# September 2025

## Key Takeaways

* **Hostname Pre-Validation** – Add and validate hostnames before switching DNS, enabling zero-downtime migrations and support for on-premise proxies.
* **Managed Challenges** – Protect projects from malicious traffic surges with automated verification based on request geography or attack likelihood.
* **Custom Identity Provider (Public Beta)** – Use your existing identity provider for Cloud Portal access, permissions, and user management.

## Hostname Pre-Validation

### Move your site to Umbraco Cloud with zero downtime. Hostname Pre-Validation makes hostname migrations smooth and risk-free

Pre-validating hostnames allows you to prepare domains before pointing DNS to Umbraco Cloud. This ensures TLS certificates are issued and routing is active ahead of time, so projects can go live instantly once DNS is updated.

* **Zero-downtime hostname migration** – Move production domains to Umbraco Cloud without service interruptions.
* **On-premise proxy support** – Keep using your existing proxy or Web Application Firewall (WAF) setup while preparing hostnames in Umbraco Cloud.

<figure><img src="https://3739769070-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPzKn70Piyd2fd5UkYZGf%2Fuploads%2Fgit-blob-8635c0c9132ba79a5b845fbdccee098744bc8f07%2Fpre-validation-status-modal.png?alt=media" alt="A screenshot of the Pre-Validation status modal"><figcaption></figcaption></figure>

This means safer go-lives and improved domain management. See the [Hostname Pre-Validation documentation](https://docs.umbraco.com/umbraco-cloud/go-live/manage-hostnames/hostname-pre-validation) for a full overview of how to use the feature.

## Managed Challenges

### Managed Challenges keep bots out and let your real users in

When websites face unusual load, whether from bots, scraping, or coordinated attacks, Managed Challenges step in. Requests that do not meet the threshold are automatically served a lightweight CAPTCHA that helps filter out bad traffic.

* Can be applied globally, per hostname, or even per continent.
* Works seamlessly alongside the built-in WAF.

WAF sensitivity and Manage Challenge features can be applied in Security Settings:

<figure><img src="https://3739769070-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPzKn70Piyd2fd5UkYZGf%2Fuploads%2Fgit-blob-a35ac76fa4d5401061457173514664e0501d7298%2Fsecurity-settings.png?alt=media" alt="A screenshot of the Security Settings with the new features for Managed Challenges"><figcaption></figcaption></figure>

You get added resilience without manual intervention and tools to ensure resources are spent serving customers, not malicious requests. Read more about the new features in the updated [Managing Transport Security documentation](https://docs.umbraco.com/umbraco-cloud/build-and-customize-your-solution/set-up-your-project/security/managing-transport-security)

## Custom Identity Provider (Public Beta)

### Use your own identity provider to manage Cloud Portal access

You can now connect identity providers, like Microsoft Entra ID, Octa, or Google, directly to your Umbraco Cloud organization. This lets team members sign in with familiar credentials and manage project permissions through their existing setup.

* Centralized authentication with OpenID Connect.
* Map roles and project access directly from your provider.
* Keep audit logs of external login usage.

<figure><img src="https://3739769070-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPzKn70Piyd2fd5UkYZGf%2Fuploads%2Fgit-blob-33c04a915fd74104eb095c067c6913c68a740000%2Forganization-external-login-provider.png?alt=media" alt=""><figcaption></figcaption></figure>

Enterprises and organizations can rely on centralized account management with industry-standard security. This means less time spent managing accounts and permissions, whether you're onboarding or offboarding.

Custom Identity Providers for Cloud organizations is currently in Public Beta, and we aim for full release early October. If you have any feedback or encounter issues with the feature, reach out to us on <beta-cloud-portal-login-providers@umbraco.dk>. For a full overview of the features and how to use them, see the [Organization Login Providers documentation](https://docs.umbraco.com/umbraco-cloud/begin-your-cloud-journey/the-cloud-portal/organizations/organization-login-providers).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.umbraco.com/umbraco-cloud/release-notes/archive/overview-2025/2025-09-03-releasenotes.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.