The Moléson release contains a couple of new features. First of all we added support for MySQL 8.x to support the latest version of MySQL databases as well as the much improved MySQL InnoDB Cluster. Furthermore we added a complete new REST-API to the CoreOne Application Service which exposes the complete Meta Directory. And lastly we added the option to perform record matching checks against third party application in the registration process.

CoreOne Application API V2

• The existing oDATA based API will remain, but no new features will be added

• The new REST based API exposes the whole CoreOne Suite Meta Directory. For further information see the documentation.

CoreOne Authentication Services

• A password blacklist can now be configured. Each new password will be checked against that list.

• Data picker support on the registration forms has been much improved

• The authentication reset behaviour has been slightly changed so that all authentication methods of the current flow need to be fulfilled before the reset can be completed.

• The registration form now can also contain grouped attributes that can be used to perform a record matching process against an external system.

• The supported cultures are now stored in the settings configuration of the authentication service. This gives administrators the option to disable the default languages (DE, FR, IT, EN) and the option to add new ones.

• If you have configured a captcha, the captcha will now also be added to the reset authentication method where appropriate. This should prevent the extraction of data such as known email addresses or mobile numbers from the system.

• The SMSHttpClientSetting (37) and the ReCaptchaClientHttpsSetting 38 will automatically be merged to a new OutgoingConnectionsHttpClientSettings that will be used for all outgoing connections such as SMS, ReCaptcha, OIDC authorization code exchange and so on.

• There are three new settings to configure NTP-, NIST-, and HTTP-time servers. If set, all time syncs will be performed against those servers. If you do not set them, then the default entries will be used. Use this settings if the server does not have access to the internet or the public servers are not available for some reason.

• A fingerprint of the clients device can be generated and used to trigger a new deviced used event to inform him about a login from a new or device or from a different browser.

CoreOne Application Services

• Each attribute now contains a system_name. This name is not changeable and is used to uniquely identify an attribute in the whole system including the the new API.

• The task handling can now be done either by storing the information in the database or by using an distributed memory cache. Depending on the requirements both solutions have advantages.

CoreOne Self Service Management Portal

• A new service management UI has been added. In this UI, users can see which services that they have been using and configure their communication and means of authentication settings specifically for a service.

• Then consent view shows the date the consent was given, this was missing in prior versions.

• The logo area in the navigation menu is now rendered as a partial view which allows customers to not only change the logo, but also replace the whole content of this area.

• When a service or a consent is revoked, the accepted terms and conditions and accepted privacy policies are now marked as revoked. Any subsequent usage of the service will lead the user to the accept terms and conditions and privacy screen.

CoreOne Web Services

• We extended the client configuration mask with more SAML options

• The record matching process can now be configured in the application configuration menu

• There is now support to translate drop down values

Workflows

• There are several new workflows activities to call external APIs