Versions

• Set 24 hours HTTP cache header (cache-control: max-age=86400, private) for OpenID Connect discovery .well-known/openid-configuration and SAML 2.0 SP / IdP Metadata.

• Set the Two-Factor Authenticator time tolerance down to 2 minutes.
• Divide failing login count into groups to make failing login count ready for multiple login types.

Resolved bug(s):

• Remove duplicated error summery in email conformation UI.

Resolved bug(s):

• Change external user ID because of incorrect validation check.

• Change the update properties of external users in the PUT method so that the properties only updated if they contain a value.
• Set the external user properties; authentication method and redemption claim values to lower.
• Do create before delete when changing an external user's ID.
• Allow any origin for /api/swagger/v1/swagger.json.
• Improve emails and add customizable address info footer. The Address information can be configured per environment and in settings:

  "Settings__Address__CompanyName": "xxx",
  "Settings__Address__AddressLine1": "xxx",
  "Settings__Address__PostalCode": "xxx",
  "Settings__Address__City": "xxx",
  "Settings__Address__StateRegion": "xxx"
  "Settings__Address__Country": "xxx"
  

• Prefer to show redemption claim value in the external users list.
• Make it possible to update external users based on the redemption claim value.
• Log refresh token grant not found as warning.

Resolved bug(s):

• Fails if authentication method state cookie is null.

• Link external user support redemption claim. The external users can be redeemed by a redemption claim type (e.g. email) and they are then automatically linked with the link claim type.
• Change submit in post form to improve Chrome custom tab and Android app support.
• Optimize query and fragment redirects.
• Add FoxIDs Control API method UserChangePassword that supports changing the user's password.

Resolve bug:

• Control API do not accept low level roles.

Resolve bug:

• API missing mapping for API Resource.

• Change the Referrer-Policy header from no-referrer to strict-origin to send the origin and nothing else. Before the origin was not send or null.

• Support pagination with pagination token in a new set of Control APIs instead of the old set of filter Control APIs. The new APIs has a plural s. For example, the old FilterTenant API is now Tenants where the new API support pagination.
• Control Client support pagination.
• .NET 9.
• Log warning and redirect back to the application if SAML 2.0 Authentication Method do not support logout.
• Support for changing XML canonicalization method in SAML 2.0 authentication methods.
• Improve SAML 2.0 invalid authn response trace and error message.

Resolve bug:

• OpenID Connect logout error if the post logout redirect URI is null or empty.

• PostgreSQL is production ready and configured in appsettings.json:

"PostgreSql": {
  "ConnectionString": "Host=xxx;Username=postgres;Password=postgres;Database=FoxIDs"
},
"Options": {
  "Log": "Stdout",
  "DataStorage": "PostgreSql",
  "KeyStorage": "None",
  "Cache": "PostgreSql",
  "DataCache": "None"
}

• Support for calling an external API in a claim transform to add external claims.
• Improve claim transform validation in Control Client.
• Add state cookie in OpenID Connect authentication method for authentication and RP Initiated logout to handle missing state property from Amazon AWS and Microsoft Entra ID.

Resolve bug:

• Custom domain verification disappears on customer information update.
• Not uniformed issuer in Control Client.