Rilasci

• Support multiple dynamic elements of type; custom, test and html in the same page.
• Dynamic custom element set autocomplete="off".
• Show link to go back to login page on set password pages.
• New claim transforms created in the Control Client default replace the claim instead of adding.
• Default delete used sequences and improve the go back in browser error messages.

With this release it is possible to extend the login UI flow with custom login dialogs build with dynamic elements. The extended UIs have full support for culture / multi language.

• Support extended UI where you can customise and add pages to the login flow.
• New dynamic elements; customisable field and text and HTML elements.
• Support dynamic elements with custom text and translations.
• Support custom text and translations defined in a environment. The custom texts are auto created.
• Show the default text translations in Control Client.
• Only support text translations for languages defined in the embedded translations.
• Validate all request and response values in external connect API calls.
• Deprecate ErrorDescription in external connect API calls. Use instead ErrorMessage.

• Support OpenSearch 3.0
• Remove old obsolete OpenSearch indexes.
• Docker images support both linux/amd64 and linux/arm64 (new).
• Seed data protector key data to avoid creating two keys in some deployment sceneries.

Bugs fixed:

• Cosmos DB nullable object must have a value bug when calling Failing Login Locks.
• Users and tenants filter query do not return data in CosmosDB.

• Supports one-time passwords via email and SMS with the option to disable password login.
• Supports creating users without a password and requesting the user to set a password with email or SMS confirmation at first login.
• Support to upload many users per API call.
• Seed tool to upload many users from a CSV file.
• Change reset password to be called set password and show less information.
• One-time password counter masseurs for sending email and SMS.
• Two-factor with email and SMS show less information.
• Improve emails and SMS texts.
• API page size increase to 500.

Linux releases are configured to be deployed with a reverse proxy like e.g., Nginx or Apache. The FoxIDs websites is default configured for incoming traffic on port 80. Read the request domain in the X-Forwarded-For header and read the schema in the X-Forwarded-Proto header. Log are default written to the /var/log/ folder.
The Linux releases found in FoxIDs-x.x.x-linux-x64.tar.gz is self-contained and you do not have to install the .NET runtime.

Deployment descriptions:

• Host ASP.NET Core on Linux with Nginx https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx

• QuickStart: Deploy a .NET Core on Linux application to Elastic Beanstalk - AWS Elastic Beanstalk https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/dotnet-linux-quickstart.html

• Make Control Client prettier when using least privilege.
• Make it possible to query environments with least privileges and get a result based on the access.
• Log and show request method in logs.

Bugs fixed:

• Spelling mistakes in code, change the scope/role access rights element from Base to Basic and thus follow the documentation.
• Add missing access rights for environments to accept the overall scope/roles foxids:tenant:track and foxids:tenant:track[xxxx] instead of only access rights with least privileges.

• When a new tenant is created, an administrator user is added to the master environment with the admin role. If the administrator user does not need to change the password. The administrator user is now also added in the other environments in the tenant as basic users without the admin role.

Bugs fixed:

• The FoxIDs logo was displayed with incorrect font on iOS due to missing imbedded font.

• Support OpenSearch with self-signed certificate by using the setting Settings.OpenSearch.AllowInsecureCertificates: true.
• Support OpenSearch migration with optional OpenSearch query configuration and cross-cluster search.
• Support SMTP without username and password authenticate.

• Support IIS deployment on Windows server.
• Support both HTTP and HTTPS, but you should always use HTTPS in production.
• When a new user is created in the login UI. Changed to not confirm the account if not configured.

• Support Home Realm Discovery (HRD) based on IP addresses, IP Ranges and regular expressions, docs.
• Full support for SAML 2.0 IdP-Initiated Login in OpenID Connect applications with IdP-Initiated Login grant functionality to avoid an extra round-trip to the external IdP, docs.