Skip to content

r4.2

Latest
Latest

Choose a tag to compare

View all tags
@jpengar jpengar released this 23 Mar 13:20
· 5 commits to main since this release
r4.2
9603db2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Release Notes

This public release contains the definition and documentation of:

  • "Identity and Consent Management" 0.5.0

The content of the release includes the "Identity And Consent Management" approved deliverables in documentation folder.

Added

  • Recommendations to help API Consumers and API Providers select the appropriate authorization flow for their use case @jpengar in #320
  • High-level example of the JWT Bearer Flow with an Operator Token by @jpengar in #334
  • Strengthen DPoP support with additional security measures and claims by @RamTMO in #325
  • CAMARA format for sub claim values in the JWT Bearer assertion by @jpengar in #346
  • Security Considerations regarding audience values by @AxelNennker in #348

Changed

  • Clarify the trust assumptions when using a phone number as sub claim in JWT Bearer Flow by @sfnuser in #343

Fixed

  • Add missing openid scope for the OIDC Auth Code Flow and the CIBA Flow to the CAMARA-API-access-and-user-consent.md document by @sebdewet in #317
  • Remove openid scope typo for JWT Bearer Flow in the CAMARA-API-access-and-user-consent.md document by @shilpa-padgaonkar in #333
  • Add missing offline_access scope for Refresh Token examples to the CAMARA-ICM-examples.md document by @sebdewet in #332

Removed

  • Rich Authorization Request (RAR) references from the "Identity And Consent Management" documentation by @jpengar in #342

Full Changelog: r3.3...r4.2

Contributors

jpengar, AxelNennker, and 4 other contributors
Assets 2
Loading