Connect2id server 14.1
This is a mini Connect2id server update to the 14.0 release that appeared on Tuesday. It fixes an incorrect server SDK dependency declaration, which means 14.1 is the version to upgrade to (and not 14.0) from 13.x or older versions.
Support for OpenID Connect Federation 1.0 is bumped to the most recent stable 29 draft, in particular the new policy language.
If the configured Connect2id server signing keys have certificates, the server will automatically include them in the JWS header, unless the server is instructed not to do so. This will result in smaller JARM JWTs:
More information can be found in the release notes below. If you have questions or need assistance with the new release contact us.
For the signature validation: Public GPG key
Standard Connect2id server edition
Apache Tomcat package with Connect2id server 14.1: Connect2id-server.zip
GPG signature: Connect2id-server.zip.asc
Connect2id server 14.1 WAR package: c2id.war
GPG signature: c2id.war.asc
Apache Tomcat package with Connect2id server 14.1: Connect2id-server-mt.zip
GPG signature: Connect2id-server-mt.zip.asc
Connect2id server 14.1 WAR package: c2id-mt.war
GPG signature: c2id-mt.war.asc
If you have technical questions about this new release contact Connect2id support. To purchase a production license for the Connect2id server, renew or upgrade your support and updates subscription, email our sales.
- Upgrades OpenID Connect Federation 1.0 policy support to draft 29.
- op.authz.responseJWTIncludeX5C -- New optional configuration property of type boolean to enable / disable inclusion of the X.509 certificate chain ("x5c") header parameter in signed OAuth 2.0 authorisation responses (JARM) when the signing JWK is provisioned with a certificate. The default value is true (enabled).
- The com.nimbusds:c2id-server-sdk dependency must not be SNAPSHOT, but 4.58 (issue server/898).
Upgrades to com.nimbusds:c2id-server-sdk:4.58
Upgrades to com.nimbusds:oauth2-oidc-sdk:10.10.1
Updates to io.dropwizard.metrics:metrics-core:4.2.19