Click here to learn more about Enterprise SSO implementation

Multi-Factor Authentication

To enhance security for TestRail instances, we’ve added Multi-Factor Authentication (MFA) so you can ensure users authenticate their login via email or popular authenticator apps. This can be enabled for your TestRail instance and then enabled on a per-user basis. Any administrator can enable MFA for TestRail under Site Settings > Security:

t83JtzMgkGjcVWSSez2GT8otDjikOFB-qxjJA9LJgJ7OqkO-ur7mabn07zOMTR79z9jmopc7QTXsFWzN0CNr6e0Lq0jc0iigheD1konpTgS6J0MReCy5jurWnaMHBp-CHv7NbCCI.png

To then require MFA for your users, you can enable this setting on a per-user basis or by editing your users in bulk. Requiring MFA will also require API keys for your TestRail users who utilize the API.

Once MFA is enabled, users will be required to enter a one-time use code when logging into TestRail:

PGrjIBElevKqC7APMFylaZGAszUz15AeHz7SnhKvADexMM-jqYJd_2z_hyb4Z5VTLU0OwwKogf3ytxnBoc2j_kYH5CjXmAlqudm3_lx-riqPUNMRJChkRXVTMtuCwM5Av4ubMXtg.png

By default, this code will be sent by email to the user:

kPNUqq qLgVWbiO8 2kqbqLthiUpnpEftHd2Xoes1usTUF8pRWoWIEBp82 gbVntJIb2Man5UQp 9UxwMV3oO0mwk9tc6oruaTSMF99708e3m3xZVnrQL29L0lRu0kYgi

Alternatively, users can connect their individual accounts to an authenticator app that supports the Time-Based One-Time Password algorithm, such as Authy, Google Authenticator, or Microsoft Authenticator.  To configure an authenticator app, users should follow these steps:

  1. Navigate to My Settings > Auth and press the Connect button for an authenticator app:

JYARiJiBo6QoeL2Tt lAdw5GO3zY L9Dod2M229koqaCU xYmQy42E yLrrAhD3xepVM gu33XAej6VlF4TDcS4m CvZMb9VONqzOlbUn6S6s9JGvZCwiahFjsmA9aXRIqBcbiYX

  1. Follow the instructions in the dialog:

g5eOkGUOKvW1qavdfISu5ExZauLsZYbpZnzktypIQgR0iS46bK1dLuLECWLfW6Tnldz82MhJ6n QfWAUL9AAzhGL r1bEfB63WYWYMo4qXwhbMy8KOOCOqnnFwPTNNFy4Wv8eG75

  1. Save your user settings

Click here to learn more about MFA

API Changes

The TestRail API received a number of updates to enhance permission management for individual users, user groups, and projects. User endpoints now return additional user details and project endpoints now return more permission information for users and groups. New endpoints have been added to allow for the creation and management of TestRail users and user groups. 

Here’s a brief breakdown of updates to existing endpoints:

get_user and get_users support the following additional fields for users:

  • email_notifications
  • is_admin
  • group_ids
  • mfa_required
  • assigned_projects
  • sso_enabled

get_projectget_projects, and update_project now support the

following fields:

  • default_role_id
  • default_role
  • groups*
  • users*

The groups and user fields will contain user and group information specific to the project.

We’ve added the following endpoints to TestRail’s API to enhance user and group management

Please Note: If Multi-Factor Authentication is required for users, this will require API keys for these users, regardless of the Site Setting enabled.

Getting TestRail 7.4

You can start a free trial of TestRail here (cloud or server): https://secure.testrail.com/customers/testrail/trial/

If you want to create a subscription for TestRail Cloud, you can do so from within TestRail via Administration > Subscription. Or, if you want to order TestRail Server licenses, you can do so from our website here: https://secure.testrail.com/customers/shop/annual/purchase/

Registered customers can download the full version from our customer portal: https://secure.testrail.com/customers/auth/login/

TestRail Enterprise

To learn more about SSO, Project Level Administration, or any of the other features on TestRail Enterprise, please sign in and reach out to our Support Team, or if you are not signed in, click the Submit a request button on the top right of this page.

Not sure which TestRail plan you’re on? Reach out and we’d be happy to help.

Updating to TestRail 7.4

TestRail Cloud

TestRail Cloud instances are automatically updated to the latest version. You can check your version via the TestRail Help > About TestRail menu item.

TestRail Server

Registered customers can download the full version from our customer portal: http://www.gurock.com/portal/

Was this article helpful?
0 out of 0 found this helpful