Skip to content

Release notes 8.x

8.9.0

Features

  • We added a new API to verify email and phone numbers, enabling our customers to build their own dashboard while relying on our validation.
  • It's now possible to configure how many attempts a user has to verify an attribute (phone number or email address) before the code is invalidated.
  • Now an admin can configure if an end-user should verify their email address via a link (current behaviour) or a six-digit code sent to the email address. The latter option is more suitable for omnichannel services or organizations that built their own dashboard.

Improvements

  • We now ensure that a user, who authenticated but did not finish or cancel the post-login hook, that decides to navigate back to the login page, will return to the post-login hook.

Bug fixes

  • For some events, the client's IP address was missing. We fixed that, so it should be available for all events now.

8.8.0

Features

  • It is now possible to send SMS messages via our internal Messaging Service. This service makes it possible to build an integration to connect to an external (non-natively supported) SMS gateway via an API.

8.7.0

Improvements

  • We no longer throw an exception when illegal characters are used in a language parameter (we cover more scenarios compared to the change in v8.4.0).

8.6.2

Bug fixes

  • We fixed an issue with an error during a device registration via QR code.

8.6.1

Bug fixes

  • We fixed an issue with a warning being logged due to a removed field.

8.6.0

Improvements

  • We now support iDIN authentication using the iDIN Login product type. Previously the Onegini IdP was always using the iDIN Identify product type.
  • We added a feature toggle to show the existing waiting page template. It should be enabled to improve the user experience when a step in the login process (e.g. due to processing time of the PersonPreCreateExtension) takes longer to finish. The feature is disabled by default.
  • When automatic linking is enabled, and automatic sign-up is disabled, we now also call the PersonCreationPreProcessExtension. This makes it possible to match not only on a user's email address but also on other attributes.
  • It is now possible to provide a validity time value for a specific externally delivered code (for activation & step-up) via the extension, the validity time configured in via a property (for step-up) or the admin (for activation) are now both the default and the max.

8.5.1

Bug fixes

  • We fixed an issue with an error during a device registration via QR code.

8.5.0

Bug fixes

  • We fixed an issue where the user's last login time was not updated during a SAML ECP login (used for the OIDC ROPC flow in Token Server).
  • We fixed a bug where the CredentialAPI returned an error for end-users without an (optional) mobile number when Mobile number verification required was enabled. Now, only if the user has a mobile number in their profile, it must be validated.

8.4.0

Improvements

  • We improved the way an HTML form is submitted. We now prevent the same form from being submitted shortly after the initial submit (e.g. when the user is double-clicking), which caused an error in the logs.
  • We now support changing the initial (unverified) mobile phone number after a verification code is sent out, in the scenario where Allow to set initial step-up method, and Mobile number verification required are both enabled.
  • We no longer throw an exception when illegal characters are used in a language parameter.

Bug fixes

  • When an exception occurred in the Post Login Hook, the Onegini IdP did not handle it correctly. As a result, the Post Login Hook was not entirely executed. In the new situation, when an error occurs (e.g. a status 500), the end-user is logged out and has the reauthenticate.

8.3.0

Improvements

  • We introduced two new events: EmailUpdatedEvent and PhoneNumberUpdatedEvent; both are triggered after users update their profiles.

Bug fixes

  • When mobile number validation is turned off, the Onegini IdP will no longer return an error when the mobile number for a user is updated via the API.

8.2.0

Bug fixes

  • We fixed an issue with iDIN after migration to centralized session management.
  • We have fixed a bug in the email verification page where we did not show the result when an unauthenticated user used the email verification link for a second time.

8.1.1

Bug fixes

  • Incomplete DigiD logins were not properly logged due to an error. This has been fixed.

8.1.0

Improvements

  • We removed Frontend styling and Insights from the Onegini IdP admin, as these features are now available via the OneWelcome console.

Bug fixes

  • In the scenario where the external IDP linking failed, e.g. when it was already linked to another account, we still synced some attributes. We now do that only after successful linking.

8.0.1

Bug fixes

  • In some SAML scenarios, the user was redirected to the dashboard, while the expected behaviour was that the user should be redirected back to Service Provider. We now make sure the user is redirected to the service provider.
  • A dependency upgrade caused problems with sending emails. We fixed that in this version.

8.0.0

Features

  • We added a new configuration option for SAML based Identity Providers to support the ForceAuthn attribute, which allows you to explicitly indicate that the end-user must authenticate (again) at the external Identity Provider.

Improvements

  • Template handling is now more secure, but also more restrictive. This might have impact on existing templates that have been customised. For more information, please read the Thymeleaf documentation on this change.