INDIGO Identity and Access Management Service v1.8.1
1.8.1 (2023-02-28)
Added
- Add scope management to IAM dashboard #500
- Add the groups view for the group managers #536
- Support for AARC-G069 guideline #553
Fixed
- Fix /devicecode endpoint in cors endpoint matchers #535
- Do not raise exception when incorrect scope policy #526
- Fix bug when updating user fields #512
- Do not allow IAM to issue RT to users with expired AUP #503
- Remove orphans from database #547
- Prevent VOMS aa from issuing ACs when AUP has expired #552
- Do not allow token refresh for disabled users #570
- Do not allow disabled users to log in with x509 certificate #571
- Apply the UsernameValidator whenever a username can be updated (e.g. SCIM API) #572
- Fix unnamed clients and add missing edit button into clients view #573
Changed
- Remove health endpoints forward #567
- Disable register MITREid endpoint for Dynamic Client Registration #567
- Change default refresh token lifetime from infinity to 30 days #567
- Add '@' and '.' as allowed characters for a registered username #572
Notes
The /health
endpoint and its children have been moved to /actuator/health
base path since IAM v1.8.0. Since IAM v1.8.1 the forward to the old endpoints has been removed.