UAA 3.5.0 Release Notes
IMPORTANT: Deprecation Notice
This releases marks the deprecation of the UAA properties listed here
Please make sure that you have update your UAA & LOGIN YAML configurations accordingly.
New Features
- UI Templates utf-8 support
- Add interface UaaTokenEnhancer
- Introduce new refresh token grant type restriction
- Introduce the mechanism for scope-based user approval of refresh token grant
- Allow disabling shadow user creation at the time of authentication for ldap and oauth/oidc
- Bootstrap UAA system scopes in all identity zones by default
- Allow setting of mail.smtp.auth and mail.smtp.starttls.enable props
- Prohibit ScimUsers from entering more than one email address in the API
- Upgrade to Flyway 4.0
- User account locked error is not propagated to CF CLI
- Allow users to be updated without the need to specify a password in the manifest
- Password endpoints should allow uaa.admin to access them
Bug Fixes
- clients.admin can't change client secret
- Fix refresh of service providers for non-default zones.
- Updating user with empty email puts the account in invalid state
- Setting autoapprove to true with the /check_token endpoint doesn't work with autoapprove list
- External login server users should throw error if origin is uaa
- Inconsistent UAA user experience in case of invalid route and wildcard route mapping
- Entity base url always populated by replacing uaa. with login.
- Erbs populating invalid saml metadata
- Ldap properties not there in yaml file after refactor
- scopes with prefix uaa. do not show up on app approvals page
- Test multiple LDAP Servers with UAA
- UAA fails to start up if there are line breaks in the product logo or the square logo
- Invitations endpoint should return an invalid email in the "failed invites" array
- Where to? page not showing applications for Identity Zones
-External Identity Providers issuer validation issue - Setting autoapprove to true via client api does not work
- Suppress the Login Prompts in Info endpoint if Internal Auth and LDAP Auth are disabled.
- Setting phoneNumber to null on ScimUser causes deserialization issues
- 500 error for invalid request