Release notes 5.x versions

5.8.0

Improvements

  • Change from HTTP-POST binding to HTTP-Redirect binding in SAML Authentication requests.
  • Update MariaDB driver from 1.5.9 to 2.0.3.

5.7.4

Improvements

  • Security improvements

5.7.3

Improvements

  • Security improvements

5.7.2

Bug fixes

  • Fixed building redirect uri when only the X-Forwarded-Proto header is set in the request

5.7.1

Bug fixes

  • Fingerprint authentication was allowed even though the functionality was disabled in the admin. Only affected users that had fingerprint authentication enabled.

5.7.0

Improvements

  • Added ability to set scope verification service settings via environment variables.
  • Moved "API" tab to the "Systems" page in the admin console.
  • Improved UX for the admin console events table by moving details to an expandable view.
  • Test client now supports the new mobile authentication enrollment flows.
  • Restructured and cleaned up the end user API documentation.
  • Removed support for Windows devices.
  • Added Device API V3 to distinguish between mobile auth and mobile auth with push enrollments.

Bug fixes

  • Several bugfixes in the admin events log.
  • Fix labels on app installations page.
  • Set admin cookies to secure.
  • Fixed base64 parsing bug in the key enrollment endpoint.
  • Disable AJAX request caching in two-way OTP template.
  • Added application/xml content type to SAML metadata endpoint.
  • Fixed device API bug that did not distinguish between mobile auth and mobile auth with push (breaking change, requires new V3 API).
  • Fixed bug where user was not completely deregistered in some scenarios.

5.6.0

Improvements

  • Improve OAuth client configuration in admin panel.
  • Move cache TTL values from etcd to be configurable via the admin panel.

Bug fixes

  • Added database migration to remove lingering OTP IdPs (support was discontinued in 5.01.00).
  • Fixed bug in mobile authentication API when checking availability for a user, when the user had multiple devices enrolled.
  • Restrict admin mobile authentication request TTL to be equal to or smaller than the cache TTL.
  • Fixed default etcd property generation bug.

5.5.2

Bug fixes

  • Fixed SAML response validation for SSO responses

5.5.1

Improvements

  • Shorten the OTP which makes a QR easier to scan.
  • Hide the Mobile authentication section when configuring an app version and the mobile authentication feature is disabled.

Bug fixes

  • Fixed the Oracle database migration for version 5.5.0.

5.5.0

Features

  • Added OTP authentication as a new mobile authentication method, in addition to push and SMS.
  • The test client UI now works on mobile devices.

Improvements

  • Restructured and improved the mobile authentication documentation.
  • Improved admin console user experience for the mobile platform version configuration.
  • Added link to documentation in admin console.
  • Updated the MariaDB driver from 1.4.6 to 1.5.9.

Bug fixes

  • Fixed bug when being redirected back from the IdP in certain cases.

5.4.0

Features

  • Added support for IdP-initiated SAML Single Logout.
  • Display a numeric keyboard for Android users in the default templates when entering the code for 2WAYOTP or SMS.

Bug fixes

  • Fixed bug where an unnecessary thread was created for every SAML login.

5.3.0

Note: from this version we removed the leading zeros from our versioning scheme.

Features

  • API client support for the two way otp, payload encryption and end user apis.
  • Transaction signing support for mobile authentication with push.

Bug fixes

Please refer to 4.04.10

5.02.00

Features

  • CORS support can be enabled for a set of configurable endpoints and domains.

5.01.00

Features

  • Added experimental custom authenticator support using the Onegini Extension Engine.
  • Proxy support for Google Cloud Messaging with and without preemptive authentication.

Bug fixes

  • Event details stored in client id field in client validation.
  • Some redirects performed by some of the supported IdPs redirect from https to http.
  • Invalid attempts for SMS are not properly counted in a stateless cluster setup.

Changes

  • Discontinued support for the OTP IdP.

5.00.00

Features

  • Authentication method and attempt count included in mobile authentication result.
  • Optional single user default admin login.

Bug fixes