Welcome to the BlueConic product release notes for Q3-2023. This article lists product updates, new connections, bug fixes, and API updates released to customers as part of Release 89 (July 2023) and will be continuously updated with any other platform and plugin changes made between July and September 2023.
With the release of the BlueConic REST API v2 and OAuth 2.0 we are announcing the deprecations of REST API v1 and OAuth 1.0. For an overview of steps to migrate from API v1 to v2, see our migration guide. If you have questions or need assistance, contact your BlueConic Customer Success Manager or BlueConic Support.
BlueConic platform status
Visit status.blueconic.com for current status updates for the BlueConic platform. Click the Subscribe to updates button to get platform status notifications by SMS, slack, or email.
Testing new features
Please note that any newly released features may impact existing configurations and require testing before using the feature.
What's new in BlueConic
BlueConic SDK updated for Android and iOS
iOS SDK updates
The BlueConic SDK for iOS has been updated to iOS SDK v2.9.0, requiring Xcode v14.3.1 or higher. Several changes and update include:
The binary distribution files of the SDK have been built for iOS 11. If your mobile app supports a lower version, be sure to embed the Source distribution in your source code.
- Added support for Swift 5.8.1.
Several bugs in the iOS SDK have been fixed with this release:
- Update to the "open timestamp last" property when you configure a BlueConic Rule-Based Form Listener.
- Lightboxes with and without content render correctly.
- Fix to the order of plugin disposal and recreation.
Android SDK updates
The Android SDK has been updated to v3.0.0.
Several changes and updates to note in this release:
- With this release, the SDK target has changed to API 33.
- The minimum SDK target is API 14.
- Library support has changed from Android Support Libraries to the AndroidX library.
- The SDK now supports the Android Gradle Plugin 7.3.1.
- All Android SDK integrations must add the following dependency: implementation 'com.google.code.gson:gson:2.10.1'. See the Android SDK documentation.
- Fixed an issue where events were not sent consistently when moving from one screen to another.
- Fixed an issue where events would not trigger if the Rule Based Form Listener was 'set if empty'; these events trigger as expected now.
Learn more about the BlueConic SDK for Android.
New Microsoft Advertising Connection
The new Microsoft Advertising Connection allows you to send data from BlueConic to Microsoft Advertising to target audiences on search engines and platforms like Microsoft Bing, Yahoo, Outlook, and MSN. This connection supports batch runs to update and create Customer Match lists in Microsoft Advertising.
By sending segmentation and user profile property data to Microsoft, you can more effectively reach targeted audiences with digital ads. With this capability, you can stop targeting entire segments of visitors who are not a good fit for your advertising campaigns or create new look-alike audiences based on data from your highest-performing customers or known and anonymous users.
Welcome to BlueConic University!
The BlueConic Academy is now BlueConic University. Find your personal training courses, master new features, and see what's new in BlueConic. Existing Academy users have accounts in the new system. Reset your password to find your training courses.
July 2023 BlueConic product updates for Release 89
The latest BlueConic product updates in Release 89 were delivered to your tenant between July 1 to July 15, 2023.
New and enhanced features
- New BlueConic app for SSO in the Azure AD gallery
- Enhancements to First-Party Hostname Console
- BlueConic REST API v2
- Authorizing applications in BlueConic via OAuth 2.0
- New Access management menu
- New Iterable Connection
- LinkedIn Connection adds support for BlueConic Lifecycles
- Google Analytics 4 Connection adds exporting associated segments and lifecycles
New BlueConic SSO app added to the Azure AD gallery
BlueConic supports single sign-on (SSO) with a number of identity providers, including Microsoft Azure AD. New with this release is a BlueConic app in the Microsoft Azure AD gallery (see the Azure AD tutorial for details). Using this app streamlines the SSO setup process and enables you to take full advantage of Azure AD features. A new metadata URL is available in BlueConic to make the app setup easier. SSO properties from BlueConic are available through the URL for setting up SSO. This release also adds support for an email claim attribute in BlueConic so the NameID can contain something other than email for matching users from Azure AD to BlueConic, for example, a user principal name (UPN) instead of email as an identifier. For details, see Configuring single sign-on (SSO) via the Microsoft Azure AD application gallery.
Note: Existing customers who already connect to BlueConic via SSO for Azure AD can continue using their existing SSO setup.
Enhancements to First-Party Hostname Console
Changes were made to the hostname setup process in the BlueConic First-Party Hostname Console. These new changes allow you to achieve the benefits of extending cookie lifetime beyond a 7-day timeframe for Apple Safari Webkit-based browsers on Mac, iPad, iPhone, and Apple Watch. They also help to ensure that you can continue to increase the number of customers with a profile, boost site visitor count via a reduction in the number of false unique visitors, and show dialogues to as many online visitors as possible by reducing the risk that ad blockers mistake the BlueConic script for a third-party script.
