Release notes 10.x versions
- Fixed configuration issue with in-memory password authentication after Spring Boot 2 upgrade.
- Zip archives loaded into the system are checked against most common vulnerabilities.
- SAML signature and encryption can be
configured with PEM encoded PKCS #8 RSA keys.
- Added support for PEM encoded PKCS #8 RSA keys in the certificate configuration of a
SAML Identity provider.
- SAML IdP Metadata URI cache TTL can be configured.
- The Application identifier is added to the response for available authentication options for a user.
- Token Introspection will include updated Person API details if the User Info endpoint is configured.
- Added bulk delete support to the Device API when using a list of device identifiers.
- Templates have been migrated to ThymeLeaf 3.0.
- Locale can be passed to Onegini CIM.
- Upgraded to Spring Boot 2.
- Switched to OpenJDK 11 in Docker images.
- UX improvements in the Admin console.
- Application Property changes via the Admin console no longer require the Onegini Token Server(s) to restart for changes to take effect.
- Some of the caches can be cleared from the Admin console.
- Added support for acr_values with OpenID Connect.
- Specifying an Identity Provider (IdP) in the Authorization flow now works as expected.
- SAML SP will check with the IdP's capabilities when choosing the binding protocol.
- Admin/Config API list response is aligned with the documentation.
- Authentication Level is properly passed back in user details when using the ROPC grant type.
- Mobile Auth v4 with push allows for SMS fallback when no
device_id is provided.
- API exceptions will no longer return HTML in some situations.
- Refresh Token exchange is more reliable for mobile applications.