Improvements:
- Remove use of API_TOKEN prefix
- Added origin validation as part of CSRF check
Improvements:
Improvements:
Features
Fixes
Also, the following third party libraries were updated:
Features
Fixes
Also, the following third party libraries were updated:
Features
Fixes
Features
Fixes
Fixes
Fixes
New features
Fixes
Improvements
New features
Fixes
Improvements
Fixes
Fixes
Fixes
Fixes
New features
Fixes
New features
Fixes
New features
Fixes
Improvements
New features
Fixes
Improvements
New features
Fixes
Improvements
New features
Fixes
Improvements
Okta has changed the attributes and pagination in their user APIs.
If you use the API Connector features to synchronize Okta users and experience that you are only able to sync 200 users but have a larger user base, you are most likely hit by this change and should upgrade to version 4.2.2 of Kantega SSO.
Okta has changed the attributes and pagination in their user APIs.
If you use the API Connector features to synchronize Okta users and experience that you are only able to sync 200 users but have a larger user base, you are most likely hit by this change and should upgrade to version 4.2.2 of Kantega SSO.
Fix regression introduced in 4.1.12, where basic auth REST requests would give 401 response code when Kerberos is enabled
Fix regression introduced in 4.1.12, where basic auth REST requests would give 401 response code when Kerberos is enabled
Kerberos, SAML and OpenID Connect (OIDC) are the most widely used protocols for single sign-on. Now, Kantega SSO Enterprise supports all three.
OpenID Connect (OIDC) is an authentication protocol and an identity layer built on top of OAuth 2.0. It does everything OAuth does plus authentication. It based on modern communication protocols, such as JSON and REST, and it uses JSON Web Tokens (JWT), called an ID token, to provide authentication information.Our documentation describes more about the differences between OpenID Connect and SAML.Users that are familiar with how to configure SAML identity providers in Kantega SSO Enterprise will see that the setup and configuration of OIDC is very similar.
Kerberos, SAML and OpenID Connect (OIDC) are the most widely used protocols for single sign-on. Now, Kantega SSO Enterprise supports all three.
OpenID Connect (OIDC) is an authentication protocol and an identity layer built on top of OAuth 2.0. It does everything OAuth does plus authentication. It based on modern communication protocols, such as JSON and REST, and it uses JSON Web Tokens (JWT), called an ID token, to provide authentication information.
Our documentation describes more about the differences between OpenID Connect and SAML.
Users that are familiar with how to configure SAML identity providers in Kantega SSO Enterprise will see that the setup and configuration of OIDC is very similar.
- Fix Batch pagination regression for Cloud User sync with Azure AD, introduced in 3.7.0. Memberships for large groups were not properly retrieved. The bug only affects 3.7.0 with the Azure AD connector.
- Fix Batch pagination regression for Cloud User sync with Azure AD, introduced in 3.7.0. Memberships for large groups were not properly retrieved. The bug only affects 3.7.0 with the Azure AD connector.
Feature: Support for HTTP header authentication.
Fix: Expose a human readable error message when just-in-time user creation fails because of missing data attributes.
Fix: Catch and handle exceptions when unexpected user data and JSON elements are sent from GSuite.
Feature: Support for HTTP header authentication.
Fix: Expose a human readable error message when just-in-time user creation fails because of missing data attributes.
Fix: Catch and handle exceptions when unexpected user data and JSON elements are sent from GSuite.
Regression fix: Fix for kerberos for rest with user agent exclusion
Update documentation links: We have restructured our documentation pages and all of the setup guide links are now given new and persistent urls
Regression fix: Fix for kerberos for rest with user agent exclusion
Update documentation links: We have restructured our documentation pages and all of the setup guide links are now given new and persistent urls
Multiple BouncyCastle dependencies with different versions caused NoSuchFieldError when setting up SAML idps. This version fix these dependency problems.