Preview
CoreOne Authentication Services
Bugfixes
The feedback message was missing if a password is on the black list
CoreOne Application Services
Features
New API endpoint: Get-user-rights-log. This new endpoint can help in diagnosing problems with user permission as it retrieves all the rights of a user and groups them by roles. Documentation can be found here: User rights API-Endpoint
New security role:
CoreOne Suite Personal Data
. This role gives you access to view and edit your own core identity. Together with theCoreOne Suite Basic Access
role, you can use this to give a user access to the Self-Service Portal to edit his own personal data.
Bug fixes
Potential breaking change: A bug was fixed which allowed you to edit your core identity even if you didn’t explicitly had those rights. Please check on existing systems if this fix restricts the ability to edit your own core identity on the Self-Service Portal. In this case you need to add the
CoreOne Suite Personal Data
role (see Features above)Some legacy oData API methods like
Users/GetByDisplayName
and/SimpleUsers/GetUsersByRoleClaimNames(roleClaimNames=['82af670e5d254a4b891e0ecda552d3b3'])
did no longer work properly.The
UserDeleteAccountRequested
event did not trigger the mail notification correctly.Nested role assignments where not persisted correctly if the same role was inherited over multiple paths. This only occurred in complex role nesting. This will lead to the creation of missing nested role assignments after the update. Note: The resulting roles and resources were always correct, only some of the alternative nested roles assignments were missing.
CoreOne System Connectors
Bug fixes
The
superior
field in the WIKO connector was not handled correctly, this has been fixed.Fixed a potential
NullReferenceException
regarding the refUser in the WIKO connector
CoreOne Workflow Engine
Bug fixes
The workflow activity “ConvertObjectToXml” now returns datetimes in the ISO 8601 format