This website requires Javascript for some parts to function properly. Your experience may vary.

Blog

Insights and release announcements

9 February 2026

Connect2id server 19.6 introduces a web session bootstrap endpoint

Integrated web session bootstrap for native apps Connect2id server 19.6 introduces a groundbreaking feature - a web session bootstrap endpoint. This new capability allows authorised native clients to initialise a WebView with a...

Connect2id server
Read article
26 January 2026

Protecting OAuth code flows against browser-swap attacks

The browser swap attack is not a new attack. It was first theorised in 2022 by a team of researchers commissioned by...

OAuth 2.0
Read article
17 December 2025

Nimbus JOSE+JWT roadmap for 2026 and Beyond

As the JOSE ecosystem continues to evolve, we are now in a phase where modern cryptography is being reshaped by two...

JOSE
Read article
3 December 2025

Connect2id server 19.5

The DPoP (RFC 9449) OAuth 2.0 security extension enables a client to bind an access token to a private key...

Connect2id server
Read article
28 October 2025

Connect2id server 19.4

This Connect2id server release ships full DPoP support for applications using the token exchange grant. It also...

Connect2id server
Read article
25 September 2025

Connect2id server 19.3

This Connect2id server release updates OpenID Federation support for deployments that require compliance with the...

Connect2id server
Read article
2 September 2025

Connect2id server 19.2

This Connect2id server release introduces DPoP proof time window metrics and control. The DPoP token type was...

Connect2id server
Read article
19 August 2025

Connect2id server 19.1.2

This release of the Connect2id server updates Oracle database support, to improve the performance of write operations...

Connect2id server
Read article
11 August 2025

Connect2id server 19.1.1

This maintenance update of the Connect2id server fixes an issue that affected the use by clients of encrypted ID...

Connect2id server
Read article
24 July 2025

Connect2id server 19.1

The client registration API of the Connect2id server is updated to support dry-run POST and PUT requests. The...

Connect2id server
Read article
4 June 2025

Connect2id server 18.2.1

This release of the Connect2id server fixes a defect that caused the op.idTokenIssues meter to only count ID tokens...

Connect2id server
Read article
4 June 2025

Connect2id server 19.0

The cross-device OAuth flow (CIBA) to authenticate users and request tokens typically invokes a native IdP app. This...

Connect2id server
Read article
20 May 2025

Connect2id server 18.2

CIBA improvements This Connect2id server release refines the internal web API for handling CIBA, where the native IdP...

Connect2id server
Read article

Blog

Connect2id server 19.6 introduces a web session bootstrap endpoint

Protecting OAuth code flows against browser-swap attacks

Nimbus JOSE+JWT roadmap for 2026 and Beyond

Connect2id server 19.5

Connect2id server 19.4

Connect2id server 19.3

Connect2id server 19.2

Connect2id server 19.1.2

Connect2id server 19.1.1

Connect2id server 19.1

Connect2id server 18.2.1

Connect2id server 19.0

Connect2id server 18.2