CoreOne Admin User Interface

Features

• A back-channel logout has been implemented.

• Additional XSS attack mitigation strategies were implemented.

CoreOne Authentication Services

Features

• There is a new scope to request a new minified version of the roles_with_context claim. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/2036400151/Token+Assignment+Context#roles_with_context_min .

• Claim types can now be limited in size to make sure that tokens don’t surpass a certain size. You can find more on this topic here: https://itsense.atlassian.net/wiki/spaces/IKB/pages/1992982615/Token#Claims-in-access-token .

• Logout propagation to external identity providers has been implemented.

• Minor design changes have been applied to improve readability and usability.

• The validation of the place of birth in the AHV verification method has been made optional. You can set ValidatePlaceOfBirth to false in the configuration to do so.

• There are two new quality of registration paths which don’t offer the manual option

• Fidentity verification method

  • The users language is now passed to the identity verification service fidentity.

  • The evidence files are now being downloaded and can be stored locally using a workflow

  • When the user is being deleted, the evidence files can be deleted using a workflow

• The default log configuration was adapted to keep the log files for 100 days and a maximum of 10 MB per day

• Breaking change: The design was refined. Among various changes, there is now a default background image. Please review your design after the update and adjust to your CI / CD. You can disable the background image by adding background-image: none;

Bug Fixes

• Breaking change: The issued roles_with_context claim had a ClaimValueType of CoreOne:iTsense.CoreLogin2.Shared.Models.RoleClaim.RoleClaim instead of urn:coreone:authentication:role:with_context. Should you somewhere reference to the old, incorrect value, please adjust it.

• The username claim could not be used in the id_token and access_token because of its special storage type (multiple usernames are supported). It’s now possible to map the username to any scope.

CoreOne Application Services

Features

• There are new workflows available to define approval workflows for both roles and roles types. You can find more on this topic here: Role/Role Type Workflows .

• Manual Role assignments can now be bound to an employment. If the user looses the employment, he will also loose the role assignment. Setting this relation is currently supported from within workflows but not yet from within the user interface. This feature will follow.

• The default log configuration was adapted to keep the log files for 100 days and a maximum of 10 MB per day

CoreOne Database Services

Features

• -

CoreOne Self Service Portal

Features

• A back-channel logout has been implemented.

• A double submit issue in the web shop has been resolved. The issue could lead to ordering the items twice.

• Breaking change: The permissions to read the QoR and QoA have been removed from the default CoreOne Suite Self-Service User security role and added to an own role called CoreOne Suite Read Own QoR / QaA. This security role will also give you permissions to the appropriate Self-Service widget.

Bug Fixes

• Orders could be executed multiple times when pressing the confirm button, this got fixed by hiding the order popup after clicking the button for the first time

CoreOne System Connectors

Features

• -

CoreOne Trustee Management App

Features

• There is a new application setting to switch between the the new minified roles_with_context claim.

CoreOne Workflow Services

• There are new DMS workflow activities to search, create and delete documents. You can finde more on this topic here: https://itsense.atlassian.net/wiki/x/awASm .

• There are various new workflow activities you can use to manage approval from within workflows. You can finde more on this topic here: https://itsense.atlassian.net/wiki/x/DoHJlg .