Extended response returned from Session API by two new fields (idp_id and external_id)
Extended Action Token Login functionality, please see Action token login for more details
Added link to login via Action Token Link feature on migration login view, please see Login in with action token link for more details
Extended Origins Whitelist functionality to validate additional URLs, therefore it was renamed to Redirect URL Whitelist, please see Redirect url whitelist for more details
API error code have been added: 1043 - Custom attribute's value is too long.
5.1.0
Features
API error codes have been updated:
Verify if person is coupled API: 1027 -> 1030
Fetch multiple persons profiles API: 1021 -> 1042
Bad request error response: 1020 -> 1041
Update person - attempt to define more than one primary email address: 1019 -> 1040
Added new INACTIVE person account status to support flows that require additional person activation. See person activation topic guide for detailed information.
Please note that feature previously named Activation enabled related to invitation flow has been renamed to Accepting invitation enabled in the admin panel
Improvements
Removed Axon Event Replay functionality from the Onegini IDP admin console
Improvements
Made mobile callback url configurable via admin panel.
Bug fixes
Fixed SAML Single Logout functionality which in some cases was trying to communicate over a binding that was not supported by the SP
5.0.8
Bug fixes
Fixed authentication level not being returned as part of the SAML response when ECP binding is used
5.0.7
Bug fixes
SAML error will be returned on authentication with social Identity Provider failure
5.0.6
Bug fixes
Fixed blocked and inactive person credentials validation issue
Added missing prefix to partitioning feature property descriptor
Fixed non-unique list of translations in SAML metadata
Improvements
Updated LinkedIn API to version 2
Migrate from Google Plus Sign-In.
5.0.5
Bug fixes
Fixed SAML Single Logout functionality which did not redirect to origin url parameter
5.0.4
Improvements
Made mobile callback url configurable via admin panel
Bug fixes
Fixed an issue with coupling a person who has a / character within external id
5.0.3
Bug fixes
Unable to set ACCESS_EXTERNAL_SCHEMA property warning no longer appears in the logs
Fixed issue preventing some of the users to login with SAML ECP binding
5.0.2
Bug fixes
Fixed issue preventing users from logging in using FacebookApp
5.0.1
Improvements
Person partitioning support for certain edge case scenarios
Bug fixes
Changed error code for person coupling /api/persons/couple/ from 1027 to 1030
person is unique within partition - by default the default partition will be created
extension providing mapping from hostname to person's partition id and related variant code
for API & SAML request the new header was introduced: X-Onegini-Persons-Partition-Id
Fully integrated with Onegini Insights which is a new application that gathers statistics data and presents results in easily readable charts
Statistics can be shown on admin Insights page
Introduced new endpoint to credentials API which allows to validate the Action Token
Added possibility to encrypt SAML assertion in case service provider metadata contains encryption credentials
Extended SAML CIM metadata by providing encryption assertion which allows to encrypt assertion returned by another IDP in case CIM works as service provider
Improvements
Extended post-process actions to support more sophisticated actions with ui-extensions
Changed the google endpoints used for google sign in to gather more user data - check update instructions for required configuration changes
Updated to OpenSAML v3
Moved ui-extension data to a new tab under Admin Console that allows to configure:
Base Ui-Extension url
Option to force login from Ui-Extension and to provide its path
Added last login date to connected devices dashboard
Added possibility to remove unmapped custom attributes in SAML response
Remove deprecated mail attribute from mapping configuration on the Identity Provider level in Onegini IDP admin console
Bug fixes
Fixed problem with resolving default messages defined in extension
Fixed problem with accessing CIM via IP address
Fixed issue prevent the admin from defining a new organization when language with variant code was selected as default
The Onegini IDP when behaving as a SAML Service Provider will communicate that it expects the AuthnResponse to be provided with Artifact
Enlarged the textArea used for providing the SAML metadata shown in the Service Provider configuration view
Fixed problem with resolving default messages defined in extension
Added missing upgrade instructions for the 4.4.0 version
Database migrations
Please note that this version of the Onegini IDP contains database migrations which can take noticeable amount of time (few minutes) when run on large volume of data