Connect2id server 12.6.1

This release of the Connect2id server fixes two bugs that affected the eKYC / Identity Assurance extension for verified claims and a bug affecting configuration of the custom scope value to OpenID claims mapping. The fixed issues are described in the release notes below.

Download 12.6.1

For the signature validation: Public GPG key

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 12.6.1:

SHA-256: 88ca8c72ba87f144625cbc8a71f8e06a80d1cb5450beb18eb9ba6718f61cd745

GPG signature:

Connect2id server 12.6.1 WAR package: c2id.war

SHA-256: 4a56c99242ea290992a207ef10a92a54e1d4442ab687e3327347cbf9e1cb145c

GPG signature: c2id.war.asc

Multi-tenant edition

Apache Tomcat package with Connect2id server 12.6.1:

SHA-256: 71b5289d020f06c0ebd6c762df6e8cc8dca90287011e2cac71dacf30ce6f777a

GPG signature:

Connect2id server 12.6.1 WAR package: c2id-multi-tenant.war

SHA-256: 11ac6124cbc3231103fb79be6c7a781585607d9f6bb7cb636dadfef58bf5fc7b 

GPG signature: c2id-multi-tenant.war.asc


Contact Connect2id support.

Release notes

12.6.1 (2022-02-10)

Resolved issues

  • Fixes* system property override for configuring the custom scope-to-claims mapper in the single-tenant edition of the Connect2id server. The multi-tenant server edition is not affected. The single-tenant server edition will log at startup the configured mapping (at level INFO with ID OP0080) (issue server/725).

  • OpenID Connect for Identity Assurance: MinimalVerificationSpec.parse must allow trust_framework set to an empty JSON object (issue oidc-sdk/385).

  • OpenID Connect for Identity Assurance: The birthplace claim must allow ISO 3166-1 Alpha-3 country codes. (issue server/728).

Dependency changes

  • Updates to com.nimbusds:oauth2-oidc-sdk:9.25

  • Updates to com.nimbusds:nimbus-jose-jwt:9.19

  • Updates to org.postgresql:postgresql:42.3.2