Insights and release announcements
Blog
-
Connect2id server 19.7
Connect2id server 19.7
Connect2id server release 19.7 ships an update to consent prompts to enable IdPs easy access to previous decisions and other saved context. The web session bootstrap flow security is strengthened with revocation-aware ID tokens....
Connect2id serverRead article -
Connect2id server 19.6 introduces a web session bootstrap endpoint
Connect2id server 19.6 introduces a web session bootstrap endpoint
Integrated web session bootstrap for native apps Connect2id server 19.6 introduces a groundbreaking feature - a web...
Connect2id serverRead article -
Protecting OAuth code flows against browser-swap attacks
Protecting OAuth code flows against browser-swap attacks
The browser swap attack is not a new attack. It was first theorised in 2022 by a team of researchers commissioned by...
OAuth 2.0Read article -
Connect2id server 19.5
Connect2id server 19.5
The DPoP (RFC 9449) OAuth 2.0 security extension enables a client to bind an access token to a private key...
Connect2id serverRead article -
Connect2id server 19.4
Connect2id server 19.4
This Connect2id server release ships full DPoP support for applications using the token exchange grant. It also...
Connect2id serverRead article -
Connect2id server 19.3
Connect2id server 19.3
This Connect2id server release updates OpenID Federation support for deployments that require compliance with the...
Connect2id serverRead article -
Connect2id server 19.2
Connect2id server 19.2
This Connect2id server release introduces DPoP proof time window metrics and control. The DPoP token type was...
Connect2id serverRead article -
Connect2id server 19.1.2
Connect2id server 19.1.2
This release of the Connect2id server updates Oracle database support, to improve the performance of write operations...
Connect2id serverRead article -
Connect2id server 19.1.1
Connect2id server 19.1.1
This maintenance update of the Connect2id server fixes an issue that affected the use by clients of encrypted ID...
Connect2id serverRead article -
Connect2id server 19.1
Connect2id server 19.1
The client registration API of the Connect2id server is updated to support dry-run POST and PUT requests. The...
Connect2id serverRead article -
Connect2id server 18.2.1
Connect2id server 18.2.1
This release of the Connect2id server fixes a defect that caused the op.idTokenIssues meter to only count ID tokens...
Connect2id serverRead article -
Connect2id server 19.0
Connect2id server 19.0
The cross-device OAuth flow (CIBA) to authenticate users and request tokens typically invokes a native IdP app. This...
Connect2id serverRead article -
Connect2id server 18.2
Connect2id server 18.2
CIBA improvements This Connect2id server release refines the internal web API for handling CIBA, where the native IdP...
Connect2id serverRead article