Versions

• Support Home Realm Discovery (HRD) based on IP addresses, IP Ranges and regular expressions, docs.
• Full support for SAML 2.0 IdP-Initiated Login in OpenID Connect applications with IdP-Initiated Login grant functionality to avoid an extra round-trip to the external IdP, docs.

• Support matching issuer and authority with application specific issuers in OpenID Connect and OAuth 2.0 applications.

• Add refresh_token_expires_in in token response. Contains the number of seconds remaining until the refresh token expires. Not included if the refresh token has unlimited lifetime.

Bugs resolved:

• https://control.foxids.com/api/swagger/v1/swagger.json return blank page because incorrect namespace in API method.

• Support SAML 2.0 IdP-Initiated login in SAML 2.0 authentication methods and forward the login to SAML 2.0 and OpenID Connect applications.
• Control API methods to list users locked for an observation period and remove the user from the observation period.
• Control Client UI to show users locked for an observation period and remove the user from the observation period.
• Not send emails and SMS if the user are locked for an observation period.
• Delete the users refresh token grants in all Login authentication methods (it is possible to configure more then one).

• Control API methods to list and invalidate refresh token grants.
• Control Client UI to list and invalidate refresh token grants.

Bugs resolved:

• Not invalidating track cache when the JWT to SAML 2.0 claim mapping is updated automatically.
• Refresh token grants is not deleted on logout in environment links.

• Change the SAML 2.0 relay state's maximum length to 20,000 characters (before 2,000 characters).
• Query error and warning logs separately.

• Accept claim types with spaces and change to log invalid claim types as a warning. Claim value with spaces was already supported.

• PostgreSQL support additional IDs.
• Default confirm account on create new user.
• The maximum possible lifetime of the refresh token is set to a maximum of 4 years.
• Hide the New tenant button in Control Client if FoxIDs is configured to use one main tenant.

• Complete single logout even though the application do not have logout URLs configured.
• Improve the handling of claims with an empty value.
• PG repository AdditionalIdExistAsync metod corrected.

• Require 'delete' conformation text to delete a tenant and a track.
• Additional IDs constraint check in repository code for CosmosDB and PostgreSql.
• PostgreSql repository updated.