Insights and release announcements
Blog
-
Connect2id server and CVE-2023-5072
Connect2id server and CVE-2023-5072
Our CVE scanner recently returned a DoS vulnerability for the JSON.org dependency org.json:json:20230227. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072 Fortunately this dependency is used in a single, non-critical place,...
Connect2id serverRead article -
Connect2id server 14.7
Connect2id server 14.7
This Connect2id server release ships updates in three different areas. Native application redirect_uri updates The...
Connect2id serverRead article -
Connect2id server 14.6
Connect2id server 14.6
This Connect2id server release received a sweeping update of the Redis connector. It fixes a bug that affected the...
Connect2id serverRead article -
Connect2id server 14.5
Connect2id server 14.5
Connect2id server 14.5 ships several small updates to its APIs and fixes v14.x issues reported in August. This...
Connect2id serverRead article -
Connect2id server 14.4 introduces Rich Authorisation Request (RAR) type checking
Connect2id server 14.4 introduces Rich Authorisation Request (RAR) type checking
RAR This Connect2id server release is another step towards a complete built-in support for OAuth 2.0 Rich...
Connect2id serverRead article -
Connect2id server 14.3
Connect2id server 14.3
This Connect2id server release fixes a bug in earlier 14.x versions that caused marshalling errors in deployments...
Connect2id serverRead article -
Connect2id server 14.2 introduces reuse grace period for rotated refresh tokens
Connect2id server 14.2 introduces reuse grace period for rotated refresh tokens
The current OAuth 2.0 best practices mandate refresh tokens issued to public clients to be either...
Connect2id serverRead article -
Connect2id server 14.1
Connect2id server 14.1
This is a mini Connect2id server update to the 14.0 release that appeared on Tuesday. It fixes an incorrect server...
Connect2id serverRead article -
Connect2id server 14.0 with new refresh token settings and Oracle database support
Connect2id server 14.0 with new refresh token settings and Oracle database support
The new major Connect2id server release is here at last. What’s in it and how to prepare for the upgrade? New refresh...
Connect2id serverRead article -
Connect2id server 13.7.4
Connect2id server 13.7.4
This release of the Connect2id server fixes a bug that caused incorrect encoding of the state parameter in...
Connect2id serverRead article -
Connect2id server 13.7.3
Connect2id server 13.7.3
This release of the Connect2id server fixes a bug affecting deployments that have their signing RSA and / or EC keys...
Connect2id serverRead article -
Connect2id server 13.7.2
Connect2id server 13.7.2
This week’s Connect2id server addresses two issues and updates the JDBC drivers for MySQL, PostgreSQL and Microsoft...
Connect2id serverRead article -
Connect2id server 13.7.1
Connect2id server 13.7.1
This maintenance release of the Connect2id server fixes a bug that affected the OAuth 2.0 token exchange grant and...
Connect2id serverRead article