Luminate Online Version 21 Release Notes
Version 21.6 Release Notes
November 2021
The Luminate Online 21.6 release contains general security updates, product updates, and resolved issues.
Product Updates
The 21.6 release contains the following enhancements:
Fraud Management
Easily manage constituents created by fraudulent transactions in the Fraud Management center.
When a fraudulent transaction creates a constituent record, the record is tagged as suspicious. You can remove or resolve the records one by one, or in bulk.
See Fraud Management for more details.
Secure a Luminate Online API-based donation form with Google reCAPTCHA v3
API-based donation forms can now use Google's reCAPTCHA v3 to ensure that submissions come from real donors and prevent fraud over the API request channel.
See Secure donations with Google reCAPTCHA v3 to get started!
Accept PayPal with Blackbaud Checkout
If you have a PayPal Business account, PayPal is available as a payment method for one-time payments in the Blackbaud Checkout donation form!
Just configure your Blackbaud Merchant Services gateway to use PayPal, and a Paypal option will automatically display as a payment option in Blackbaud Checkout .
For setup instructions, see Knowledgebase article 196074.
For help understanding the difference between enabling PayPal for Blackbaud Checkout and the PayPal enablement offered by Blackbaud Services, see PayPal Options in Luminate Online and TeamRaiser.
Multi-Factor Authentication for administrators
You can now choose to enable multi-factor authentication (MFA) for administrator access to Luminate Online.
Multi-Factor Authentication (MFA) is an authentication method that requires a user to provide two or more verification factors to access a resource. Rather than just supplying a username and password to access Luminate Online, administrators will also enter a code sent to their email address when this feature is enabled.
How does MFA for Luminate Online administrators work?
For administrator MFA, Luminate Online uses one-time passwords (OTP).These OTPs are 6-digit codes sent to the email address of the administrator. New OTP codes generate occasionally, based on comparative data of the administrator.
An administrator copies the code from their email and enters it into the Luminate Online login page to access Luminate Online.
For more information, see Multi-Factor Authentication for Administrators.
Resolved Issues
Administrator
| Bug | Description |
|---|---|
|
1888243 |
When reCAPTCHA v3 is enabled on a donation form, the "please wait" dialog box doesn't display when the donate button is clicked multiple times. The "please wait" dialogue now displays on donation forms when the donate button is clicked multiple times. |
|
1902571 |
In Google Chrome, credit card fields no longer give the option for auto-complete with saved payment information. Credit card field auto-complete functions in Google Chrome. |
Donation forms
| Bug | Description |
|---|---|
|
1888243 |
When reCAPTCHA v3 is enabled on a donation form, the "please wait" dialog box doesn't display when the donate button is clicked multiple times. When reCAPTCHA v3 is enabled on a donation form, a "Please wait," message now displays when the Donate button is clicked multiple times. |
|
1895367 |
For donations, Blackbaud Checkout applies the campaign security category, rather than the donation form security category. Blackbaud Checkout now applies the donation form security category to donations instead of the campaign security category. |
| Bug | Description |
|---|---|
|
1785210 |
Email status doesn't consistently reflect hard bounces. Email status correctly reflects hard bounces. |
|
1919165 |
When there's a large number of email recipients, the Cross Campaign Email Performance dashboard doesn't include certain sites. The Cross Campaign Email Performance dashboard displays all expected information. |
TeamRaiser
| Bug | Description |
|---|---|
|
1487655 |
After Luminate Online 16.1, Delayed Self-Pledges sometimes result in a failed charge and are altered. Delayed Self-Pledge balances are recorded and reported correctly. |
|
1551421 |
Constituents are not always added to the default web services partition when they're created or after duplicate correction. Constituents are added to the partition when they are created, or when potential duplicates are resolved, if they exist. |
|
1746704 |
Event registration by the constituent on the constituent record page resets email status from "Good" to "Unknown." Event registration does not change "Good" email status to "Unknown." |
|
1796288 |
In Chromium browsers, the login for custom Participant Center 3 centers sometimes fails due to old cookies/session IDs. Custom Participant Center 3 centers load consistently using new session IDs at log in on Chromium browsers. |
|
1909146 |
Using the API call for the TeamRaiser Event Manager list doesn't return the full list. The API call to return the event manager list now returns a complete list. |
Web Services
| Bug | Description |
|---|---|
|
1551421 |
Constituents are not always added to the default web services partition when they're created or after duplicate correction. Constituents are added to the partition when they are created, or when potential duplicates are resolved, if they exist. |
Version 21.5 Release Notes
August 2021
The Luminate Online 21.5 release contains general security updates in addition to the following product updates and resolved issues.
