This release contains the following fix:
When performing a Quick Login with a client that has very few properties, JID will always be available, even if it is not available in the identity property list, as it is available in the identity application itself.
This release contains the following new feature:
Support for mTLS has been added in QuickLogin Backend callbacks, and state-machine POSTs to remote systems.
The release also contains the following fix:
References in script and administration pages to the function LoadEncryptedFile, which has moved, have been fixed.
This release contains the following features:
A new named internal data source exist for preview applications: PreiewIdApplications
Identity previews are now cached, for UX performance.
The release also contains the following fixes:
Management of cancellation tokens during TLS negotiation.
Account QR-codes now properly encrypted.
This release contains the following feature:
Services can now disable use of configured web proxies when accessing Internet Content.
This release contains major updates and new features, as well as important fixes. Make sure to test this release appropriately before approving it for production.
New major features of note include:
Support for Identity Preview applications. It allows clients to preview how an identity application will go. Identity previews are not persisted in the Ledger, and stored only temporarily, in encrypted form, on the Neuron, until a valid identity with a preview reference is created.
This feature requires pluggable identity authenticator modules to be updated, as relevant interfaces have changed.
A Preview reference identity authenticator is introduced, permitting the creation of digital identities without sensitive personal information. First, a Preview identity application is made. This preview is given an identifier. Then a second real identity application is made, referencing the results of the preview, using the PREVIEW key. The authenticator validates that claims are the same as during the preview. If so, the identity application is approved, and the encrypted preview is removed from the neuron. This results in a validated digital identity, without sensitive personal information encoded.
The relase also contains the following fix:
When multiple identity authenticators are used to authenticate identity applications, they are now internally sorted from most support down to least support, allowing the most privileged authenticator access to the application first.