Haventec Authenticate changelog

Release versions are synchronized with Haventec Console versions changelog

Release 1.2.69 (1/12/2020)

  • Re-enable scheduled task with performance enhancement
  • Note: If you’re currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60, you must update to 1.2.65 and then you can update directly to release version 1.2.69

Release 1.2.68 (24/11/2020)

  • Applications can generate and validate OTPs for non-authenticated users
  • Applications can generate and validate OTPs for authenticated users
  • Note: It contains the same patch as in build-1.2.65.1 and build-1.2.67.1
  • Note: If you’re currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60, you must update to 1.2.65 and then you can update directly to release version 1.2.68

Release 1.2.67.1 (18/11/2020)

  • Disable a scheduled task that may cause performance issues.
  • Note: If you’re currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60, you must update to 1.2.65 and then you can update directly to release version 1.2.67.1

Release 1.2.67 (10/11/2020)

  • Anonymous OTP API
  • Security updates
  • If you’re currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60, you must update to 1.2.65 and then you can update directly to release version 1.2.67.

Release 1.2.66 (21/10/2020)

  • Authenticated users can set up a PIN on their pinless devices
  • Update API documentation
  • Security updates
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60 you can update directly to release version 1.2.66.

Release 1.2.65 (31/07/2020)

  • Optimised audits search
  • Dependency updates
  • Security updates
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release version 1.2.60 you can update directly to release version 1.2.65.

Release 1.2.64 (02/06/2020)

  • Security updates
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from version 1.2.59. Once on release version 1.2.60 you can update directly to release version 1.2.64.

Release 1.2.63 (07/05/2020)

  • Security updates
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from version 1.2.59. Once on release version 1.2.60 you can update directly to release version 1.2.63.

Release 1.2.62 (07/04/2020)

  • Bug fix: Customer Support Console users didn't get the persisted value of the property "Forbid adding devices" at the page user details
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on version 1.2.60, please update to release version 1.2.62.

Release 1.2.61 (31/03/2020)

  • Support pinless device authentication
  • Log improvements
  • Security updates
  • Note: If you're currently on release version 1.2.59 or below you must update to milestone release version 1.2.60 from release version 1.2.59. Once on release 1.2.60, please update to 1.2.61

Release 1.2.60 (04/03/2020)

  • Repair DB schema
  • Security updates
  • Milestone release: Please update to milestone release version 1.2.60 from release version 1.2.59 before updating to anything above version 1.2.60
  • Release disclaimer 1: Please upgrade to this release (build-1.2.60) only from the previous one (build-1.2.59), otherwise Blue-Green deployment and backwards compatibility are not supported
  • Release disclaimer 2: For new deployments please start with this release (build-1.2.60)

Release 1.2.59 (20/02/2020)

  • Switch off DB schema updates (Only on this docker version)
  • Security updates
  • Release disclaimer 1: This docker has deactivated the DB schema updates and therefore cannot be used on a brand new installation
  • Milestone release: If you are updating your platform from a version older than 1.2.56, it's mandatory to update first to the version 1.2.56, then you could update directly from 1.2.56 to 1.2.59

Release 1.2.58 (30/01/2020)

  • Root and Customer Support users can now see the group on user details
  • Security updates

Release 1.2.57 (02/12/2019)

  • Support to retrieve organisation user group information

Release 1.2.56 (21/11/2019)

  • Maintenance update to delete code related to a deprecated DB column that will be deleted in a future release

Release 1.2.55 (11/11/2019)

  • DB connection pool connects only to master DB node preventing Read Only errors in case of a DB master-slave failover
  • Audit the JWT claims granted to users

Release 1.2.54 (22/10/2019)

  • Fix the pagination object at the endpoint that retrieves application's users
  • Delete a deprecated column at two tables
  • Regular security updates at the docker SOE

Release 1.2.53 (20/09/2019)

  • Fixes bug at the claims of the JWT

Release 1.2.52 (9/09/2019)

  • Document how to monitor Haventec dockers on-premise
  • Authenticate apps only contain Authenticate application users and not Console Org Admin
  • Support API Key rotation
  • Include KeyPairUuid at the response of forgot-pin
  • Log improvements - new parameters to the JSON logs: statusCode and uri
  • Security updates

Release 1.2.51 (26/08/2019)

  • Document error flows at the add and login users endpoint
  • Delete the parameter client_secret at the /authorize endpoint in order to follow the OpenID Connect standard
  • Console administrator users can only login to Console and not to the applications that they own
  • Security updates
  • Log improvements

Release 1.2.50 (13/08/2019)

  • Add audits to JWT controller
  • Option to encrypt the response parameter resetPinToken at the forgot-pin API
  • Log improvements

Release 1.2.49 (24/07/2019)

  • Option to switch off NGINX logs at the dockers
  • Add a successful login counter at the logs
  • Security updates

Release 1.2.48 (08/07/2019)

  • Display the "timestamp" at the JSON logs in Zulu time zone and without the character "@".
  • Security updates
  • Log improvements
  • Minor bug fixes

Release 1.2.47 (13/06/2019)

  • Root administrator can mark a specific organisation with segregation of duties
  • The response parameter expires_in at the OpenID API /token is aligned with session TTL updates
  • Security updates
  • Log improvements
  • Minor bug fixes
  • Release disclaimer: This docker image contains a backwards compatible DB schema update. In order to support Blue-Green deployment, both products require an update from the immediate previous version (build-1.2.46).