Newly created BlueConic hostnames will use the new process and existing BlueConic hostnames can be easily migrated over by following these instructions.
REST API v2
In this release, BlueConic announces a major update to our REST API, the BlueConic REST API v2. Our recently updated APIs offer access to a wealth of resources to interact with BlueConic visitor profiles, segments, interactions, and audit events via OpenAPI and OAuth 2.0 authorization flows, making the interconnection between various services more secure, intuitive, and reliable than ever before.
Developers can use OAuth 2.0, the industry-standard protocol for authorization, to authorize apps in BlueConic. Learn more about how to use the BlueConic REST API.
Some highlights of the updated REST API include:
- We've switched to JSON! Both our request body and responses are now entirely JSON-based, making XML a thing of the past.
- We've streamlined our JSON structure. Not only is it more concise now, but it also supports proper data types.
- By default, our endpoints primarily use gzip encoding, ensuring your data is transferred efficiently.
- To keep things compact and swift, the output will be minified by default. However, if you want to view your data in a more readable format, simply add 'prettyPrint=true' to the URL.
OAuth 2.0 authorization
BlueConic has adopted the OAuth 2.0 authorization framework to allow customers to securely authorize external applications to use BlueConic public REST API v2. As part of this adoption, you can now view BlueConic components (e.g., Connections, AI Workbench notebooks) directly in authorized applications.
Several updates and additions were made in the platform to implement OAuth 2.0 functionality, including client credentials flow and authorization code flow, as outlined in the sections below.
Notes about REST API version support
- OAuth 2.0 can only be used with the new REST API v2.
- The BlueConic API Access Connection and OAuth 1.0 can only be used with the BlueConic REST API v1, and not with the newer BlueConic REST API v2.
If you have questions or need assistance, contact BlueConic Support.
Access management option added to BlueConic Settings
A new Access Management option was added under the BlueConic Settings menu to group access-related functionality in the platform. If your user role has permissions for one of the related features, when you select BlueConic Settings > Access Management, the following options appear as individual tabs in a horizontal bar at the top (underneath the main navigation bar).
- Single Sign-On (SSO)
- Access based on IP address
- BlueConic Support access
While the Applications tab is new to the platform, the other Access Management tabs were moved from other areas under BlueConic Settings:
- “Users” and “Roles” were previously accessible through the main BlueConic Settings dropdown.
- “Single Sign-on (SSO),” “Access based on IP address,” and “BlueConic Support access” were previously included on the General page (BlueConic Settings > General).
The settings and functionality on each of these tabs remains unchanged.
Note: Clicking one of these Access Management tabs opens that function on its own screen.
New Applications page added
A new Applications page was added to the platform to allow BlueConic users to authorize external applications to use BlueConic APIs. You can add any new applications and manage all existing applications directly from this new page, which is housed as a tab under the new Access Management option in the BlueConic Settings menu.
Each individual application page includes two sections of information for the user to complete:
- Application information (i.e., details about the application). Fields include:
- OAuth 2.0 flow
- Public client ID
- Client secret
- Redirect URL(s)
- Application website URL
- Application logo (optional)
- Application access (i.e., access settings for the application). Fields include:
- Allow IP address access
For more detailed descriptions of these fields, review the article Application settings.
Note: Only users with the appropriate permissions through the Roles page can access the Applications page and authorize applications, as outlined below.
It is important to note that for privacy and security reasons, BlueConic internal components, such as Connections and Notebooks, each have their own Application credentials and are also listed on this page. These Applications are read-only and have a system user of firstname.lastname@example.org. Internal applications have more stringent, internally-specified access restrictions and don't employ user permissions and application scopes. On the main Applications page, you will find filters in the top right corner to narrow down the applications you want to view. To hide these internal components, use the "Defined by" filter to see only "User defined" applications.
Supported OAuth 2.0 flows
Two types of authorization flow are available for selection through the “OAuth 2.0 flow” field on each application (within the Application information section):
Authorization code flow
The Authorization code flow option is meant for web applications executing on a server and is considered the safer choice with less risk of exposure. With this option selected, a BlueConic user with the "Authorize applications" permission can authorize from within the external application. After verification, the server issues a token for that user’s authorization, displayed on its individual application page in BlueConic.
If necessary, you can revoke a user’s authorization from this page (by clicking the X at the far right of the appropriate row in the Tokens table) or from the external application itself.
For details, see Authorization code flow.
Client credentials flow
The Client credentials flow option allows an external application to programmatically gain access to the BlueConic API without user intervention. This option is meant for server-to-server applications that do not involve end-users.