Product Updates
New Luminate Logo
We've updated the Luminate logo which appears in the upper left hand of your Luminate window.
Resolved Issues
Administrator
| Bug | Description |
|---|---|
|
1856765 |
The banner on the admin login page is broken or blocked in Chrome and Firefox. The banner appears as expected. |
API
| Bug | Description |
|---|---|
|
1730724 |
API logs show URL domains for other customer sites. API logs show only the customer site URL domains. |
Calendars
| Bug | Description |
|---|---|
|
1855395 |
Calendar Events display an incorrect error when users attempt to select a quantity of tickets. Selecting a quantity of tickets for Calendar Events works as expected. |
|
1858411 |
The HTML code is missing a close tag. The HTML missing tag is now in place. |
Constituents
| Bug | Description |
|---|---|
|
1697302 |
Custom constituent imports change email_status to "Unknown" on existing constituents that have an email address that doesn't match the imported email address even with "Overwrite ONLY blank values" set. Only a blank Email_status is changed during constituent imports when "Overwrite ONLY blank values" is set. |
|
1833193 |
Email addresses containing an apostrophe are not recognized when screening for duplicate constituent records. When screening for duplicate constituent records, email addresses containing an apostrophe are now recognized. |
Content
| Bug | Description |
|---|---|
|
1537049 |
Chrome Console displays a Content Security Policy (CSP) directive warning indicating that the endpoint will be ignored because the endpoint URL starts with http. CSP endpoint URLs starting with http are converted to https, preventing trigger of the CSP directive warning. |
Donations
| Bug | Description |
|---|---|
|
1652409 |
Invalid values entered in the sender email field of donation forms are accepted and stored. Donor email is validated by the API so donors cannot submit the form with an invalid donor email address. |
|
1768849 |
Blackbaud Checkout is not compatible with responsive donation form payment processing when jQuery 1.11.1 or greater is used in the PageWrapper. Blackbaud checkout is now compatible with responsive donation forms using jQuery 1.11.1 or greater. |
|
1773862 |
Declined ACH transactions charged via BBMS are recorded as successful transactions. Validation was added so that declined ACH transactions charged via BBMS are recorded as refunds or declined transactions. |
|
1832243 |
Newly-entered and updated Designated Giving information is not immediately available due to site caches not clearing. Automatically clearing the cache is now part of the process of uploading data to Designated Giving; therefore, added information is immediately available. |
MultiCenter
| Bug | Description |
|---|---|
|
1590553 |
Assigning constituents to a center-specific interest group via an API call gives a false completion message without adding the interest to the constituent profile. A center-specific interest can be added to a constituent record via an API call, whether or not the constituent is already a member of that center. If the constituent is not a member of the Center at the time the center-specific interest is added, the constituent is added to the Center. |
Reports
| Bug | Description |
|---|---|
|
1807106 |
Some reports do not function due to blocking of POST requests containing XML. POST requests containing XML are no longer blocked. Reports run as expected. |
TeamRaiser
| Bug | Description |
|---|---|
|
1701138 |
Delayed Self Pledge (DSP) donations are recorded as registration payments. DSP payments are recorded as donations rather than as registration payments. |
|
1795277 |
Image list is missing from the Insert/Edit Image display when designing Coaching Emails in TeamRaiser. The Insert/Edit Image display contains a functional Image URL dropdown menu for browsing and selecting uploaded images. |
Version 21.4 Release Notes
July 2021
The Luminate Online 21.4 release contains general security updates and the following product update and resolved issues.
Product Updates
Club RSS Feeds feature removed
Previously, adding an RSS feed to a Club component in the Content Editor was possible. This feature reached end of life and is no longer available. This impacts Clubs only. RSS feeds in other applications remain available.
