v5.0.0.0: First release of the archived fork

Overview

This release marks the fork's first independent release under K0lin's maintenance. It includes a full redesign of both the configuration and linking UIs, a complete internationalization layer, CI fixes, and the migration to .NET 9.0 targeting Jellyfin 10.11.11.

You can find more information about migration into the wiki section HERE

P.S.: I always recommend making a backup before performing a procedure like this so you can recover in case of any issues.

---

What's Changed

UI

Configuration page redesign

• Completely restructured the SSO settings page layout with clearer section headings and descriptions.
• Added a notice panel that informs users that configuration changes require a Jellyfin server restart.
• Added confirmation prompts when loading or deleting an existing OpenID provider.
• Introduced new security-sensitive option fields with inline warning labels to guide administrators.
• Added role-based access control (RBAC) settings directly in the UI for Live TV access, Live TV management, and folder access.

SSO linking page redesign

• Refreshed the self-service linking interface with an improved layout and proper empty-state handling when no linked accounts are present.
• Improved overall visual hierarchy and usability across the configuration interface.

Internationalization (i18n)

• Added full en-us.json localization files for both the configuration page and the linking page.
• All user-facing strings in config.js, configPage.html, and linking.html are now driven by the i18n layer via data-i18n attributes.
• New locale resources are embedded as plugin resources and served correctly by SSOPlugin.cs.

CI / Build

• Fixed missing contents: write permission in the nightly publish workflow, which was causing nightly release uploads to fail.
• All workflows updated to .NET 9.0 (dotnet-version: 9.0.*, dotnet-target: net9.0).
• Jellyfin SDK dependencies updated to 10.11.11.

Repository & Branding

• Updated all repository links, documentation, and in-plugin references from 9p4/jellyfin-plugin-sso to K0lin/jellyfin-plugin-sso.
• Updated build.yaml metadata (owner, imageUrl, description) to reflect the new maintainer.

Documentation

• Added the entire wiki section to help users use the plugin
• Added Conventional Commits guidelines to CONTRIBUTING.md with a full type table and examples.
• Updated README.md to reference the new repository.

---

Upgrade Notes

• This release requires Jellyfin 10.11.x (targetAbi: 10.11.11.0).
• No breaking changes to existing SSO provider configurations or user link data.
• A Jellyfin server restart is required after updating the plugin.

What's Changed

• First commit by @K0lin in #1
• Refresh SSO linking page UI and add local i18n resources by @K0lin in #2
• Add permissions for contents write in nightly workflow by @K0lin in #3
• Enhance SSO Configuration UI and Localization by @K0lin in #4
• Update security contact email in SECURITY.md by @K0lin in #8
• Fix broken link in installation instructions by @K0lin in #9
• chore: update version to 5.0.0.0 and enhance changelog for SSO Authentication plugin by @K0lin in #11

Full Changelog: v4.0.0.4...v5.0.0.0

v4.0.0.4: Critical Security Fix for SAML

There is a critical security fix for SAML. Please update as soon as possible. Thanks to N.P. for finding the issue.

Additional bugfixes are also included.

What's Changed

• Add Pocket ID config steps by @mhlas7 in 9p4/jellyfin-plugin-sso#312
• fix: invalidate state immediately after auth by @jon4hz in 9p4/jellyfin-plugin-sso#343
• Add kanidm config steps by @Joker9944 in 9p4/jellyfin-plugin-sso#347
• Update README dead link, add warning for permission overwritten by @ForsakenRei in 9p4/jellyfin-plugin-sso#318
• Bugfix: Prevent KeyNotFoundExceptions in OidPost by @mandos21 in 9p4/jellyfin-plugin-sso#349

New Contributors

• @mhlas7 made their first contribution in 9p4/jellyfin-plugin-sso#312
• @jon4hz made their first contribution in 9p4/jellyfin-plugin-sso#343
• @Joker9944 made their first contribution in 9p4/jellyfin-plugin-sso#347
• @ForsakenRei made their first contribution in 9p4/jellyfin-plugin-sso#318
• @mandos21 made their first contribution in 9p4/jellyfin-plugin-sso#349

