Skip to content

Commit c60c69d

Browse files
committed
Prepare the release 5.0.1
1 parent 9822430 commit c60c69d

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

80 files changed

+5323
-13
lines changed

docker-compose.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ services:
2828
networks:
2929
proxy_net: null
3030
scim:
31-
image: simpleidserver/scim:5.0.0
31+
image: simpleidserver/scim:5.0.1
3232
environment:
3333
VIRTUAL_HOST: "scim.localhost.com"
3434
ASPNETCORE_URLS : "http://*:80"
@@ -40,7 +40,7 @@ services:
4040
networks:
4141
proxy_net: null
4242
idserver:
43-
image: simpleidserver/idserver:5.0.0
43+
image: simpleidserver/idserver:5.0.1
4444
environment:
4545
VIRTUAL_HOST: "idserver.localhost.com"
4646
ASPNETCORE_URLS : "http://*:80"
@@ -58,12 +58,12 @@ services:
5858
networks:
5959
proxy_net: null
6060
website:
61-
image: simpleidserver/website:5.0.0
61+
image: simpleidserver/website:5.0.1
6262
environment:
6363
VIRTUAL_HOST: "website.localhost.com"
6464
ASPNETCORE_URLS : "http://*:80"
6565
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
66-
DefaultSecurityOptions__Issuer: "https://idserver.localhost.com/master"
66+
DefaultSecurityOptions__Issuer: "https://idserver.localhost.com"
6767
DefaultSecurityOptions__IgnoreCertificateError: "true"
6868
IdServerBaseUrl: "https://idserver.localhost.com"
6969
ScimBaseUrl: "https://scim.localhost.com"
@@ -73,7 +73,7 @@ services:
7373
networks:
7474
proxy_net: null
7575
credentialissuer:
76-
image: simpleidserver/credentialissuer:5.0.0
76+
image: simpleidserver/credentialissuer:5.0.1
7777
environment:
7878
VIRTUAL_HOST: "credentialissuer.localhost.com"
7979
ASPNETCORE_URLS : "http://*:80"
@@ -85,7 +85,7 @@ services:
8585
networks:
8686
proxy_net: null
8787
credentialissuerwebsite:
88-
image: simpleidserver/credentialissuerwebsite:5.0.0
88+
image: simpleidserver/credentialissuerwebsite:5.0.1
8989
environment:
9090
VIRTUAL_HOST: "credentialissuerwebsite.localhost.com"
9191
ASPNETCORE_URLS : "http://*:80"

local-docker-compose.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ services:
7272
VIRTUAL_HOST: "website.localhost.com"
7373
ASPNETCORE_URLS : "http://*:80"
7474
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
75-
DefaultSecurityOptions__Issuer: "https://idserver.localhost.com/master"
75+
DefaultSecurityOptions__Issuer: "https://idserver.localhost.com"
7676
DefaultSecurityOptions__IgnoreCertificateError: "true"
7777
IdServerBaseUrl: "https://idserver.localhost.com"
7878
ScimBaseUrl: "https://scim.localhost.com"

sid-kubernetes.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -229,7 +229,7 @@ spec:
229229
subdomain: localhost
230230
containers:
231231
- name: scim-deploy
232-
image: simpleidserver/scim:4.0.8
232+
image: simpleidserver/scim:5.0.1
233233
ports:
234234
- containerPort: 80
235235
env:
@@ -266,7 +266,7 @@ spec:
266266
subdomain: localhost
267267
containers:
268268
- name: idserver-deploy
269-
image: simpleidserver/idserver:4.0.8
269+
image: simpleidserver/idserver:5.0.1
270270
ports:
271271
- containerPort: 80
272272
env:
@@ -309,7 +309,7 @@ spec:
309309
subdomain: localhost
310310
containers:
311311
- name: website-deploy
312-
image: simpleidserver/website:4.0.8
312+
image: simpleidserver/website:5.0.1
313313
ports:
314314
- containerPort: 80
315315
env:
@@ -350,7 +350,7 @@ spec:
350350
subdomain: localhost
351351
containers:
352352
- name: credentialissuer-deploy
353-
image: simpleidserver/credentialissuer:4.0.8
353+
image: simpleidserver/credentialissuer:5.0.1
354354
ports:
355355
- containerPort: 80
356356
env:
@@ -385,7 +385,7 @@ spec:
385385
subdomain: localhost
386386
containers:
387387
- name: credentialissuerwebsite-deploy
388-
image: simpleidserver/credentialissuerwebsite:4.0.8
388+
image: simpleidserver/credentialissuerwebsite:5.0.1
389389
ports:
390390
- containerPort: 80
391391
env:

