Release notes 9.x versions

9.1.2

Improvements

9.1.1

Bug Fixes

  • Specifying an Identity provider in the Authorization flow now works as expected.

9.1.0

Improvements

  • Zip archives loaded into the system are now checked against most common vulnerabilities.
  • Token Introspection will now include updated Person API details if the User Info endpoint is configured.
  • Docker images now use OpenJDK

Bug Fixes

  • SAML SP will now check with IDP's capabilities when choosing the binding protocol
  • API/Web client API list response is now aligned with documentation
  • Minor JavaScript issues have been fixed in Admin console

9.0.3

Features

Bug Fixes

  • Client Secret is now properly hashed when an API client is updated via API
  • Creating an API/Web Client is now possible without specifying the architecture attribute
  • Fixed error with incorrect redirect url when using an OAuth Identity Provider
  • Client Credentials grant type now works correctly with OpenID Connect
  • OpenID Connect Configuration is now possible via the Web Client API
  • Corrected some OpenID Connect session management documentation
  • Fixed failing database migration for Oracle
  • Several security fixes

9.0.2

Improvements

  • Confirmation when logging out using end-session endpoint for OpenID Connect
  • Updated Java version in Docker images
  • General performance improvements for Insights

Bug fixes

  • OpenID Connect and SAML SLO redirect loop fixed when SLO was off
  • Admin console username search trims input values before searching
  • Redis will respond appropriately when a key does not exist
  • App versions are sorted properly in the Admin console
  • Access tokens with simultaneous sessions and refresh tokens enabled are now cleaned up properly

9.0.1

Bug fixes

  • Fixed issue with database migration for MS SQL database

9.0.0

Features

  • Added support for SAML assertion encryption
  • Added support for artifact binding in IdP authentication flow
  • Added Multi-Device support for Mobile Authentication
  • Extended OpenID Connect implementation
    • Added OpenID Connect Discovery (.well-known/openid-configuration)
    • Implicit and Basic flows
    • JWT-JWK support
    • Session Management including Front Channel Logout
    • Integration with SAML SLO
  • Added APIs for Web client configuration
  • Fully integrated with Onegini Insights which is a new application that gathers statistics data and presents results in easily readable charts
    • Statistics can be shown on admin Insights page

Improvements

  • Removed Keystore password from SAML Service Provider configuration page in the Admin console
  • Configuration of key enrollment override feature is removed - this is now always enabled
  • Admin UX enhancements
  • Users can now bulk delete their devices via API

Bug fixes

  • For MS SQL database the ANSI_PADDING is now set to ON
  • SAML may use the default Identity Provider now