- Force SSO Authentication- Added support to force user to authenticate even if the user has an active SSO session on the IDP side
- Passive SSO - Added a feature to allow SSO only if IDP sessions already exist
- Support to bypass SSO for configured URLs for eg. integration URLs
- Multiple IDP signing CertificatesProvision to apply group regex for Just In Time (JIT) provisioning
- Additional parameter to define SSO Redirection rule for users, i.e. "contains"
- Fixes for SSO redirection not working if JS is disabled in the browser
- Fixes for fetching multiple groups from Keycloak Identity Provider