Release Notes
================
New Features/Improvements
- Added SCIM 2.0 protocol support which can be used for seamless cloud applications provisioning.
- Windows/Linux Installer for On-premise IDP.
- Tested compatibility support for the latest version of PostgresSQL 14.2
- Search JWT and OAuth integrated applications in the app list by client ID.
- Added an API endpoint to enable an end-user.
- SLO support is added for JWT Applications.
- Added support for multiple redirect URLs in JWT applications.
- GUID support for OAuth, JWT applications, and User APIs.
- Added API endpoint for adding new user groups and deleting user groups.
- Added support for nonce & PKCE request parameters in OAuth domain-mapping flow.
- Kerberos/SPNEGO support added for Integrated Windows Authentication.
- Added Domain Mapping Option in add OAUTH IDP.
- Oracle E-Business Suite SSO native support added.
- Support for multiple and country-specific HTTP SMS Gateways is added.
- Support for Multiple Magento User Stores as Authentication Source is added.
- Added a feature for Administrators to view all active sessions of all end-users and an option to invalidate those sessions
- Added domain mapping to the authorized endpoint for OAuth2/OpenID Connect apps for choosing Identity Providers based on their configured domains.
- Mandatory option added for users to validate their phone number or email address while configuring 2FA in Inline User Registration flow.
- SMS Body for SMS with Link can be customized now.
- Added Username, Location, and IP address in Push Notifications.
- Added NameID format option in the SAML Identity Source.
- Introduced Selectable MFA Methods which are SMS & Phone Callback, Authenticator Apps, Email, Hardware Token, and Security Questions for various login flows.
- RADIUS group attribute is now configurable based on each RADIUS app.
- Added a new authorized endpoint for OAuth2/OpenID Connect applications for dynamic Identity Provider discovery.
- Added support for 2FA (OTP over SMS, EMAIL, SMS, and EMAIL) methods for VPNs where ACCESS_CHALLENGE is not supported.
- IP Restriction can be enabled for VPNs.
- Improved UI and UX for 2FA configuration.
Bug Fixes
- The Desktop application name can be changed now.
- Users get an error message in Radius Response if their password in Active Directory is expired.
- The Force Authentication feature of the SAML app now works for Third-Party Identity Providers.
- Made Custom Application name field editable.
- Minor bug fixes for BigCommerce provisioning attribute mapping.
- Fixed claim issue with Apple Login.
- Fixed the security methods reconfiguration.
- XSS Vulnerability has been fixed by updating Struts to version 2.5.26.