website/docs/download.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ import Installer from '@site/src/components/global/Installer';
1010

1111
<DocsCards>
1212
<DocsCard>
13-
<h2>LATEST STABLE 5.0.0</h2>
13+
<h2>LATEST STABLE 5.0.1</h2>
1414
<h3>PLATFORM</h3>
1515
<Installers>
1616
<Installer title="Windows x64" icon="windows" link="https://github.com/simpleidserver/SimpleIdServer/releases/latest/download/SimpleIdServer-Windows-x64.zip" />
Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
# Auditing
2+
3+
The administration UI contains an auditing screen used to search for events.
4+
5+
![Monitoring](images/monitoring-1.png)
6+
7+
Following events are present :
8+
9+
* AuthorizationFailureEvent
10+
* AuthenticationSuccessEvent
11+
* ClientAuthenticationFailureEvent
12+
* ClientAuthenticationSuccessEvent
13+
* ClientRegisteredFailureEvent
14+
* ClientRegisteredSuccessEvent
15+
* ConsentGrantedEvent
16+
* ConsentRevokedEvent
17+
* TokenIntrospectionFailureEvent
18+
* TokenIntrospectionSuccessEvent
19+
* TokenIssuedFailureEvent
20+
* TokenIssuedSuccessEvent
21+
* TokenRevokedFailureEvent
22+
* TokenRevokedSuccessEvent
23+
* UserInfoFailureEvent
24+
* UserInfoSuccessEvent
25+
* UserLoginSuccessEvent
26+
* UserLogoutSuccessEvent
27+
* PushedAuthorizationRequestSuccessEvent
28+
* PushedAuthorizationRequestFailureEvent
Lines changed: 118 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,118 @@
1+
# Configuration
2+
3+
## IdentityServer
4+
5+
The table below, list all the possible properties present in the `appsettings.json` file. Thanks to them, you can easily customize the behavior the [IdentityServer](../installation#create-identityserver-project).
6+
7+
<table>
8+
<thead>
9+
<tr>
10+
<th>Property</th>
11+
<th>Description</th>
12+
<th>Values</th>
13+
</tr>
14+
</thead>
15+
<tbody>
16+
<tr>
17+
<td><b>AuthCookieNamePrefix</b></td>
18+
<td>Name of the authentication cookie</td>
19+
<td></td>
20+
</tr>
21+
<tr>
22+
<td><b>SessionCookieNamePrefix</b></td>
23+
<td>Name of the session cookie</td>
24+
<td></td>
25+
</tr>
26+
<tr>
27+
<td rowspan="2"><b>ForceHttps</b></td>
28+
<td rowspan="2">Force to use HTTPS</td>
29+
<td>True</td>
30+
</tr>
31+
<tr>
32+
<td>False</td>
33+
</tr>
34+
<tr>
35+
<td rowspan="2"><b>IsForwardedEnabled</b></td>
36+
<td rowspan="2">Enable or disable the forwarded headers</td>
37+
<td>true</td>
38+
</tr>
39+
<tr>
40+
<td>false</td>
41+
</tr>
42+
<tr>
43+
<td rowspan="4"><b>ClientCertificateMode</b></td>
44+
<td rowspan="4">
45+
Specifies the client certificate requirements for an HTTPS connection.<br/>
46+
This parameter is required when you are using the <b>tls_client_auth</b> or <b>self_signed_tls_client_auth</b> client authentication method. <br/>
47+
By default, the value is <b>NoCertificate</b>.
48+
</td>
49+
<td>NoCertificate</td>
50+
</tr>
51+
<tr>
52+
<td>AllowCertificate</td>
53+
</tr>
54+
<tr>
55+
<td>RequireCertificate</td>
56+
</tr>
57+
<tr>
58+
<td>DelayCertificate</td>
59+
</tr>
60+
<tr>
61+
<td rowspan="2"><b>IsRealmEnabled</b></td>
62+
<td rowspan="2">Enable or disable the Realm. By default, the value is <b>true</b></td>
63+
<td>true</td>
64+
</tr>
65+
<tr>
66+
<td>false</td>
67+
</tr>
68+
<tr>
69+
<td><b>SCIMBaseUrl</b></td>
70+
<td>
71+
Base URL of the SCIM Server. This value is used during the launch time of IdentityServer to configure Automatic Identity Provisioning with the SCIM Server..<br/>
72+
By default, the value is <b>https://localhost:5003</b>.
73+
</td>
74+
<td>Base URL of the SCIM Server</td>
75+
</tr>
76+
<tr>
77+
<td><b>Authority</b></td>
78+
<td>
79+
