Release notes 7.x versions
7.2.2
Bug fixes
- For MS SQL database the ANSI_PADDING is now set to ON
7.2.1
Bug fixes
- Deny access to configuration of disabled features
- Custom truststore was not being used when starting the token server
- Enabling mobile auth for a device which was previously disabled caused error
- Configuration of an LDAP server for the Admin console should not be required
- Refresh Token abuse detection was triggered for clients that do not support this feature
7.1.0
Features
- API-based registration
- Two-way OTP as an API identity provider
- Custom Registration via Extension Engine
- Ability to register with a selection of identity providers with a mobile application
- Parallel sessions are now supported for Web Clients
Improvements
- Change from HTTP-POST binding to HTTP-Redirect binding in SAML Authentication requests.
- Attribute mapping configuration only shows for SAML and Header Identity Providers
Bug fixes
- Implicit access tokens are now cleaned up when a new one is created
- Metadata in SAML IdP can be made empty
- SAML Service Provider signature validation failed with a generated certificate
7.0.0
Features
- Ability to delete items from the read-only view in Admin console
- Ability to use multiple browser tabs within Admin console and save from any tab
Improvements
- Change from EHCache to Redis for faster and more scalable caching
- Authentication applications API has been deprecated, see devices API
- Support for FIDO has been removed
- Simpler property resolution with removal of etcd
Bug fixes
- User will no longer be logged out when disabling fingerprint when logged in via fingerprint
- Fixed error response for invalid scopes during token refresh
- Fixed sorting on overviews in Admin console
- Added server side validation for ROPC Client config
- Mobile App can now utilize multiple custom authenticators
- In Admin console, Errors were not properly shown with invalid custom authenticator script
- Fixed Delete modal on some pages
- Allow app schemes to contain a hyphen
- Redirects no longer fail when app scheme contains a hyphen
- Documentation on 'header auth properties' contained a typo
- Fixed Disable Fingerprint endpoint in the end user device API to clean up only fingerprint tokens