Version 1.3 of the CST Identity Service (cst-identity-service) has been released and is available for download here.

This release introduces the following features:

  • [IDENTITY-48] (https://issue.cstkit.com/browse/IDENTITY-48) Import support
  • [IDENTITY-50] (https://issue.cstkit.com/browse/IDENTITY-50) Add profile photo field
  • [IDENTITY-51] (https://issue.cstkit.com/browse/IDENTITY-51) Disallow removal of critical scopes
  • [IDENTITY-53] (https://issue.cstkit.com/browse/IDENTITY-53) Add indication that domain object is the root domain
  • [IDENTITY-55] (https://issue.cstkit.com/browse/IDENTITY-55) Add a way to disable domains
  • [IDENTITY-56] (https://issue.cstkit.com/browse/IDENTITY-56) Add a way to disable clients
  • [IDENTITY-57] (https://issue.cstkit.com/browse/IDENTITY-57) Add a way to get info for currently authenticated domain
  • [IDENTITY-58] (https://issue.cstkit.com/browse/IDENTITY-58) Add a way to get version of service
  • [IDENTITY-64] (https://issue.cstkit.com/browse/IDENTITY-64) Add appropriate security response headers
  • [IDENTITY-65] (https://issue.cstkit.com/browse/IDENTITY-65) Allow client without redirect URIs
  • [IDENTITY-68] (https://issue.cstkit.com/browse/IDENTITY-68) Brute force protection
  • [IDENTITY-71] (https://issue.cstkit.com/browse/IDENTITY-71) Disallow grant of new refresh token with different scopes
  • [IDENTITY-80] (https://issue.cstkit.com/browse/IDENTITY-80) Add user-agent client type which only allows implicit tokens
  • [IDENTITY-84] (https://issue.cstkit.com/browse/IDENTITY-84) Restrict clients to specific flow based on application type
  • [IDENTITY-88] (https://issue.cstkit.com/browse/IDENTITY-88) Add Dockerfile to service archive
  • [IDENTITY-94] (https://issue.cstkit.com/browse/IDENTITY-94) Allow empty scopes to grant all scopes
  • [IDENTITY-95] (https://issue.cstkit.com/browse/IDENTITY-95) SQLite support

This release fixes the following issues:

  • [IDENTITY-19] (https://issue.cstkit.com/browse/IDENTITY-19) Failed login should prompt user instead of redirecting back to client
  • [IDENTITY-44] (https://issue.cstkit.com/browse/IDENTITY-44) Login email is case sensitive in memory and Cassandra
  • [IDENTITY-47] (https://issue.cstkit.com/browse/IDENTITY-47) Missing OAuth headers
  • [IDENTITY-61] (https://issue.cstkit.com/browse/IDENTITY-61) Client applicationType should be case insensitive
  • [IDENTITY-69] (https://issue.cstkit.com/browse/IDENTITY-69) Unknown scope log at high level
  • [IDENTITY-76] (https://issue.cstkit.com/browse/IDENTITY-76) Client paging returns same token as request with MySQL
  • [IDENTITY-138] (https://issue.cstkit.com/browse/IDENTITY-138) Tokeninfo returns token with negative expiration

Account required to download. Request one here.