Version 1.0.17

• Development/debug setting added to enable showing the unique text ID's along side the text.
• Add support for more chanters in OIDC additional parameter value.

Bugs resolved:

• Invalid redirect URL on require password change event.
• Track link bug when redirecting from master track to another track which use a custom domain.

Version 1.0.16

• Graceful error handling on browser back and sequence timeout. Return to the down-party application with an error parameter.
• Add support for additional parameters in OpenID Connect up-parties.
• IdP select buttons in HRD page changed. Add default height and larger max-width to image and add class to customize the text element. Furthermore, the text element is not shown if it is empty and a image has been added.
• Remove invalid session validation check where user ID's do not match.
• Add link from the reset password page back to the login page.
• Change default Sequence Lifetime to 2 hours (max 5 hours)
• Change Failing Login Observation Period to 1 hour (max 4 hours).
• Use track display name in browser title before default text. First choice is login title if defined and available.
• Add change email link to the disabled email field on login page.
• Introduce create user text divided in two and add create user link on password page.
• Email subject texts and UI headline texts separated in different configurable text elements.
• Support HTML tags in email.
• Support setting the from name associated to the from email address.
• Add usage count to track link and add usage login party type.

Bugs resolved:

• Missing cancel button in email confirmation and reset password page resolved.
• Load two-factor QR code together with other URLs bug resolved.
• Email case login bug resolved.

Version 1.0.15

• Add dynamic configurable create user UI.
• Add track link down-party and up-party support to easily link tracks together in a tenant.
• The maximal accepted OpenID Connect code length is changed from 2000 to 4000.
• Add API to query the first 1000 risk passwords which makes it possible to delete all risk passwords.
• Change the risk password upload block size to 1000.

Version 1.0.14

• OpenID Connect up-party support to read claims from UserInfo endpoint.
• Support for UserInfo endpoint also added for OAuth 2.0 down-parties.
• UserInfo endpoint error messages improved.
• Validate all claims with a claim type that contain the substring 'access_token' as an access_token claim. And thereby accept a claim value length of 4000 characters instead of default only 1000 characters.
• OpenID Connect and SAML 2.0 up-parties support authentication with a new user that differs from the existing session user.
• Add note field to up-parties and down-parties for your short notes.

Bugs resolved:

• Resolve unable to read certificate without private key in ReadCertificate API.

Version 1.0.13

• Control Client changed to default require password change and account confirmation on tenant create.
• Control API ReadCertificate endpoint, error message improved if reading certificate private key fails.
• Control API, create new master track login with SessionAbsoluteLifetime = 0.

Bugs resolved:

• Resolve track and up-party cookie bug in relation to a custom domain. The error disabled single login and single logout when using a custom domain.

Version 1.0.12

Bugs resolved:

• Fails on reset password step 2 if the user do not exist.
• Control Client - show default resource for the application itself incorrectly.

Version 1.0.11

• Add display name to tracks.
• Change email validation and reset password from using links to use confirmation codes.
• Improve error messages in Control API.
• Down-party max allowed up-parties changed from 50 to 200.
• Add odd/even stripes to Control Client log view.

Claim transform

• Change claim transform to be case sensitive when competing claim types.
  All other claim type comparisons in FoxIDs are case sensitive to be standard compliant.
• Add support for Danish privilege claim transforms - OIO Basic Privilege Profile, Version 1.2

SAML 2.0

• SAML 2.0 down-party support encryption.
• Optional set NameId format (otherwise set dynamically) in SAML 2.0 down-party.
• Exposed SAML 2.0 metadata valid until is set to max certificate lifetime in down-party and up-party.
• Possible to add logout response location URL in SAML 2.0 metadata in down-party and up-party.
• SAML up-party error handling improved if invalid RelayState is revived from IdP.

Version 1.0.10

• Improve cache clean up.
• Two-factor authentication text updated.
• Highlight menus in Control Client on sub tab select.

Bugs resolved:

• Resolve secondary certificate expiration validation bug in SAML 2.0 up-parties.

Version 1.0.9

• ARM deployment bug fix.
• From now on only use SemVer compatible versions (MAJOR.MINOR.PATCH). The next version will therefore be 1.1.x.

Version 1.0.8

• Updated to .NET 7.
• Update Application Insights to use connection string.
• Log search improved
• Usage / overview log support added in Control Client and API
• Add support for plants which enables defining different plan levels
• Cache tenants and plans in Redis.
• Background queue logging improved

Bugs resolved:

• DownPartyAllowUpPartiesQueueLogic QueueEnvelope.LogicClassType conversion sometimes fails
• Problem with KeyVault and _ in a track name and probably the tenant name as well
• Sometimes the Blazor WebAssembly integrity check fails after deployment

IMPORTANT - Before installing:

• Open Azure Portal and navigate to the Application Insights to find the connection string. Then navigate to the app services one at the time (including the test slots) . Change the application setting ApplicationInsights:InstrumentationKey name to ApplicationInsights:ConnectionString and change the value to the Application Insights connection string. Remove the application setting APPINSIGHTS:INSTRUMENTATIONKEY.
• Then navigate to the Control app services test slots and add the application setting Settings:DisableBackgroundQueueService with the value true, and check deployment slot setting.

After installing:

• If you are using log streams. Open FoxIDs Control Client and update the log streams settings from using Application Insights instrumentation key to use connection string.

If you are upgrading an existing FoxIDs installation please change the .NET version to .NET 7 on all four App Services slots after successfully upgrading to this version. However, this version runs fine on both .NET 6 and .NET 7.
The .NET version is set to .NET 7 under the App Service General settings.