Release 1.2.46 (30/04/2019)

  • Logs with JSON format if specified at the container env variable (LOGS_FORMAT=JSON)
  • Audit deleted devices due to 90 days of inactivity
  • Network resilience - The number of allowed retries to log in with the same authKey is now configurable per application
  • Option to forbid add new devices for a specific user
  • nonce parameter supports now an UUID with the character "-"
  • Device name with "," is now allowed
  • Reset the number of failed attempts after resetting the PIN successfully
  • Security updates

Release 1.2.45 (10/04/2019)

  • Security updates
  • Log improvements

Release 1.2.44 (02/04/2019)

  • Add network resilience for authentication

Release 1.2.43 (14/03/2019)

  • Auditing updates
  • Deletes inactive devices after 90 days of inactivity
  • Limit Customer Support users privileges
  • Option to set the JVM Options of the docker container
  • Security updates

Release 1.2.42 (28/02/2019)

  • Auditing updates
  • Security updates
  • Performance updates

Release 1.2.41 (06/02/2019)

  • Device activation tokens can now be sent encrypted to your application
  • Rename '/jwt/refresh/' endpoint to '/jwt/renew'
  • Remove deprecated '/integration/lap' endpoints
  • Auditing updates
  • Security updates
  • Minor bug fixes

Release 1.2.40 (17/01/2019)

  • Minor bug fixes

Release 1.2.39 (15/01/2019)

  • New API to generate a OTP direct from Authenticate

Release 1.2.38 (09/01/2019)

  • New API to refresh a session token
  • Security updates
  • Minor bug fixes

Release 1.2.37 (03/12/2018)

  • Validate OpenID client_secret field

Release 1.2.36 (29/11/2018)

  • Addition of APP_USER application user role to enable stronger privileges
  • Minor bug fixes

Release 1.2.35 (27/11/2018)

  • Minor bug fixes

Release 1.2.34 (21/11/2018)

  • Log improvements
  • Security updates

Release 1.2.33 (01/11/2018)

  • Email parameter is not required when adding a user
  • Audit logging is now asynchronous
  • Minor bug fixes

Release 1.2.32 (18/10/2018)

  • The TTL of the user OTP is now configurable per application
  • Supports single use device
  • Release disclaimer: This release blocks the Audits table at start up due to a DB schema change and that impacts some use-cases. In order to avoid this issue please upgrade first to the Release build-1.2.31.1 and then to Release build-1.2.32

Release 1.2.31 (09/10/2018)

  • Enable the "iss" parameter for Open ID applications to be modified
  • Enable the redirect URL for Open ID applications to be modified
  • Open ID parameters redirect_uri and state no longer mandatory
  • Pagination of Applications List

Release 1.2.30 (24/09/2018)

  • Audit records for Self-Service Add User and Device
  • 5 Minute lock for first-time failure of PIN authentication sequence
  • OpenID /authorize relays all valid OpenID parameters
  • Security updates
  • Minor bug fixes and improvements

Release 1.2.29 (13/09/2018)

  • Enable updating a user using an external IAM to authenticate
  • Logging improvements
  • Minor bug fixes

Release 1.2.28 (04/09/2018)

  • User list pagination
  • Org users paged audit list
  • Minor bug fixes

Release 1.2.27 (22/08/2018)

  • Allow a user to delete their current device

Release 1.2.26 (14/08/2018)

  • Improves logs
  • Security updates

Release 1.2.25 (03/08/2018)

  • Search application users by username, email, or mobile
  • Adds a JWT protected API to reset PIN of a user's device and send the token to an external URI configured per application
  • Minor bug fixes

Release 1.2.24 (19/07/2018)

  • Adds a new frontend look, with drill-downs and a breadcrumb trail for improved navigation
  • Minor bug fixes
  • Security updates

Release 1.2.23 (13/07/2018)

  • Adds Application Audit
  • Security updates

Release 1.2.22 (28/06/2018)

  • Adds a new user type: Support. They can only see users and edit their details
  • Adds functionality to generate a one time PIN for a specific user
  • Security updates

Release 1.2.21 (04/06/2018)

  • Supports the OpenID parameter "nonce"
  • Security updates

Release 1.2.20

  • Adds the claim “preferred_username” to the JWT of OpenID applications
  • Sets the issuer claim "iss" to "https://api.haventec.com" to the JWT of new OpenID applications
  • Adds an OpenID API to retrieve the public JSON Web Key set (JWKS)
  • Security updates

Release 1.2.19

  • Adds new attributes "username", "email", and "phone_number" to OpenID Claim
  • Adds the Sanctum service option for new Applications
  • Improves the navigation UI for Root admins and Organisation admins
  • Improves the SMTP configuration page UX
  • Updates the Root and Organisation admin dashboards
  • Publishes the Haventec Authenticate Error codes in doc.haventec.com

Release 1.2.18

  • Organisation admin can view organisational details
  • Adds expiration time for added devices/reset pin on devices
  • Improved Console error messages
  • Updates OpenID Connect authorisation code TTL

Release 1.2.17

  • Allow admin set TTL for token expiry per application
  • Add a setup wizard for on premise installations

Release 1.2.16

  • View list of organisations
  • Edit device information
  • Allow admin set TTL for activation token per application

Release 1.2.15

  • Username are now case insensitive
  • Update to API documents
  • Delete application
  • Delete user device
  • Security updates

Release 1.2.14

  • UX improvements
  • Fixed API bug: /self-service/user mobileNumber returned as null

Release 1.2.13

Release 1.2.12

  • LDAP integration

Release 1.2.11

  • UX improvements

Release 1.2.10

  • Logging updates
  • Monitoring updates

Release 1.2.9

  • Base release to support Haventec Sanctum

Release 1.2.8

  • UI improvements
  • Device fingerprinting
  • Add user

Release 1.2.7

  • OpenID connect provider

Release 1.2.6

  • View user devices
  • Lock and unlock user devices

Release 1.2.5

  • UI improvements
  • URL API versioning improvements

Release 1.2.4

Release 1.2.3