Release notes 10.x versions

10.0.0-M2

Added support for PEM encoded PKCS #8 RSA keys in the certificate configuration of a SAML Identity provider.
SAML signature and encryption can be configured with PEM encoded PKCS #8 RSA keys.
SAML IdP Metadata URI cache TTL can be configured.
SAML SP binding order can be rearranged.
Geolocation data is available when using Mobile Authentication with Push or One Time Password (OTP).

Zip archives loaded into the system are checked against most common vulnerabilities.
Token Introspection will include updated Person API details if the User Info endpoint is configured.
Templates have been migrated to ThymeLeaf 3.0.
Locale can be passed to Onegini CIM.
Refresh Token exchange is more reliable for mobile applications.
Docker images use OpenJDK.

Specifying an Identity Provider (IdP) in the Authorization flow now works as expected.
SAML SP will check with the IdP's capabilities when choosing the binding protocol.
Admin/Config API list response is aligned with the documentation.
Authentication Level is properly passed back in user details when using the ROPC grant type.
Mobile Auth v4 with push allows for SMS fallback when no device_id is provided.
API exceptions will no longer return HTML in some situations.
Minor JavaScript issues have been fixed in the Admin console.

Expose API to manage Application versions.
Use JSON Web Tokens (JWT) as Access tokens for Web clients.
OpenID Connect: encrypt ID Tokens.
The Application identifier is added to the response for available authentication options for a user.