Insights and release announcements
Blog
-
Connect2id server 6.10 optimises API support for stateless login front-ends
Connect2id server 6.10 optimises API support for stateless login front-ends
This week’s release of the OpenID Connect server focuses on optimising support for stateless front-ends. Easier access to optional authZ session data During authorisation the Connect2id server allows the login page to store...
Connect2id serverRead article -
Connect2id server 6.9.1 updates the SQL backend connector
Connect2id server 6.9.1 updates the SQL backend connector
This is a small update to the Connect2id server which adds a new configuration setting for disabling automatic...
Connect2id serverRead article -
Check session iframe support now in Connect2id server 6.9
Check session iframe support now in Connect2id server 6.9
A client application which has signed in a user with OpenID Connect may need to periodically check if the user...
Connect2id serverRead article -
Connect2id server 6.8 adds logout endpoint support
Connect2id server 6.8 adds logout endpoint support
The long anticipated web API for binding a sign out page to the Connect2id server is now here. A user who has ended...
Connect2id serverRead article -
Connect2id server 6.7.2
Connect2id server 6.7.2
6.7.2 is a maintenance release of the Connect2id server. It has fixes for three discovered bugs, enhances token...
Connect2id serverRead article -
Connect2id server 6.7.1
Connect2id server 6.7.1
Execute custom logic during prompt=none processing The latest 6.7 release of the Connect2id server makes it easier to...
Connect2id serverRead article -
Connect2id server 6.6.2 strengthens defences against timing attacks
Connect2id server 6.6.2 strengthens defences against timing attacks
The OpenID Connect server has now stronger defences in place against timing attacks on OAuth 2.0 client secrets (used...
Connect2id serverRead article -
Multi-level defence against invalid curve attacks
Multi-level defence against invalid curve attacks
Reliable defences work on multiple levels. The latest release of the Nimbus JOSE + JWT library adds an extra...
JOSERead article -
Connect2id server 6.6.1 maintenance release
Connect2id server 6.6.1 maintenance release
This is a small maintenance release of the Connect2id server. Summary: Fixes client_secret provisioning...
Connect2id serverRead article -
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Deprecates use of SHA-1 CWI and Google’s announcement of a practical technique for producing SHA-1 collisions served...
JOSERead article -
New OAuth spec for TLS client authentication with X.509 certificate
New OAuth spec for TLS client authentication with X.509 certificate
Brian Campbell and other members of the OAuth WG published a new spec for letting clients authenticate with TLS and a...
Connect2id serverRead article -
Connect2id server 6.6 eases migration of data between instances
Connect2id server 6.6 eases migration of data between instances
This new release of the Connect2id server makes the job of migrating data between instances much safer and easier....
Connect2id serverRead article -
Connect2id server 6.5
Connect2id server 6.5
Single use of tokens is now also supported by the standard inspection endpoint The standard token inspection endpoint...
Connect2id serverRead article