Resolved Issues
Blackbaud Checkout
| Bug | Description |
|---|---|
|
1757255 |
Checkout page fails to load when using jQuery version 3.6.0. Blackbaud Checkout page loads correctly when used with jQuery versions 1.11.1 or newer. |
Calendar Events
| Bug | Description |
|---|---|
|
1721756 |
Clicking a calendar event multiple times results in duplicate registrations. Registrations can only be submitted once. Repeatedly clicking the submit button does not result in duplicate registrations. |
Survey
| Bug | Description |
|---|---|
|
1580479 |
Survey response query duplicates data in resulting report. Survey response query reports each result once. |
Version 21.3 Release Notes
April 2021
The Luminate Online 21.3 release contains the following product updates and resolved issues.
Note: We will be rolling out changes to report access in Reports Classic in the coming weeks. If you lose access to a report review your security settings and/or contact Blackbaud support.
Product Updates
The 21.3 release contains the following enhancements, including suggestions from the Luminate Ideas Portal:
reCAPTCHA verification on registration pages
reCAPTCHA verification on registration pages
Google reCAPTCHA v3 can now be enabled on constituent-facing User Registration pages. This feature, when enabled, displays a reCAPTCHA logo on the User Registration page, and runs an algorithm to verify that users are humans, not machines. If the user doesn't pass the reCAPTCHA test, the system returns an error message and the registration is not processed. This helps cut down on hacking attempts and fraudulent registrations.
Navigate to Setup > Site Options.
Select All from the Select a Site Option Group to view dropdown menu, and click the Go button.
Scroll down to CONS_PROFILE_CAPTCHA_ENABLED, and type TRUE in the text field.
Scroll down to SEC_CAPTCHA_VERSION, and type RECAPTCHA_V3 in the text field.
Note: This change will enable reCAPTCHA v3 site-wide in every place where CAPTCHA is used, including Survey CAPTCHA questions and TeamRaiser Registration CAPTCHA questions.
Click the Save button.
Increased password security
We are strengthening administrator password requirements to enhance protection of your accounts. When resetting your password, you cannot reuse any of your previous six passwords. See Administrator Passwords, Changes to Blackbaud Luminate Online Logins, and To send the reset-password email for more information on resetting passwords.
Responsive design for User Login, User Name Recovery, and Password Recovery pages
Users interact with your sites via computer, tablet, and phone. Responsive design allows your information and interface displays to adjust to the screen size of the user's device. Interfaces and information that do not adjust for screen size often display in an ugly and ineffectual way.
Page displays still default to the traditional layout. Administrators may opt to enable the responsive design for User Login, User Name Recovery, and Password Recovery pages.
Site administrators access the responsive design settings in the Setup > Site Options section of Luminate Online. See Site Options.
Scroll to the USER_LOGIN_USE_RESPONSIVE_LAYOUT option, and type TRUE in the text field. Click the Save button.
Updated credit card information autofill
Credit card information autofill no longer includes CVV. Automatically filling fields in forms makes interactions easier for your donors and participants. However your audience is more focused on information security than ever before. The CVV is like a password for a credit card. Having the user enter the CVV manually gives added control and protection.
Resolved Issues
API
| Bug | Description |
|---|---|
|
1676992 |
Registration with custom API-based tool does not retain company affiliation for returning teams. Updated API method returns and incorporates company affiliation during returning team registration. |
Constituent360
| Bug | Description |
|---|---|
|
1651889 |
Using "Find Address" with a valid UK Postcode containing spaces results in error "Unable to perform address lookup at this time." Automatic reformatting of postcodes containing spaces now results in correct lookup results. |
Donations
| Bug | Description |
|---|---|
|
1717003 |
Donation amounts entered in the Other Amount field on donation forms display outside the donation level box. Corrected code in donation form templates to display information appropriately. |
ReCAPTCHA
| Bug | Description |
|---|---|
|
1699427 |
Setting the SDP SEC_CAPTCHA_VERSION to RECAPTCHA_V3 prevents email functionality from working in the Champion Center of Personal Fundraising. Personal Fundraising Champions can now successfully send email from the Champion Center when Google reCaptcha is enabled on the site. |
Report Writer
| Bug | Description |
|---|---|
|
1709723 |
Filters in Report Writer intermittently not saving. Saving Report Writer filters is now consistent and reliable. |
Surveys
| Bug | Description |
|---|---|
|
1731759 |
Using responsive Survey display settings returns Technical Difficulties error. Survey settings can include responsive display and send properly without returning errors. |
TeamRaiser
| Bug | Description |
|---|---|
|
1633248 |
When a new constituent is created from a FaceBook donation, special characters show ¿ or @ instead of the correct accent mark. Creating a new constituent from a Facebook donor now uses the correct accent mark. |
Version 21.2 Release Notes
March 2021
The Luminate Online 21.2 release contains internal improvements and enhancements.
