Unit4 Identity Services 3.3.0 release notes

Released Maj 25th 2019

About this release

This release is version 3.3.0 of the Unit4 Identity Services (U4IDS) that consists of IDS Core, IDS API, IDS API SDK, AccessManagement SDK and the IDS Portal. These release notes contain important information about U4IDS and provide an overview of features included in this release, important information, bug fixes and known issues.

Features included in this release

The following features are included in this release:

Access Management SDK support for retry on http request

The Access management SDK now have the same support for retrying after http request errors that the API SDK already have.

Portal support for user history

Now we have the same History support for Users in the portal as we already have for Client, Scopes and Tenants. You can also see the history of deleted users from the user list. This requires v3 of Access Management to be used.

Portal support for preapproved invites

If you select a role for the user you want to invite to IDS, then the user will be preapproved and will be able to log in immediately. If you dont select a role the user needs to choose a role and await approval, just as before.

API Clean up entered data

We are doing some cleanup of the data sent to the API:

Remove trailing whitespaces where needed
Remove slash from Client.AllowedCorsOrigins
Remove duplicate scope names from AllowedScopes

Support for Tenant specific Client Credentials Clients

You are now able to create Tenant specific clients with the u4ids-admin scope if you set the application setting: AdminScope:AllowedForTenantSpecificClients to true for the API service. These clients will only be able to access and update data for that Tenant.

Bugs fixed in this release

• Fixed: U4IDS Authorize request's tenant parameter is case sensitive, should be case insensitive..
• Fixed: U4IDS API Scope claims was duplicated on the standard scopes.
• Fixed: U4IDS API The AllowedForTenantSpecificClients flag was not checked when adding scopes to clients.
• Fixed: U4IDS API Allowed to change OwnerTenant to something other that current Tenant using patch.

Known issues

• U4IDS does not have a feature to store SAML IdP metadata. IdP metadata must be accessible publicly on the provider site, or placed on a publically available place (e.g. DropBox, Azure Storage, OneDrive or similar).
• Since IDS 3.1.0 we no longer support the v1 administration interfaces
• Migration from v1 administration interfaces must be done on IDS 2.1 first. There is no migration solution from 1.x directly to 3.3.0.
• Migrating from 3.0/3.1/3.2 to 3.3 can take a long time if the Audits table is large
• The Redis reconnect functionality in 3.1 have been removed.
• IDS Portal Client/Scope Secret history is no longer a separate command, but can be found in the scope and client history.

Patches

Authentication service

• 3.3.1 - Add missing await in UpdateConsentAsync.
• 3.3.2 - Increase allowed lenght of redirect uris from 400 to 1024.