Enhancements and bug fixes - February 2025

The following changes are included in this release.

Upcoming removal of SMS multifactor authentication method. In October, we made multifactor authentication mandatory for all users. As an additional security measure, the SMS MFA method will be removed in April. If you’re still using SMS, you will be prompted to set up a more secure MFA method, and your registered SMS MFA devices will be automatically deleted from Elastic Cloud.

Fix an issue for indices with blocks literally set as null instead of false. If an index is created with the literal null value rather than false for a block in its settings, then that is what Elasticsearch returns even if it should be interpreted as false. With this fix, Elasticsearch Service now properly maps this to false.

Disable prompt=login and sign out of Okta before initiating SSO. Fixes an issue when using organization SAML SSO where users are required to re-authenticate with the external IdP due to ForceAuthn=true being sent in SAML requests. SAML requests will now send ForceAuthn=false.