Preview
This release also contains the changes from version 8.4.3 → https://itsense.atlassian.net/wiki/x/AYBRm
This release also contains the changes from version 9.0.4 → Release 9.0.4 - Stockhorn
CoreOne Admin User Interface
Features
A back-channel logout has been implemented.
Additional XSS attack mitigation strategies were implemented.
CoreOne Authentication Services
Features
There is a new
scopeto request a new minified version of theroles_with_contextclaim. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/2036400151/Token+Assignment+Context#roles_with_context_min .Claim types can now be limited in size to make sure that tokens don’t surpass a certain size. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/1992982615/Token#Claims-in-access-token .
Logout propagation to external identity providers has been implemented. You can find more on this topic here: https://itsense.atlassian.net/wiki/x/KgDDm
The validation of the place of birth in the AHV verification method has been made optional. You can set
ValidatePlaceOfBirthto false in the configuration to do so. You can find more on this topic here: https://itsense.atlassian.net/wiki/x/awADkwThere are two new quality of registration paths which don’t offer the manual option. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/2222456878/Quality+of+Registration+QoR#Configuration
Fidentity verification method
The users language is now passed to the identity verification service fidentity.
The evidence files are now being downloaded and can be stored locally using a workflow
When the user is being deleted, the evidence files can be deleted using a workflow
The default log configuration was adapted to keep the log files for 100 days and a maximum of 10 MB per day
Breaking change: Minor design changes have been applied to improve readability, usability and the overall look and feel. Among various changes, there is now a default background image. Please review your design after the update and adjust to your CI / CD. You can disable the background image by adding
background-image: none;
Bug Fixes
Breaking change: The issued
roles_with_contextclaim had aClaimValueTypeofCoreOne:iTsense.CoreLogin2.Shared.Models.RoleClaim.RoleClaiminstead ofurn:coreone:authentication:role:with_context. Should you somewhere reference to the old, incorrect value, please adjust it.The
usernameclaim could not be used in theid_tokenandaccess_tokenbecause of its special storage type (multiple usernames are supported). It’s now possible to map theusernameto any scope.
CoreOne Application Services
Features
There are new workflows available to define approval workflows for both roles and roles types. You can find more on this topic here: Role/Role Type Workflows .
Manual Role assignments can now be bound to an employment. If the user looses the employment, he will also loose the role assignment. Setting this relation is currently supported from within workflows but not yet from within the user interface. This feature will follow.
The default log configuration was adapted to keep the log files for 100 days and a maximum of 10 MB per day
CoreOne Self Service Portal
Features
A back-channel logout has been implemented.
A double submit issue in the web shop has been resolved. The issue could lead to ordering the items twice.
Breaking change: The permissions to read the QoR and QoA have been removed from the default
CoreOne Suite Self-Service Usersecurity role and added to an own role calledCoreOne Suite Read Own QoR / QaA. This security role will also give you permissions to the appropriate Self-Service widget. You can find more information on this topic here: https://itsense.atlassian.net/wiki/x/FYDDk
Bug Fixes
Orders could be executed multiple times when pressing the confirm button, this got fixed by hiding the order popup after clicking the button for the first time
CoreOne Trustee Management App
Features
There is a new application setting to switch between the the new minified
roles_with_contextclaim.
CoreOne Workflow Services
There are new DMS workflow activities to search, create and delete documents. You can finde more on this topic here: https://itsense.atlassian.net/wiki/x/awASm .
There are various new workflow activities you can use to manage approval from within workflows. You can finde more on this topic here: https://itsense.atlassian.net/wiki/x/DoHJlg .