Still on track with both adding new features, improving current ones, and fixing any bugs found. The relevant changes are listed below.
This list below is for the latest release.
New Features
Added the option to disallow identical values in users' name fields. The new option can be found in the namespace settings in the “core” tab. When enabled, user’s are disallowed from entering identical values to first name, middle name and last name fields.
Contacts REST API: add support for “memberOf” attribute (contacts can now be added to groups via REST API), interpret empty or blank “nsCode” and “locationSite“ values as not provided and silently ignore them.
Add support to either allow or deny changing Personal ID via interactive self-service strong indentification (namely suomi.fi-tunnistus in Finland). By default do not allow this change to protect the first strong identification. Shall there ever be a change to the Personal ID, it must come in the system either via automated master route, or via interactive managed strong identification.
Improvements
Log new user account creation time initial data for easier troubleshooting. We got bit by this in one site. With this improvement, we have this seldom needed, but necessary data point. Sensitive data is not saved, of course.
Datastorage to and UI in Management UI to review existing datastorages. This is an important tool for troubleshooting, and auditing purposes.
Added auto-generated authorisation types for suomi.fi-valtuudet YPA in use in Finland.
Added more Lock settings boxes to protect from human errors.
Internal code refactoring to gain more speed.
Center all views under OpenID authorisation endpoint (incl. user creation, password forgotten view, error views etc.).
Add support for forced authentication for SAML user directories. This ensures that autentication is performed every time user uses SAML user directory authentication and no previous session information is used. Previous behaviour was to cache authentications for a while (time is dependent on external user directory).
Add support for electronic identification number (SaTu) via SAML user directory at Finnish suomi.fi-tunnistaminen. This is an supplemental unique personal ID.
Add support for multiple email addresses in MyData export JSON.
Add a button to role editor’s “groups” tab create a new group with the same name as the role. This makes role management slightly easier.
Bug fixes
Related to JWKS servlet, some duplicate and unnecessary dependencies (code regression) were removed. This bug never reached production, as it was catched in-flight during development cycle.
Integrated feature: Product management
Refactoring end-points before feature launch. This was the last time we could do it. Practically /sales was just changed to more descriptive /products. Note, /products is primarily for those who want to define their own WebUI to the product management engine we provide.
Added filtering and data searchabilty.
Added /sales end-point to better support web-shops ant other similar channels to quickly retrieve all permitted products and prices.