For details, see Client credentials flow.
Access settings added and reorganized for user roles
- Checkboxes are now arranged by section for better organization. Three sections of checkboxes are displayed:
- Main navigation: Checkboxes include BlueConic objects available through the main navigation menu (e.g., Dialogues, Lifecycles, Groups).
- Settings: Checkboxes include options available through the BlueConic settings menu (e.g., Plugins, Privacy, Profile merging).
- Other: Checkboxes include options that do not fall under the other two sections.
- The “Main navigation” and “Settings” headers each have a main checkbox to select all options at once in that section. (A white checkmark appears in that box if all options are selected; a small white square appears if only certain options are selected.)
- A new “Access Management” box was added in the “Settings” section. Checking this box enables Access Management in the platform and all its tabs for that user role. (It auto-selects the boxes underneath it, each of which pertains to a specific tab, e.g., “Users,” “Roles.”)
- A new “Applications” checkbox was also added, appearing under “Users” in the “Settings” section. For that user role to access the new Applications page and configure the details of an external application, both “Users” and “Applications” need to be checked.
- Note: “Applications” will be disabled by default for all user roles except the out-of-the-box Application Manager role. You can manually add this permission to any other role as desired.
- In the “Other” section, a new checkbox for “Authorize applications” allows that user role to authorize applications to use BlueConic APIs via the redirect page served by the authentication server (when the application’s OAuth 2.0 flow is set to “Authorization code flow”); it also gives them the ability to revoke that authorization.
- Three other checkboxes were added that were not previously included under “Feature access”:
- “Single sign-on (SSO)”: Allows that user role to access the “Single sign-on (SSO)” tab. This checkbox appears under “Users.”
- “BlueConic Support access”: Allows that user role to access the “BlueConic Support access” tab. This checkbox also appears under “Users.”
- “Access based on IP address”: Allows that user role to access the “Access based on IP address” tab.
- Some of these new Access Management checkboxes will be enabled by default for certain user roles:
- In current tenants, any existing user role with “General” enabled on its individual role page will also have “Access based on IP address” enabled.
- In current tenants, any existing user role with both “General” and “Users” enabled will also have “Single sign-on (SSO),” “BlueConic Support access,” and “Access based on IP address” enabled.
- In both new and current tenants, the Application Manager user role will automatically have these Access Management checkboxes enabled: “Applications,” “Single sign-on (SSO),” “Access based on IP address,” and “BlueConic Support access.”
OAuth 1.0a deprecated
To ensure a smooth transition to OAuth 2.0, BlueConic has begun to phase out OAuth 1.0a and will no longer add any new capabilities to the BlueConic API Access (OAuth 1.0a) Connection.
Current customers that already have instances of the BlueConic API Access Connection in their tenant can still add new instances of that connection using the Save as command in the connection's Save menu. New customers and current customers that do not already use the BlueConic API Access Connection can use OAuth 2.0 authentication for API v2 access and applications.
New Iterable Connection
The BlueConic Iterable Connection enables you to enrich BlueConic profiles or groups with data from Iterable subscribers and vice versa. The connection supports scheduled batch import and export to retrieve data from and store data in Iterable.
LinkedIn Connection adds support for BlueConic Lifecycles
You can now add connection goals from the LinkedIn Connection as touchpoints in Lifecycle stages.
Google Analytics 4 Connection updates
In the Google Analytics 4 connection, you now have the option to map and export associated segment and lifecycle data for your profiles.
Note: Google is replacing Universal Analytics (UA) with Google Analytics 4 (GA4) by July 1, 2023. All customers currently using Universal Analytics will need to migrate to GA4. Review our FAQ guide with details about using BlueConic to sync data with Google Analytics 4.
Other updates and bug fixes
Email and SMS rate limits
Email rate limits for Channels & BlueConic Hostname
To enhance our platform's security and efficiency, we've implemented a rate-limit rule for emails triggered through the Channels or BlueConic Hostname user interface. When triggering an email, this will now have a two-minute block period, during which a maximum of two emails can be sent out. This measure is designed to prevent risks associated with automated access and maintain the smooth operation of our services.
SMS rate limits for SMS verification during login
To boost security, we've added a two-minute timeout feature when a user re-enters their phone number as part of the login process. Now, once a phone number is entered for the second time, the submit button will become disabled for 120 seconds, with a countdown timer displayed within the button itself (e.g., “Submit (120)”). Please note, this timeout feature will only activate after our system verifies that the request is linked to a valid username/password combination.
- Our developers fixed a bug in the Profiles tab user interface, which occurred when you opened the Profiles tab after deleting a segment viewed in the tab.
AI Workbench Python dependencies
- Updated the list of Python dependencies for AI Workbench developers