Insights and release announcements
Blog
-
Connect2id server 6.14
Connect2id server 6.14
This new release of the OpenID Connect server upgrades the authorisation session API to enable a wider range of architectural patterns when integrating login UIs and authentication factors, especially stateless front-ends and...
Connect2id serverRead article -
Upgrade OAuth 2.0 security with client certificate bound access tokens
Upgrade OAuth 2.0 security with client certificate bound access tokens
OAuth 2.0 received its most significant security upgrade in its 7 year history, thanks to a new extension spec being...
Connect2id serverRead article -
Mutual TLS client authentication in Connect2id server 6.12
Mutual TLS client authentication in Connect2id server 6.12
We are pleased to announce the Connect2id server now supports client X.509 certificate authentication, bound to a...
Connect2id serverRead article -
Aggregated and distributed OpenID claims support in Connect2id server 6.11
Aggregated and distributed OpenID claims support in Connect2id server 6.11
Including OpenID claims from upstream providers The primary purpose of an OpenID Connect provider is to authenticate...
Connect2id serverRead article -
Connect2id server 6.10 optimises API support for stateless login front-ends
Connect2id server 6.10 optimises API support for stateless login front-ends
This week’s release of the OpenID Connect server focuses on optimising support for stateless front-ends. Easier...
Connect2id serverRead article -
Connect2id server 6.9.1 updates the SQL backend connector
Connect2id server 6.9.1 updates the SQL backend connector
This is a small update to the Connect2id server which adds a new configuration setting for disabling automatic...
Connect2id serverRead article -
Check session iframe support now in Connect2id server 6.9
Check session iframe support now in Connect2id server 6.9
A client application which has signed in a user with OpenID Connect may need to periodically check if the user...
Connect2id serverRead article -
Connect2id server 6.8 adds logout endpoint support
Connect2id server 6.8 adds logout endpoint support
The long anticipated web API for binding a sign out page to the Connect2id server is now here. A user who has ended...
Connect2id serverRead article -
Connect2id server 6.7.2
Connect2id server 6.7.2
6.7.2 is a maintenance release of the Connect2id server. It has fixes for three discovered bugs, enhances token...
Connect2id serverRead article -
Connect2id server 6.7.1
Connect2id server 6.7.1
Execute custom logic during prompt=none processing The latest 6.7 release of the Connect2id server makes it easier to...
Connect2id serverRead article -
Connect2id server 6.6.2 strengthens defences against timing attacks
Connect2id server 6.6.2 strengthens defences against timing attacks
The OpenID Connect server has now stronger defences in place against timing attacks on OAuth 2.0 client secrets (used...
Connect2id serverRead article -
Connect2id server 6.6.1 maintenance release
Connect2id server 6.6.1 maintenance release
This is a small maintenance release of the Connect2id server. Summary: Fixes client_secret provisioning...
Connect2id serverRead article -
New OAuth spec for TLS client authentication with X.509 certificate
New OAuth spec for TLS client authentication with X.509 certificate
Brian Campbell and other members of the OAuth WG published a new spec for letting clients authenticate with TLS and a...
Connect2id serverRead article