February 2021
The Luminate Online 21.1.1 release contains the following product updates and resolved issues.
Product Updates
The 21.1.1 release contains the following enhancements, including suggestions from the Luminate Ideas Portal:
Mobile-optimized Surveys
Optimize your Surveys for mobile phone and tablet views with a new responsive layout.
When creating or editing a survey, scroll to the new Survey Layout option and select Yes, display the responsive layout to optimize your survey for mobile phones and tablets. The layout applies to all survey question types.
To quickly see which layouts are set on your surveys, review the Survey List.
By default, surveys are set to the Standard (original) layout to avoid disruption of custom styling or JavaScript on existing surveys. You'll set the responsive option on individual surveys so you can test the results.
You can also add a URL parameter to preview a survey in the responsive layout. To view a non-embedded survey in the responsive layout, whether it is designated as responsive or standard, add the parameter, &responsive_layout=true, to the end of the survey's URL.
The responsive setting is also respected by the S28 S-Tag.
Mobile-optimized Email Unsubscribe Page
Transform the default unsubscribe page experience into a mobile-friendly, responsive design.
To update your email unsubscribe page to a responsive layout, contact Blackbaud Support.
Interactive chart and graph enhancements for administrators
Administrators in Luminate Online will see improvements to charts and graphs from the enhancement of replacing PopChart Server with ChartJS. The ChartJS chats and graphs display in various places. These are interactive charts and customizable so you can work to identify data that is most meaningful to your organization.
The image below shows a before (PopChart) and after (ChartJS) example using the House File History chart.
To watch how you can interact with the charts and graphs, see the following examples.
The updated charts and graphs display in various locations in the Luminate Online administrator interface, including:
The Administrator homepage: Page Builder > Edit Content > Report Results Chart
Reports Classic > Analysis and Timeline Reports
Survey Result Report
Advocacy Updates
Further improvements were made to the Vote Center to ensure accuracy of data such as when an elected official has a change of title, or the official is ineligible to vote.
Note: In some cases, such as when a representative is promoted in the middle of the legislative year, asterisks display next to the official's name because no previous votes are registered for the official in that new role.
As elected officials become available for contact, Advocacy Targets are refreshed to include the officials.
Security Updates
We've added additional security enhancements, including the removal of autocomplete for administrator credentials, and updated password policies for all Luminate Online administrator accounts.
Starting with this release, all Luminate Online administrator passwords must now contain:
A minimum of 12 characters
Both alpha and numeric characters
A minimum of 1 special character (For example, . #/$/%/&/@)
Passwords must not include a User ID, organization name, or other common dictionary word or phrase
Administrators who attempt to log in with a password that doesn't meet these requirements will be prompted to change their password. Administrators must change their password every 90 days.
Resolved Issues
API
| Bug | Description |
|---|---|
|
1583644 |
The donate method API call allows a mismatch between a donation level ID that is set to Administrators Only and the Donations Classic form ID Donations made via a donate API call are validated to ensure a match between the donation level and donation form ID. |
Fraud Management
| Bug | Description |
|---|---|
|
1631712 |
The Fraud Management page occasionally times out or performs slowly The Fraud Management page now loads normally. |
Report Writer
| Bug | Description |
|---|---|
|
1608614 |
Following the last release, the Report Writer Transaction Details report returns no data when eCommerce "Store" or "Order" columns are selected in addition to Interaction Source columns The Transaction Details report returns data as expected and no longer displays a "No data found for report" message when eCommerce and Interaction Source columns are chosen for the same report. |
TeamRaiser
| Bug | Description |
|---|---|
|
1619326 |
In Participant Center 2, the connection to a Facebook Fundraiser should be disabled when the TeamRaiser is not accepting gifts Now when a TeamRaiser is not accepting gifts, the button to connect to a Facebook Fundraiser no longer displays in Participant Center 2. |