...

• A password blacklist can now be configured. Each new password will be checked against that list.

• Data picker support on the registration forms has been much improved

• The authentication reset behaviour has been slightly changed so that all authentication methods of the current flow need to be fulfilled before the reset can be completed.

• The registration form now can also contain grouped attributes that can be used to perform a record matching process against an external system.

• The supported cultures are now stored in the settings configuration of the authentication service. This gives administrators the option to disable the default languages (DE, FR, IT, EN) and the option to add new ones.

• If you have configured a captcha, the captcha will now also be added to the reset authentication method where appropriate. This should prevent the extraction of data such as known email addresses or mobile numbers from the system.

• The SMSHttpClientSetting (37) and the ReCaptchaClientHttpsSetting 38 will automatically be merged to a new OutgoingConnectionsHttpClientSettings that will be used for all outgoing connections such as SMS, ReCaptcha, OIDC authorization code exchange and so on.

• There are three new settings to configure NTP-, NIST-, and HTTP-time servers. If set, all time syncs will be performed against those servers. If you do not set them, then the default entries will be used. Use this settings if the server does not have access to the internet or the public servers are not available for some reason.

• A fingerprint of the clients device can be generated and used to trigger a new deviced used event to inform him about a login from a new or device or from a different browser.

CoreOne Application Services

...