Release notes 5.x

5.2.0

Features

  • Extended response returned from Session API by two new fields (idp_id and external_id)
  • Extended Action Token Login functionality, please see Action token login for more details
  • Added link to login via Action Token Link feature on migration login view, please see Login in with action token link for more details
  • Extended Origins Whitelist functionality to validate additional URLs, therefore it was renamed to Redirect URL Whitelist, please see Redirect url whitelist for more details
  • API error code have been added: 1043 - Custom attribute's value is too long.

5.1.0

Features

  • API error codes have been updated:
    • Verify if person is coupled API: 1027 -> 1030
    • Fetch multiple persons profiles API: 1021 -> 1042
    • Bad request error response: 1020 -> 1041
    • Update person - attempt to define more than one primary email address: 1019 -> 1040
  • Added new INACTIVE person account status to support flows that require additional person activation. See person activation topic guide for detailed information. Please note that feature previously named Activation enabled related to invitation flow has been renamed to Accepting invitation enabled in the admin panel

Improvements

  • Removed Axon Event Replay functionality from the Onegini IDP admin console

Improvements

  • Made mobile callback url configurable via admin panel.

Bug fixes

  • Fixed SAML Single Logout functionality which in some cases was trying to communicate over a binding that was not supported by the SP

5.0.8

Bug fixes

  • Fixed authentication level not being returned as part of the SAML response when ECP binding is used

5.0.7

Bug fixes

  • SAML error will be returned on authentication with social Identity Provider failure

5.0.6

Bug fixes

  • Fixed blocked and inactive person credentials validation issue
  • Added missing prefix to partitioning feature property descriptor
  • Fixed non-unique list of translations in SAML metadata

Improvements

  • Updated LinkedIn API to version 2
  • Migrate from Google Plus Sign-In.

5.0.5

Bug fixes

  • Fixed SAML Single Logout functionality which did not redirect to origin url parameter

5.0.4

Improvements

  • Made mobile callback url configurable via admin panel

Bug fixes

  • Fixed an issue with coupling a person who has a / character within external id

5.0.3

Bug fixes

  • Unable to set ACCESS_EXTERNAL_SCHEMA property warning no longer appears in the logs
  • Fixed issue preventing some of the users to login with SAML ECP binding

5.0.2

Bug fixes

  • Fixed issue preventing users from logging in using FacebookApp

5.0.1

Improvements

  • Person partitioning support for certain edge case scenarios

Bug fixes

  • Changed error code for person coupling /api/persons/couple/ from 1027 to 1030

5.0.0

Features

  • Added support for brand specific messages:
    • message files can now contain brand information, so each brand can have different messages
  • Added support for person's partition:
    • person is unique within partition - by default the default partition will be created
    • extension providing mapping from hostname to person's partition id and related variant code
    • for API & SAML request the new header was introduced: X-Onegini-Persons-Partition-Id
  • Fully integrated with Onegini Insights which is a new application that gathers statistics data and presents results in easily readable charts
    • Statistics can be shown on admin Insights page
  • Introduced new endpoint to credentials API which allows to validate the Action Token
  • Added possibility to encrypt SAML assertion in case service provider metadata contains encryption credentials
  • Extended SAML CIM metadata by providing encryption assertion which allows to encrypt assertion returned by another IDP in case CIM works as service provider

Improvements

  • Extended post-process actions to support more sophisticated actions with ui-extensions
  • Changed the google endpoints used for google sign in to gather more user data - check update instructions for required configuration changes
  • Updated to OpenSAML v3
  • Moved ui-extension data to a new tab under Admin Console that allows to configure:
    • Base Ui-Extension url
    • Option to force login from Ui-Extension and to provide its path
  • Added last login date to connected devices dashboard
  • Added possibility to remove unmapped custom attributes in SAML response
  • Remove deprecated mail attribute from mapping configuration on the Identity Provider level in Onegini IDP admin console

Bug fixes

  • Fixed problem with resolving default messages defined in extension
  • Fixed problem with accessing CIM via IP address
  • Fixed issue prevent the admin from defining a new organization when language with variant code was selected as default
  • The Onegini IDP when behaving as a SAML Service Provider will communicate that it expects the AuthnResponse to be provided with Artifact
  • Enlarged the textArea used for providing the SAML metadata shown in the Service Provider configuration view
  • Fixed problem with resolving default messages defined in extension
  • Added missing upgrade instructions for the 4.4.0 version

Database migrations

  • Please note that this version of the Onegini IDP contains database migrations which can take noticeable amount of time (few minutes) when run on large volume of data