CoreOne Authentication Services

Bug fixes

• Authentication for the introspect endpoint is now possible with an api_resource and the appropriate secret

• The external logon provider role sync did not take all configuration into account while syncing the roles. This issue has been resolved.

• In certain situations where the user must change password at next logon flag was set on a user, it lead to a password change loop within the authentication process. This issue has been resolved.

Features

• Support for SAML Scoping as described in the SAML Core specification chapter 3.4.1.2 has been added. Specifically the ability to set an advisory list of identity provided that should be used for the authentication.

CoreOne Application Interface

Bug fixes

• Potential breaking change: Resetting the password of a user over the API was not possible if the logon_provider_active was set to false. While fixing this issue it was also disovered that the flag was calculated incorrectly. It now checks if the logon_provider_active is active for both the identity type and the target system. This could lead to users on existing systems to not be able to login anymore if the flag is not set on both systems! Please check this after updating.

CoreOne System Connectors

Features

• Scim Connector: Implemented the FindObjectIdentifiersByAttributes method

Bug fixes

• Clearing the managerUuid field over the OpenLDAP Connector was not possible. This issue has been fixed.

• Fixed an issue where the IdentityFindObjectIdInTargetSystem activity in the OpenLDAP connector was not working

• Fixed an issue where a cn wasn't provisioned after shortening its value in the Active Directory system connector

• Fixed searching for Microsoft 365 groups while creating a linked resource

CoreOne Workflow Services

Bug fixes

• Breaking Change: The activity Find object id in target system threw an error, when no object was found. With the new version of the activity, you have a separate No Match path in the designer.

• The introduction of the credential manager lead to empty secrets being stored in existing workflow definitions. The issue has been resolved, no further action is required.

• Breaking Change The activity HttpRequest has to be checked if the property Authorization is set correctly, if not it has to be edited in the designer. 

  Not correct json: 

          {           "$id": "xx",           "name": "Authorization",           "expressions": {             "$id": "yy"           }         }

  Correct json: 

          {           "$id": "xx",           "name": "Authorization",           "expressions": {             "$id": "yy",             "Secret": "empty"           }         }