Haventec Authenticate changelog

Release versions are synchronized with Haventec Console versions changelog

Release 1.2.59 (20/02/2020)

  • Switch off DB schema updates (Only on this docker version)
  • Security updates
  • Release disclaimer 1: This docker has deactivated the DB schema updates and therefore cannot be used on a brand new installation
  • Release disclaimer 2: If you are updating your platform from a version older than 1.2.56, it's mandatory to update first to the version 1.2.56, then you could update directly from 1.2.56 to 1.2.59

Release 1.2.58 (30/01/2020)

  • Root and Customer Support users can now see the group on user details
  • Security updates

Release 1.2.57 (02/12/2019)

  • Support to retrieve organisation user group information

Release 1.2.56 (21/11/2019)

  • Maintenance update to delete code related to a deprecated DB column that will be deleted in a future release

Release 1.2.55 (11/11/2019)

  • DB connection pool connects only to master DB node preventing Read Only errors in case of a DB master-slave failover
  • Audit the JWT claims granted to users

Release 1.2.54 (22/10/2019)

  • Fix the pagination object at the endpoint that retrieves application's users
  • Delete a deprecated column at two tables
  • Regular security updates at the docker SOE

Release 1.2.53 (20/09/2019)

  • Fixes bug at the claims of the JWT

Release 1.2.52 (9/09/2019)

  • Document how to monitor Haventec dockers on-premise
  • Authenticate apps only contain Authenticate application users and not Console Org Admin
  • Support API Key rotation
  • Include KeyPairUuid at the response of forgot-pin
  • Log improvements - new parameters to the JSON logs: statusCode and uri
  • Security updates

Release 1.2.51 (26/08/2019)

  • Document error flows at the add and login users endpoint
  • Delete the parameter client_secret at the /authorize endpoint in order to follow the OpenID Connect standard
  • Console administrator users can only login to Console and not to the applications that they own
  • Security updates
  • Log improvements

Release 1.2.50 (13/08/2019)

  • Add audits to JWT controller
  • Option to encrypt the response parameter resetPinToken at the forgot-pin API
  • Log improvements

Release 1.2.49 (24/07/2019)

  • Option to switch off NGINX logs at the dockers
  • Add a successful login counter at the logs
  • Security updates

Release 1.2.48 (08/07/2019)

  • Display the "timestamp" at the JSON logs in Zulu time zone and without the character "@".
  • Security updates
  • Log improvements
  • Minor bug fixes

Release 1.2.47 (13/06/2019)

  • Root administrator can mark a specific organisation with segregation of duties
  • The response parameter expires_in at the OpenID API /token is aligned with session TTL updates
  • Security updates
  • Log improvements
  • Minor bug fixes
  • Release disclaimer: This docker image contains a backwards compatible DB schema update. In order to support Blue-Green deployment, both products require an update from the immediate previous version (build-1.2.46).

Release 1.2.46 (30/04/2019)

  • Logs with JSON format if specified at the container env variable (LOGS_FORMAT=JSON)
  • Audit deleted devices due to 90 days of inactivity
  • Network resilience - The number of allowed retries to log in with the same authKey is now configurable per application
  • Option to forbid add new devices for a specific user
  • nonce parameter supports now an UUID with the character "-"
  • Device name with "," is now allowed
  • Reset the number of failed attempts after resetting the PIN successfully
  • Security updates

Release 1.2.45 (10/04/2019)

  • Security updates
  • Log improvements

Release 1.2.44 (02/04/2019)

  • Add network resilience for authentication

Release 1.2.43 (14/03/2019)

  • Auditing updates
  • Deletes inactive devices after 90 days of inactivity
  • Limit Customer Support users privileges
  • Option to set the JVM Options of the docker container
  • Security updates

Release 1.2.42 (28/02/2019)

  • Auditing updates
  • Security updates
  • Performance updates

Release 1.2.41 (06/02/2019)

  • Device activation tokens can now be sent encrypted to your application
  • Rename '/jwt/refresh/' endpoint to '/jwt/renew'
  • Remove deprecated '/integration/lap' endpoints
  • Auditing updates
  • Security updates
  • Minor bug fixes

Release 1.2.40 (17/01/2019)

  • Minor bug fixes

Release 1.2.39 (15/01/2019)

  • New API to generate a OTP direct from Authenticate

Release 1.2.38 (09/01/2019)

  • New API to refresh a session token
  • Security updates
  • Minor bug fixes

Release 1.2.37 (03/12/2018)