Full Changelog: 9p4/jellyfin-plugin-sso@v4.0.0.3...v4.0.0.4

v4.0.0.3: Jellyfin 10.11

More CI fixes

What's Changed

• fix: consistently use OpenID instead of OID on the config page by @CFenner in 9p4/jellyfin-plugin-sso#193
• Support DisableHttps/DoNotValidateIssuerName in SSOController.OidChallenge by @andreblanke in 9p4/jellyfin-plugin-sso#239
• Allow to disable pushed authorization by @bdovaz in 9p4/jellyfin-plugin-sso#244
• Update oddstr13/jellyfin-plugin-repository-manager by @bdovaz in 9p4/jellyfin-plugin-sso#247
• Avatar via OIDC Provider by @Estyms in 9p4/jellyfin-plugin-sso#202
• Allow port override by @bdovaz in 9p4/jellyfin-plugin-sso#246
• Fix artifact names by @bdovaz in 9p4/jellyfin-plugin-sso#248
• Prevent force updating username by @FeikoJoosten in 9p4/jellyfin-plugin-sso#251
• remove deprecated redirect uri from readme by @hendrik1120 in 9p4/jellyfin-plugin-sso#280
• Match the styling of the redirection page with Jellyfin colors and font by @kernelb00t in 9p4/jellyfin-plugin-sso#269
• Use punycode URL for redirect page - OIDC by @babbitt in 9p4/jellyfin-plugin-sso#265

New Contributors

• @CFenner made their first contribution in 9p4/jellyfin-plugin-sso#193
• @andreblanke made their first contribution in 9p4/jellyfin-plugin-sso#239
• @bdovaz made their first contribution in 9p4/jellyfin-plugin-sso#244
• @Estyms made their first contribution in 9p4/jellyfin-plugin-sso#202
• @FeikoJoosten made their first contribution in 9p4/jellyfin-plugin-sso#251
• @kernelb00t made their first contribution in 9p4/jellyfin-plugin-sso#269
• @babbitt made their first contribution in 9p4/jellyfin-plugin-sso#265

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.2.4...v4.0.0.3

v3.5.2.4

What's Changed

• Update version in SSO-Auth.csproj by @lf- in 9p4/jellyfin-plugin-sso#169
• update authelia example to authelia v4.38 by @hendrik1120 in 9p4/jellyfin-plugin-sso#170
• Update providers.md to include android app keycloak OIDC redirect URI by @tbelway in 9p4/jellyfin-plugin-sso#190
• Update plugin to function with Jellyfin 10.9

New Contributors

• @lf- made their first contribution in 9p4/jellyfin-plugin-sso#169
• @hendrik1120 made their first contribution in 9p4/jellyfin-plugin-sso#170
• @tbelway made their first contribution in 9p4/jellyfin-plugin-sso#190

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.2.3...v3.5.2.4

v3.5.2.3

What's Changed

• Remove jellyfin_credentials before loading iframe by @sbogomolov in 9p4/jellyfin-plugin-sso#163
• allow for better endpoint validation

New Contributors

• @sbogomolov made their first contribution in 9p4/jellyfin-plugin-sso#163

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.2.2...v3.5.2.3

v3.5.2.2

allow linking to work with new paths

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.2.1...v3.5.2.2

v3.5.2.1

Hotfix for 9p4/jellyfin-plugin-sso#150

v3.5.2.0

feat: allow overriding redirect scheme

Wow, I'm putting out a lot of releases lately. Sorry about that.

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.1.1...v3.5.2.0

HOTFIX: v.3.5.1.1

fix: change iframe URL to point to the web UI instead of the root

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.1.0...v3.5.1.1

v3.5.1.0

• fix: improve final redirect (#109)
• style: fix configPage style (prettier)
• docs: detail Google requiring disabling of OpenID endpoint validation
• fix: make SAML paths better; improve and add OID discovery defaults
• docs: clarify plugin resetting permissions
• style: fix README.md style
• docs: document how to set login disclaimer (#16)
• feat: clarify redirect paths (#84)
• fix: Remove funding

Full Changelog: 9p4/jellyfin-plugin-sso@v3.5.0.0...v3.5.1.0