Base URL of the current IdentityServer. This value is used to configure OPENID authentication with the IdentityServer.<br/>
80+
By default, the value is <b>https://localhost:5001</b>.
81+
</td>
82+
<td>Base URL of the current IdentityServer.</td>
83+
</tr>
84+
<tr>
85+
<td><a href="../iam/configuration"><b>DistributedConfiguration</b></a></td>
86+
<td>
87+
Distributed configuration helps various modules within SimpleIdServer to store their settings. <br />
88+
This property is used to configure the configuration storage, for example, <b>Redis</b> or <b>SQL Server</b>.
89+
</td>
90+
<td>For more information, please refer to this <a href="../iam/configuration">chapter</a></td>
91+
</tr>
92+
<tr>
93+
<td><a href="../iam/storage"><b>StorageConfiguration</b></a></td>
94+
<td>This property is used to configure the data storage used by IdentityServer to store its various entities, such as <b>Clients</b> or <b>Users</b>.</td>
95+
<td>For more information, please refer to this <a href="../iam/storage">chapter</a></td>
96+
</tr>
97+
<tr>
98+
<td rowspan="6"><b>Other</b></td>
99+
<td rowspan="6">The other properties are used to configure the modules used by IdentityServer, such as <b>Automatic Identity Provisioning with SCIM</b> or an external Identity Provider like <b>Facebook</b></td>
100+
<td><a href="../iam/externalidproviders#facebook">Facebook</a></td>
101+
</tr>
102+
<tr>
103+
<td><a href="../iam/automaticidentityprovisioning.md#scim">SCIM</a></td>
104+
</tr>
105+
<tr>
106+
<td><a href="../iam/automaticidentityprovisioning.md#ldap">LDAP</a></td>
107+
</tr>
108+
<tr>
109+
<td><a href="../iam/authmethods.md#email">IdServerEmailOptions</a></td>
110+
</tr>
111+
<tr>
112+
<td><a href="../iam/authmethods.md#sms">IdServerSmsOptions</a></td>
113+
</tr>
114+
<tr>
115+
<td>FidoOptions</td>
116+
</tr>
117+
</tbody>
118+
</table>
Loading
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
# Public Key Infrastructure (PKI)
2+
3+
Here are the key components of SimpleIdServer's PKI. :
4+
5+
1. **Certificate Authority (CA)** : The Certificate Authority is a trusted entity responsible for issuing and managing client certificates.
6+
2. **Client Certificates** : Client certificates are used by OAuth 2.0 clients, for example during the "tls_client_auth" authentication.
7+
8+
In the Administration UI, you can manage the Certificate Authorities (CAs). They can be generated and stored in the database or imported from the Certificate Store.
9+
You can download one of them and install it into the appropriate certificate store.
10+
11+
A Certificate Authority can be used to generate one or more client certificates.
Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
# Realm
2+
3+
A [Realm](../glossary) is a space where you can manage Clients, Scopes, Users, External Identity Providers, and Certificate Authorities. Realms are isolated from one another, but the same resource can be located in one or more Realms.
4+
5+
By default, there is one configured `master` realm. It must not be removed, as doing so would render the SimpleIdServer product inoperable.
6+
7+
You can use the Realm to separate different environments, such as having one for the `test` environment and another for the `prd` environment.
8+
9+
To add a realm, follow these steps :
10+
11+
1. Click `Active realm: master`.
12+
2. Click `Add realm`.
13+
3. Enter the details for the new Realm.
14+
4. Click `Save`.
15+
5. Click `Choose realm`, select the new realm, and click the `Select` button.
16+
6. You'll be redirected to the authentication page. Submit the `administrator` credentials to access the realm.
17+
18+
By default, the `administrator` user has access to all the `realm`.
19+
20+