  • Validate OpenID client_secret field

Release 1.2.36 (29/11/2018)

  • Addition of APP_USER application user role to enable stronger privileges
  • Minor bug fixes

Release 1.2.35 (27/11/2018)

  • Minor bug fixes

Release 1.2.34 (21/11/2018)

  • Log improvements
  • Security updates

Release 1.2.33 (01/11/2018)

  • Email parameter is not required when adding a user
  • Audit logging is now asynchronous
  • Minor bug fixes

Release 1.2.32 (18/10/2018)

  • The TTL of the user OTP is now configurable per application
  • Supports single use device
  • Release disclaimer: This release blocks the Audits table at start up due to a DB schema change and that impacts some use-cases. In order to avoid this issue please upgrade first to the Release build- and then to Release build-1.2.32

Release 1.2.31 (09/10/2018)

  • Enable the "iss" parameter for Open ID applications to be modified
  • Enable the redirect URL for Open ID applications to be modified
  • Open ID parameters redirect_uri and state no longer mandatory
  • Pagination of Applications List

Release 1.2.30 (24/09/2018)

  • Audit records for Self-Service Add User and Device
  • 5 Minute lock for first-time failure of PIN authentication sequence
  • OpenID /authorize relays all valid OpenID parameters
  • Security updates
  • Minor bug fixes and improvements

Release 1.2.29 (13/09/2018)

  • Enable updating a user using an external IAM to authenticate
  • Logging improvements
  • Minor bug fixes

Release 1.2.28 (04/09/2018)

  • User list pagination
  • Org users paged audit list
  • Minor bug fixes

Release 1.2.27 (22/08/2018)

  • Allow a user to delete their current device

Release 1.2.26 (14/08/2018)

  • Improves logs
  • Security updates

Release 1.2.25 (03/08/2018)

  • Search application users by username, email, or mobile
  • Adds a JWT protected API to reset PIN of a user's device and send the token to an external URI configured per application
  • Minor bug fixes

Release 1.2.24 (19/07/2018)

  • Adds a new frontend look, with drill-downs and a breadcrumb trail for improved navigation
  • Minor bug fixes
  • Security updates

Release 1.2.23 (13/07/2018)

  • Adds Application Audit
  • Security updates

Release 1.2.22 (28/06/2018)

  • Adds a new user type: Support. They can only see users and edit their details
  • Adds functionality to generate a one time PIN for a specific user
  • Security updates

Release 1.2.21 (04/06/2018)

  • Supports the OpenID parameter "nonce"
  • Security updates

Release 1.2.20

  • Adds the claim “preferred_username” to the JWT of OpenID applications
  • Sets the issuer claim "iss" to "https://api.haventec.com" to the JWT of new OpenID applications
  • Adds an OpenID API to retrieve the public JSON Web Key set (JWKS)
  • Security updates

Release 1.2.19

  • Adds new attributes "username", "email", and "phone_number" to OpenID Claim
  • Adds the Sanctum service option for new Applications
  • Improves the navigation UI for Root admins and Organisation admins
  • Improves the SMTP configuration page UX
  • Updates the Root and Organisation admin dashboards
  • Publishes the Haventec Authenticate Error codes in doc.haventec.com

Release 1.2.18

  • Organisation admin can view organisational details
  • Adds expiration time for added devices/reset pin on devices
  • Improved Console error messages
  • Updates OpenID Connect authorisation code TTL

Release 1.2.17

  • Allow admin set TTL for token expiry per application
  • Add a setup wizard for on premise installations

Release 1.2.16

  • View list of organisations
  • Edit device information
  • Allow admin set TTL for activation token per application

Release 1.2.15

  • Username are now case insensitive
  • Update to API documents
  • Delete application
  • Delete user device
  • Security updates

Release 1.2.14

  • UX improvements
  • Fixed API bug: /self-service/user mobileNumber returned as null

Release 1.2.13

Release 1.2.12

  • LDAP integration

Release 1.2.11

  • UX improvements

Release 1.2.10

  • Logging updates
  • Monitoring updates

Release 1.2.9

  • Base release to support Haventec Sanctum

Release 1.2.8

  • UI improvements
  • Device fingerprinting
  • Add user

Release 1.2.7

  • OpenID connect provider

Release 1.2.6

  • View user devices
  • Lock and unlock user devices

Release 1.2.5

  • UI improvements
  • URL API versioning improvements

Release 1.2.4

Release 1.2.3