Each employment type now offers a flag to indicate whether or not users are able to create an employment with that employment type from within the organization management in the CoreOne Self-Service Portal. The default is false, so you might need to check your existing configuration.
While assigning a role or resource to various entities, you are now able to select the assignment context.
The new API V2 is now part of the health check page.
Core Identities now have a state of either active, deleted or supended
- All context mappings still contain the active flag, so existing mappings do not need to be changed
- New context mappings for StateId and StateSystemName are available to account for the new states
By suspending a Core Identity, you set all it’s associated identities into a deactivated state but all assignments that are valid, stay assigned. Read here for more.
There is a new Attribute tab on the detail page of a Core Identity that allows for a more precise editing of the attribute values.
There is a new Role tab on the detail page of a Ressource.
Employment types can now be marked as not assignalbe from within the Self-Service Portal

CoreOne Application API V2

There are new password change and password reset methods.
There are new main password change and password reset methods which populate password to any connected systems.
There are new API methods to update a Core Identity with easier handling.
The swagger documentation is now divided into auto-generated endpoints (data-centric) and custom endpoints (business-centric).

CoreOne Authentication Services

If the current LoA only contains an external identity provider, you can now initiate a direct redirect to that provider.
Users with expired re-certifiction processes are prevented from login in to other applications other then the Self-Service Portal.
If the only possible path for an authentication is an external logon provider, the user will now be redirected automatically.
Local claims and attributes can now be updated automatically from external authentication providers. The update occurs upon each login request of a user.
The Core Identity entity now has a read only e-mail address for easier access.
JWT Certification Secrets for clients are now supported.
The matching attributes for external identities is now configurable on the external identity provider configuration. By default external and internal identities are matched on the email address.

...

A new SCIM System Connector has been implemented that allows you to provision entities using the SCIM standard.
The new SCIM Connector also supports the new context aware resource assignments.
A new OpenLDAP System Connector has been implemented that allows you to provision entities into a OpenLDAP system.
The Active Directory System Connector now can provision all account options to Active Directory.

...

BREAKING CHANGE: In the import configurations it’s now possible for data providers who uses credentials (currently LDAP (Active Directory and OpenLDAP) and SQL (MySQL and Oracle)) to get them from a target system. This allows it to omit the username and password from the import configuration so it doesn’t get serialized which in turn makes it safer to store it in the database or to transfer/share it..
BREAKING CHANGE: The active flag of a core identity has been moved to a core identity state where there are now three different states: active, deleted and suspended.
The passwords from target systems can now be reused from any target system by specifying it in the import configuration.

There is a new attribute tab on the Core Identity which allows you to override imported values.

...