Connect2id server 12.11

This is a mini update to give Connect2id server deployments simple and precise control over the splash / landing page that is displayed when the configured issuer URL is opened in a browser. A new op.splashPage configuration property lets deployments choose between the current default splash page, a blank page, a redirection to the OpenID provider metadata, or to some other URL.

Example configuration to redirect HTTP requests to the issuer URL to the OpenID provider metadata:


To redirect to some other URL:


To show a blank page:


This release also fixes two issues. You can find more information in the release notes below.

Download 12.11

For the signature validation: Public GPG key

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 12.11:

GPG signature:

SHA-256: b3bd5cc5011c0cc31fe3465cbc6137da0e113a9185b88bff0acfa0b83f1d90f6

Connect2id server 12.11 WAR package: c2id.war

GPG signature: c2id.war.asc

SHA-256: ac0537550ead4e4b6e409d34b95e98b10b84ff1a1f0fb2d47548e5d09378172b

Multi-tenant edition

Apache Tomcat package with Connect2id server 12.11:

GPG signature:

SHA-256: 4aa967b1d02b7e748d57570922a119e8da23985ec8c447bb84e97f20cb439a07

Connect2id server 12.11 WAR package: c2id-multi-tenant.war

GPG signature: c2id-multi-tenant.war.asc

SHA-256: 6cbab334668f3a6ac863ec177b7be8bdd7f5171e496748a9e91cdaef5ee42b90


If you have technical questions about this new release contact Connect2id support. To purchase a production license for the Connect2id server, renew or upgrade your support and updates subscription, email our sales.

Release notes

12.11 (2022-05-22)


  • /WEB-INF/

    • op.splashPage -- New configuration property for the splash page to display at the Connect2id server issuer URL (op.issuer).

      Supported values:

      • urn:c2id:splash_page:default -- The default splash page, an HTML page showing the Connect2id server version, a list of the available endpoints and links to public online documentation.
      • urn:c2id:splash_page:blank -- A blank page.
      • urn:c2id:splash_page:op_metadata -- Redirects (HTTP 301) to the OpenID provider metadata at /.well-known/openid-configuration
      • https or http URL -- Redirects (HTTP 301) to the specified HTTPS or HTTP URL.

Resolved issues

  • Fixes a bug that affected the correct handling of the subject session "auth_life" property (for values > 0) in the authorisation session web API, used to determine when the authentication lifetime (in minutes) of a session expires and the subject (end-user) must be re-authenticated in the same session (issue server/756).

  • Adds custom static error pages for 404, 405 and other HTTP status codes handled by the Servlet container to hide the Servlet container version and other potentially sensitive information (issue server/745).