Version 1.3 of the CST Identity Service (cst-identity-service) has been released and is available for download here.

This release introduces the following features:

  • [IDENTITY-48] ( Import support
  • [IDENTITY-50] ( Add profile photo field
  • [IDENTITY-51] ( Disallow removal of critical scopes
  • [IDENTITY-53] ( Add indication that domain object is the root domain
  • [IDENTITY-55] ( Add a way to disable domains
  • [IDENTITY-56] ( Add a way to disable clients
  • [IDENTITY-57] ( Add a way to get info for currently authenticated domain
  • [IDENTITY-58] ( Add a way to get version of service
  • [IDENTITY-64] ( Add appropriate security response headers
  • [IDENTITY-65] ( Allow client without redirect URIs
  • [IDENTITY-68] ( Brute force protection
  • [IDENTITY-71] ( Disallow grant of new refresh token with different scopes
  • [IDENTITY-80] ( Add user-agent client type which only allows implicit tokens
  • [IDENTITY-84] ( Restrict clients to specific flow based on application type
  • [IDENTITY-88] ( Add Dockerfile to service archive
  • [IDENTITY-94] ( Allow empty scopes to grant all scopes
  • [IDENTITY-95] ( SQLite support

This release fixes the following issues:

  • [IDENTITY-19] ( Failed login should prompt user instead of redirecting back to client
  • [IDENTITY-44] ( Login email is case sensitive in memory and Cassandra
  • [IDENTITY-47] ( Missing OAuth headers
  • [IDENTITY-61] ( Client applicationType should be case insensitive
  • [IDENTITY-69] ( Unknown scope log at high level
  • [IDENTITY-76] ( Client paging returns same token as request with MySQL
  • [IDENTITY-138] ( Tokeninfo returns token with negative expiration

Account required to download. Request one here.