Release 1.3.0

This release contains following improvements and bugfixes:

• Migration to updated PowerAuth server API.
• Improved database transaction handling in auditing.
• Updated dependencies.

Release 1.2.6 - bugfix

This release contains a fix of an issue which occurs when obtaining consent status using TPP engine client: #1096

Release 1.2.5

This release contains following improvements and bugfixes:

• Spring Boot stack upgraded to version 2.6.6 due to recent high severity CVE's.
• Updated dependencies.

Release 1.2.2 - hotfix

This release contains following bugfixes:

• Avoid canceling operation when WebView sleeps (#1080)
• Infinite recursion during serialization (#1078)
• Updated Bouncy Castle library version in JBoss descriptor (2601b8e)

Release 1.2.1 - hotfix

This release contains following bugfixes:

• Failed input validations not processed correctly (#1072)
• Missing @NoArgsConstructor annotations in model (#1069)

Release 1.2.0

This release contains following improvements and bugfixes:

• Operation change notification contains PowerAuth authentication context with information about used signature type, remaining attempts and whether the activation was blocked.
• License changed to AGPL v3.0.
• Default database connection switched to PostgreSQL.
• Log4J library excluded from dependencies to avoid false alarms in scans due to recent vulnerabilities.
• Upgrade to Spring boot 2.6, updated dependencies.
• Minor bugfixes and documentation updates.

Release 1.1.0

This release contains following improvements and bugfixes:

• Next Step stores information about user identities, credentials, and generated OTP authorization codes.
• Next Step authenticates users using credentials, OTP authorization codes, or a combination of these two methods.
• Next Step manages applications, user roles, contacts, aliases, credential policies / definitions, and OTP policies / definitions.
• Next Step stores historical information about user authentication, user identity changes and credential history.
• Next Step RESTful API can be used to fully configure and manage the Next Step application.
• Sensitive database record encryption, password hashing, and end-to-end encryption.
• Upgrade of hashing algorithm during password verification, re-encryption of encrypted records in case of a configuration change.
• Authentication method downgrade and automatic enabling of PowerAuth token on operation update.
• Integration of Passay library for generating and validating credentials.
• Integration of Wultra auditing library for persisting audit records about authentication processes.
• Integration with PowerAuth operations for separating complex Next Step operations into smaller ones.
• Next Step can be used as a proxy for Data Adapter authentication calls.
• Extension of user info endpoints for publishing arbitrary data.
• All REST clients are now migrated to rest-client-base.
• Published OpenAPI documentation for Next Step.
• PostgreSQL database is now officially supported.
• Minimum Java version increased to Java 11.
• Bouncy Castle library is now bundled with the applications.
• Dependency updates.

Release 1.0.0

This release contains following improvements and bugfixes:

• New REST client based on the rest-client-base project used in PowerAuth client and Push client.
• Web UI migrated to React 16.
• Frontend code quality improvements and bugfixes.
• Dependency updates.

Release 0.24.1

• Add WebLogic deployment descriptor.
• Add status endpoint.
• Configurable access token validity for TPP apps.

Release 0.24.0

This release contains following improvements and bugfixes:

• Third party provider implementation
• Engine for storing user consents
• Client certificates can be used for user authentication
• Customization of implicit operation
• Updated dependencies due to security advisories