Introduced new flag Synchronise Attributes on identity provider configuration form that gives possibility to turn on or off attributes synchronisation during sign in.
Improvements
Updated LinkedIn API to version 2
Migrate from Google Plus Sign-In.
Added option to choose Assertion Consumer Service URL in SAML response based on URL or index specified in SAML request.
Fixed profile attributes not returned in SAML response
Fixed issue after removing all custom attributes
SAML error will be returned on authentication with social Identity Provider failure
6.0.0-M4
Features
Added support for profile attributes transformation. For more details see appropriate topic guide.
Added a new search API that includes additional person info (such as account status) in the search result.
A new password policy rule is added which blocks usage of passwords that have been discovered in a data breach. It uses data from haveibeenpwned.com
Improvements
Merged step-up and mobile login callback url configuration and moved it to the Token Server Configuration in System Tab in admin panel.
Search API is now deprecated and additionally available from /api/v1/persons/search-profile, new search api is available under /api/v2/persons/search-profile
Added signature handling to SAML metadata
Added overall and time period user activations statistics to admin panel
Fixed non-unique list of translations in SAML metadata
6.0.0-M3
Features
It is now possible to define an IP range in CIDR format for Identity Providers of LDAP type which will allow only users with matching IP address to login.
Added support for forced authentication in SAML
Improvements
Updated Mobile Authentication APIs
Bug fixes
Fixed blocked and inactive person credentials validation issue
6.0.0-M2
Features
User account can now be activated via activation link sent by email, for more detailed info please refer to person activation chapter in the Onegini IDP documentation
Added versions matrix to keep track of compatibility between the Onegini IDP and IDP Extension SDK
Extended the ProfileAttributesUpdateExtensionPoint extension point which is triggered whenever person's profile attributes are being updated with a new property containing the whole up-to-date profile representation
Added IP range configuration for LDAP identity providers.
Bug fixes
Fixed SAML Single Logout functionality which did not redirect to origin url parameter
6.0.0-M1
Features
Deleted LDAP configuration for mobile login functionality
Moved Mobile step-up authentication related properties to Smart Security - Step-up Authentication configuration section in the admin console, please check upgrade instructions for more info
Moved Mobile Login related properties to Configuration -> Identity Providers configuration section in the admin console, please check upgrade instructions for more info
Improvements
When email tag is not set it will not be returned within the OAuth flows. A sample response structure can be found in the SDK integration docs
Bug fixes
Fixed issue preventing users from performing mobile authentication after external idp login
Fixed an issue with coupling a person who has a / character within external id