Released 2019-09-05.

This release was a landmark release which got us OpenID Connect certification from OpenID Connect Foundation for 4 OP profiles. See details at <https://openid.net/certification/#OPs>.

We also started moving from the original name onePortal to more descriptive Trivore Identity Service (TIS) as of software version 3.0. This change is a process, which will take some time, as we are doing it organically. For sure onePortal will remain under the hoods permanently in some places. That is part of the platform’s history, we are not denying it.

Other than that, the following new features were added:

1. Strong Identification history endpoint. The very first initial identification is always stored permanently. Also the latest identification is stored. Some industries may require storing the full chain for compliance. It is now possible to do just that. As strong identifications are not done very often, the default is to store them all. It is however possible to limit the amount in Group Policy. By having this setting in GP, you get better control by having one setting for other group of people and another setting for another group. This setting is also per namespace, which gives more flexibility.

2. Filter by user ID in user account view “Accounts”. User ID is the internal technical ID which is not shown. If you know is, you get very fact access to that user account.

3. Utility for storing personal UI preferences in browser cookie. This makes using management UI more fluent as it remembers your settings more. Please remember this is per browser.

4. Custom Style definitions. In this system wide setting, it is possible to fine-tune the default behaviour of UI. This is perhaps most prominent in tuning the sign-in and related UIs.

The following bugs were fixed:

1. Open redirect vulnerability in post-oauth-login servlet query parameters. A recent regression, which does not exist in any released production version.

2. SMS Billing: Details view not using all available screen estate. A cosmetic change. This is part of the built-in SMSC capability used most often for mobile number verification for user accounts. As SMSes cost, we have billing built-in.

As many know, we also have integrated, yet optional line-of-business features (implemented as modules) available for TIS. Those features got small improvements, too. Remember, these modules are customer specific and available only for limited number of parties.

Business extension: Commerce and Product Management

1. Add shortName to UI and REST.

Business extension: Employee Travel Beneficiary

1. REST API: Return forbidden status code instead of Unauthorized when permissions inadequate