Skip to content

v23.03.01
Compare
Choose a tag to compare
@byewokko byewokko released this 14 Feb 11:31
v23.03.01
baa0baf

CHANGELOG

v23.03.01

Fix

  • Fix sync method in Batman module (PLUM Sprint 230210)

v23.03

Breaking changes

  • Authorize endpoint no longer authorizes unregistered clients (#137, PLUM Sprint 230113)
  • Introspecting a cookie-based client session requires client_id in query (#137, PLUM Sprint 230113)

Fix

  • Remove set_cookie from authorize response (#125, PLUM Sprint 221202)
  • Attempts to access a nonexistent tenant result in 403 (#133, #138, PLUM Sprint 221216)
  • Fixed default registration expiration (#142, PLUM Sprint 230113)

Features

  • Client registration allows custom client ID (#128, PLUM Sprint 221202)
  • Login with external OAuth2 (Facebook) (#129, PLUM Sprint 221216)
  • Cookie-based client sessions can now authorize for a specific scope and tenant (#137, PLUM Sprint 230113)
  • Standardized error codes in authorize response (#137, PLUM Sprint 230113)
  • OIDC-standardized scope values (#143, PLUM Sprint 230113)
  • M2M sessions are now authorized for all the assigned tenants (#141, PLUM Sprint 230113)

Refactoring

  • Cookie introspection for anonymous access is moved to a separate endpoint (#124, PLUM Sprint 221216)
Assets 2
Loading