Release notes 9.x versions

9.1.4

Bug fixes

• Added missing database indexes for Microsoft SQL Server database type.

9.1.3

Bug fixes

• The openid scope is required for OpenID Connect. It's no longer possible to delete this scope from the system.
• SAML Single Logout combined with unique entity id per client is fixed. The user is now correctly redirected back to the SAML identity provider

9.1.2

Improvements

• Give the ability to skip cache when using Token Introspection and User info endpoints.

9.1.1

Bug Fixes

• Specifying an Identity provider in the Authorization flow now works as expected.

9.1.0

Improvements

• Zip archives loaded into the system are now checked against most common vulnerabilities.
• Token Introspection will now include updated Person API details if the User Info endpoint is configured.
• Docker images now use OpenJDK

Bug Fixes

• SAML SP will now check with IDP's capabilities when choosing the binding protocol
• API/Web client API list response is now aligned with documentation
• Minor JavaScript issues have been fixed in Admin console

9.0.3

Features

• The Application identifier is added to the response for available authentication options for a user .

Bug Fixes

• Client Secret is now properly hashed when an API client is updated via API
• Creating an API/Web Client is now possible without specifying the architecture attribute
• Fixed error with incorrect redirect url when using an OAuth Identity Provider
• Client Credentials grant type now works correctly with OpenID Connect
• OpenID Connect Configuration is now possible via the Web Client API
• Corrected some OpenID Connect session management documentation
• Fixed failing database migration for Oracle
• Several security fixes

9.0.2

Improvements

• Confirmation when logging out using end-session endpoint for OpenID Connect
• Updated Java version in Docker images
• General performance improvements for Insights

Bug fixes

• OpenID Connect and SAML SLO redirect loop fixed when SLO was off
• Admin console username search trims input values before searching
• Redis will respond appropriately when a key does not exist
• App versions are sorted properly in the Admin console
• Access tokens with simultaneous sessions and refresh tokens enabled are now cleaned up properly

9.0.1

Bug fixes

• Fixed issue with database migration for MS SQL database

9.0.0

Features

• Added support for SAML assertion encryption
• Added support for artifact binding in IdP authentication flow
• Added Multi-Device support for Mobile Authentication
• Extended OpenID Connect implementation
  • Added OpenID Connect Discovery (.well-known/openid-configuration)
  • Implicit and Basic flows
  • JWT-JWK support
  • Session Management including Front Channel Logout
  • Integration with SAML SLO
• Added APIs for Web client configuration
• Fully integrated with Onegini Insights which is a new application that gathers statistics data and presents results in easily readable charts
  • Statistics can be shown on admin Insights page

Improvements

• Removed Keystore password from SAML Service Provider configuration page in the Admin console
• Configuration of key enrollment override feature is removed - this is now always enabled
• Admin UX enhancements
• Users can now bulk delete their devices via API

Bug fixes

• For MS SQL database the ANSI_PADDING is now set to ON
• SAML may use the default Identity Provider now