When a user logged in with a SAML external Identity Provider on an older iOS device, a SameSite bug in Safari browsers could cause
a redirect to an error page. This issue has been fixed.
Added an admin section under Smart Security that enables to set a CSP header for user pages.
Onegini IdP can now export security events to OneSee.
These events can be used by Security Information and Event Management (SIEM) systems.
From now on, the option Use stronger coupled Identity Provider is available under Step-up authentication. This option enables a user to use
Identity Providers to increase the authentication level during Step-up authentication.
Improved and updated the documentation on the following topics:
SAML SLO is not executed for identity providers that don't have SingleLogoutService defined in metadata. Because of that change SAML Success response is returned to Service provider instead of PartialLogout after logging out the user.
Added logs for measuring metadata generation time
property name changed from IDP_ERS_ADMIN_API_BASE_URI to IDP_ERS_ADMIN_API_BASEURI
property name changed from IDP_ERS_ADMIN_INSTANCE_ID to IDP_ERS_ADMIN_INSTANCEID
Fixed an issue where verified flag could be set to false on already verified email during sign up via API
Fixed an issue with creating additional UnP identity with id from external Identity Provider
Added possibility to force activation via externally delivered code after accepting invitation
Added new idp AzureAD B2C
Allowing to setup a step up method for the first time even though authentication level is insufficient
Sign up flow is now handled in one transaction to ensure data consistency
Added support for HTTP-Redirect binding used for SLO with external identity provider
Updated controls labels texts in Smart Config admin panel
The dashboard is hidden behind authentication level protection
Introduced new BLOCK_LOGIN action in the AuthenticationPostProcessExtension extension point
Added ability to request a specific authentication method when logging in with an external SAML IdP.
Exposed new dialect for thymeleaf that allows to access flow context storage bean via #flowContext