Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Preview
Note
Info

This release also contains the changes from version 8.4.3 → https://itsense.atlassian.net/wiki/x/AYBRm

Note

Please update your system connectors when updating to this version

CoreOne Admin User Interface

Features

  • A back-channel logout has been implemented.

CoreOne Authentication Services

...

  • Additional XSS attack mitigation strategies were implemented.

Bug Fixes

  • Fixed an issue on the resource provisioning configuration where it wasn’t possible to remove an existing workflow anymore

CoreOne Admin User Interface 2.0

Features

  • Employment attributes can now be managed in the new Admin UI

CoreOne Authentication Services

Features

  • Breaking change: Minor design changes have been applied to improve readability, usability and the overall look and feel. Among various changes, there is now a default background image. Please review your design after the update and adjust to your CI / CD. You can disable the background image by adding background-image: none !important;

  • Breaking Change: In order to access the Permission API (/api/permission), users now must have the CoreOne Authentication Service API Read Permissions for any Application resource assigned. As the name suggests, this endpoint allows to read all the permission of any applications

  • A new Permission API that will only return the permission based on the token (and the associated client / application) has been added (/api/permission/myapplication). More information can be found here.

  • There is a new scope to request a new minified version of the roles_with_context claim. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/2036400151/Token+Assignment+Context#roles_with_context_min .

  • Claim types can now be limited in size to make sure that tokens don’t surpass a certain size. You can find more on this topic here.A reference to the external identity provider is passed to the CoreIdentityCreated workflow, so that the source of the registration is available from within the workflow. More on the configuration here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/1992982615/Token#Claims-in-access-token .

  • Logout propagation to external identity providers has been implemented. Minor design changes have been applied to improve readability and usability.You can find more on this topic here: https://itsense.atlassian.net/wiki/x/KgDDm

  • The validation of the place of birth in the AHV verification method has been made optional. You can set ValidatePlaceOfBirth to false in the configuration to do so. You can find more on this topic here: https://itsense.atlassian.net/wiki/x/awADkw

  • There are two new quality of registration paths which don’t offer the manual option. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/2222456878/Quality+of+Registration+QoR#Configuration

  • Fidentity verification method

    • Then The users language is now passed to the identity verification service fidentity.

    • The evidence files are now being downloaded and can be stored locally using a workflow

    • When the user is being deleted, the evidence files can be deleted using a workflow

...

  • The default log configuration was adapted to keep the log files for 100 files and a maximum of 10 MB per file

Bug Fixes

  • Breaking change: The issued roles_with_context claim had a ClaimValueType of CoreOne:iTsense.CoreLogin2.Shared.Models.RoleClaim.RoleClaim instead of urn:coreone:authentication:role:with_context. Should you somewhere reference to the old, incorrect value, please adjust it.

  • The username claim could not be used in the id_token and access_token because of its special storage type (multiple usernames are supported). It’s now possible to map the username to any scope.

  • Fixed an issue in the registration process where it could lead to an error when changing the language

  • SMS sent while in the registration process did not always include the screen reader version

CoreOne Application Services

Features

  • There are new workflows available to define approval workflows for both roles and roles types. You can find more on this topic here: Role/Role Type Workflows .

  • Manual Role assignments can now be bound to an employment. If the user looses the employment, he will also loose the role assignment. Setting this relation is currently supported from within workflows but not yet from within the user interface. This feature will follow.

CoreOne Database Services

Features

  • -

  • The default log configuration was adapted to keep the log files for 100 files and a maximum of 10 MB per file

  • The column attribute_edit_mode_id has been dropped from the table servicedmcore_core_identity_type_attribute_mapping as they are no longer needed

Bug Fixes

  • The anonymization of users did not anonymize the read only email address on the Core Identity and worked not correctly in some cases

CoreOne Self Service Portal

Features

  • A back-channel logout has been implementeddouble submit issue in the web shop has been resolved. The issue could lead to ordering the items twice.

  • Breaking change: The permissions to read the QoR and QoA have been removed from the default CoreOne Suite Self-Service User security role and added to an own role called CoreOne Suite Read Own QoR / QaA. This security role will also give you permissions to the appropriate Self-Service widget. You can find more information on this topic here: https://itsense.atlassian.

CoreOne System Connectors

Features

  • -

CoreOne Trustee Management App

Features

  • There is a new application setting to switch between the the new minified roles_with_context claim.net/wiki/x/FYDDk

Bug Fixes

  • Orders could be executed multiple times when pressing the confirm button, this got fixed by hiding the order popup after clicking the button for the first time

  • When selecting a date on the Auto-Ident initialization screen, users might have been redirected to the wrong destination. This happend when users selected a date from the previous month. So for example, when the selector was in June but the user selected the last day of May

  • A feedback message is now being shown when a successful support request was started

CoreOne System Connectors

Bug Fixes

  • Fixed an issue with the WIKO system connector attribute bindings that were wrong

  • Deleting of CoreOne Suite users was throwing an error because of their authentication devices, this got fixed

CoreOne Workflow Services

Features

Tools

Features

  • SqlVersionExecutor now supports executing the SQL directly from the tool