## Permissions
21+
22+
It is possible to assign user permissions to a realm and to limit access accordingly.
23+
For each component present in the UI, there are two scopes defined for the `manage` and `view` permissions.
24+
For example, for the `Clients` component, the master realm defines two scopes: `master/clients/view` and `master/clients/manage`.
25+
These scopes can be assigned to one or more groups, and the groups can be assigned to one or more users.
26+
27+
For example, to grant `manage` access to the `Clients` component of the `master` realm, execute the following steps:
28+
29+
1. Create a new group named `ClientMaster`.
30+
2. Navigate to the new group and select the `Role` tab.
31+
3. Select the `<realm>/clients/manage` scope and click on the `Save` button.
32+
4. Navigate to a user and select the `Groups` tab.
33+
5. Select the `ClientMaster` group and click on the `Save` button.
34+
35+
The user is now configured to manage the `clients` present in the realm.
36+
37+
## Disable Realm
38+
39+
By default, SimpleIdServer is configured to use the Realm. If you do not want to use it, you can disable it by updating the `appsettings.json` configuration files.
40+
41+
To disable the Realm, follow these steps:
42+
43+
1. Open the [IdentityServer](../installation/dotnettemplate#create-identityserver-project) project and edit the `appsettings.json` file.
44+
2. Set the `IsRealmEnabled` property to `false` and save the file.
45+
3. Open the [IdentityServer website](../installation/dotnettemplate#create-identityserver-website-project) and edit the `appsettings.json` file.
Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
---
2+
title: Consultancy
3+
hide_table_of_contents: true
4+
---
5+
6+
# Consultancy
7+
8+
If you are seeking consultancy regarding any aspect of the Identity Access Management field, please feel free to contact us via email at agentsimpleidserver@gmail.com.
9+
10+
We provide expertise in the following areas:
11+
12+
* We offer expertise in reviewing and enhancing authentication and authorization strategies.
13+
* We provide advice and guidelines on architectural considerations, such as implementing identity provisioning and more.
14+
* We assist financial enterprises in achieving compliance with both FAPI 1.0 and FAPI 2.0 standards.
15+
* We provide assistance to public sectors, including government and hospitals, in developing trusted APIs that enable the issuance of valid credentials such as Covid Certificates, Driving Licenses, University Degrees, and more.
16+
17+
# Open source and free of charge
18+
19+
The support provided by SimpleIdServer is free of charge, and the source code is open source, licensed under the Apache-2 license.
20+
21+
When it comes to GIT, we kindly request that you take a moment to read the [code of conduct](https://github.com/simpleidserver/SimpleIdServer/blob/master/CONTRIBUTING.md) before initiating an issue.
22+
23+
[If you appreciate our project and wish to extend your support, you have the opportunity to sponsor it or make a donation.](https://github.com/sponsors/simpleidserver?o=esb)
Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
---
2+
title: Contact us
3+
hide_table_of_contents: true
4+
---
5+
6+
# Who are we
7+
8+
Belgian Company Specialized in the development of Identity and Access Management Solutions.
9+
10+
# Contact us
11+
12+
There are multiple communication methods available to contact our technical team:
13+
14+
* Email : agentsimpleidserver@gmail.com
15+
* Gitter : https://app.gitter.im/#/room/#simpleidserver:gitter.im
16+
* Git : https://github.com/simpleidserver

0 commit comments

Comments
 (0)