Skip to content

1.10 Release Notes
Compare
Choose a tag to compare
@mbhave mbhave released this 11 Dec 19:44
· 7259 commits to master since this release
1.10
1d23b32

OpenID Connect Updates
We have improved our OpenID Connect support in this release. This includes support for:

  • Response type id_token
  • Signature verification for id_token

User Sign Up Updates
The user sign up flow (Create Account) has been updated to collect the user's password upfront rather than after the user email verification. This greatly simplifies the user sign up flow. Now post email verification the users are automatically logged in.

Invitations
End users who are authenticated to UAA can now invite others users via email. Invited users are sent an email. After accepting the invitation in the email, the users are allowed to set their password followed by automatically being logged in. This is an optional feature and can be turned on via the invitationsEnabled flag in login.yml

User Verification
The UAA now checks the verified flag when authenticating users if the allowUnverifiedUsers flag is set to false in the uaa.yml. Unverified users are allowed to authenticate successfully by default.

Externalization of Scope Descriptions
The Cloud Foundry specific scope messages can now be controlled via CLOUD_FOUNDRY_CONFIG_PATH/messages in addition to loading them from message.properties of Login Server

Assets 2
Loading