2.5 Preview 2

As part of this release we had 22 issues closed.

bugs

• #3128 Latest Identity Server 4 OIDC Form Post doesn't work when run in a WinForms WebBrowser control
• #3013 IdentityServer4.Models.ApiResourceExtensions.CloneWithScopes does not clone properties
• #2875 code flow with fragment response mode is not allowed

enhancements

• #3241 Add support for signed authorize requests
• #3234 Add Client.Id and to UserLoginSuccessEvent and UserLoginFailureEvent
• #3229 Make back channel signout a first class service
• #3227 Recompilation required for EF.Storage with latest AutoMapper 8.1.0 due to signature change
• #3219 Add JWK support in JwtRequestValidator
• #3215 LogInformation changed to LogDebug
• #3201 Allowed usage of relative and absolute verification URIs for device authorization
• #3193 Add validation for cors origins that aren't valid
• #3183 Add support to carry an error description back to third party clients on authorize error results
• #3160 PersistedGrants missing index on Expiration column
• #3148 call flush async #3096
• #3143 Log request details on more log messages
• #3139 Back-Channel Logout Token: Allow configuring additional claims
• #3059 Fixed bug where the Subject was not being set on the ValidatedRequest and would not end up in the TokenIssuedSuccessEvent using Code flow
• #2938 Provide more flexibility in the DefaultUserSession cookie management
• #2884 Generate a token with claims from IdentityServerTools
• #2859 Support HttpClientFactory for back channel signout
• #2539 Consider Add or Replace Endpoint extension method
• #1958 Add client_id to ErrorMessage when Authorization request failed