Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into integration-tests
- Loading branch information
Showing
10 changed files
with
95 additions
and
16 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
docs/docs/guides/integrate/serviceusers.md → .../docs/guides/integrate/private-key-jwt.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
--- | ||
title: Technical Advisory 10000 | ||
--- | ||
|
||
## Description | ||
|
||
Currently, by default, users are directed to the "Select Account Page" on the ZITADEL login. | ||
However, this can be modified by including a [prompt or a login hint](/docs/apis/openidoauth/endpoints#additional-parameters) in the authentication request. | ||
|
||
As a result of this default behavior, users who already have an active session in one application and wish to log in to a second one will need to select their user account, even if no other session is active. | ||
|
||
To address this, we are going to change this behavior so that users will be automatically authenticated when logging into a second application, as long as they only have one active session. | ||
|
||
## Statement | ||
|
||
This behaviour change is tracked in the following issue: [Reuse current session if no prompt is selected ](https://github.com/zitadel/zitadel/issues/4841) | ||
As soon as the release version is published, we will include the version here. | ||
|
||
## Mitigation | ||
|
||
If you want to prompt users to always select their account on purpose, please make sure to include the `select_account` [prompt](/docs/apis/openidoauth/endpoints#additional-parameters) in your authentication request. | ||
|
||
## Impact | ||
|
||
Once this update has been released and deployed, your users will be automatically authenticated | ||
No action will be required on your part if this is the intended behavior. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
--- | ||
title: Technical Advisory | ||
--- | ||
|
||
Technical advisories are notices that report major issues with ZITADEL Self-Hosted or the ZITADEL Cloud platform that could potentially impact security or stability in production environments. | ||
These advisories may include details about the nature of the issue, its potential impact, and recommended mitigation actions. | ||
|
||
Users are strongly encouraged to evaluate these advisories and consider the recommended mitigation actions independently from their version upgrade schedule. | ||
We understand that these advisories may include breaking changes, and we aim to provide clear guidance on how to address these changes. | ||
|
||
|
||
<table> | ||
<tr> | ||
<th>Advisory</th> | ||
<th>Name</th> | ||
<th>Type</th> | ||
<th>Summary</th> | ||
<th>Affected versions</th> | ||
<th>Date</th> | ||
</tr> | ||
<tr> | ||
<td><a href="./advisory/a10000">A-10000</a></td> | ||
<td>Reusing user session</td> | ||
<td>Breaking Behaviour Change</td> | ||
<td>The default behavior for users logging in is to be directed to the Select Account Page on the Login. With the upcoming changes, users will be automatically authenticated when logging into a second application, as long as they only have one active session. No action is required on your part if this is the intended behavior.</td> | ||
<td>TBD</td> | ||
<td>TBD</td> | ||
</tr> | ||
</table> | ||
|
||
## Categories | ||
|
||
### Breaking Behaviour Change | ||
|
||
A breaking behavior change refers to a modification or update that changes the behavior of ZITADEL. | ||
This change does not necessarily affect the APIs or any functions you are calling, so it may not require an update to your code. | ||
However, if you rely on specific results or behaviors, they may no longer be guaranteed after the change is implemented. | ||
Therefore, it is important to be aware of breaking behavior changes and their potential impact on your use of ZITADEL, and to take appropriate action if needed to ensure continued functionality. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.