Versions

• Change the SAML 2.0 relay state's maximum length to 20,000 characters (before 2,000 characters).
• Query error and warning logs separately.

• Accept claim types with spaces and change to log invalid claim types as a warning. Claim value with spaces was already supported.

• PostgreSQL support additional IDs.
• Default confirm account on create new user.
• The maximum possible lifetime of the refresh token is set to a maximum of 4 years.
• Hide the New tenant button in Control Client if FoxIDs is configured to use one main tenant.

• Complete single logout even though the application do not have logout URLs configured.
• Improve the handling of claims with an empty value.
• PG repository AdditionalIdExistAsync metod corrected.

• Require 'delete' conformation text to delete a tenant and a track.
• Additional IDs constraint check in repository code for CosmosDB and PostgreSql.
• PostgreSql repository updated.

• On login, validate if the password is in risk based on global password breaches and require password change.

Bugs resolved:

• Save session information on all session groups bug.
• Incorrect authentication profile field names i Control Client.

• Improve OpenID Connect state handling.
• Improve read OpenID Connect Discovery and SAM 2.0 metadata error message on time out.
• Improve login sequence time put handling in Control Client.
• Simplify log selection.

• Support for three different user identifiers; username, phone number and email.
• Support for two-factor with SMS and email. Continued support for two-factor with authenticator app.
• Two-factor do not require phone and email to be verified.
• Support for task actions in claim transforms:
  • Return error
  • Start authentication
  • Query internal users claims
  • Query external users claims.
• Support for local _local: claims in claim transforms
• A setting added which make it possible to delete refresh token grants when a user change password.
• Possible to search logs in all environments from master environment.

Bugs resolved:

• It is possible to set a redemption claim on a external user which has already been redeemed.

Resolved bug(s):

• PostgreSQL do not support ! in a Query (LINQLINQ resulting in invalid tenant load.

• SAML 2.0 authentication method, default disable login hint in Control Client.
• Reverse trace logs to match the Control Client log view.
• Show the Logs tab first in the Control Client.
• Change session update warning logs to event logs.
• Log template refresh interval change to 5 seconds.
• Optimize logging.