This time it’s been 161 commits and we added a lot of small things – and a couple of bigger things, e.g.:
- Update to Katana v3 and JWT handler v4
- Configurable claims for both identity and resource scopes
- Added support for acr_values and tenant login hints
- Improved support for custom grant types
- Added a RequireSsl switch (thus removing the need for the public host name setting)
- Reworked some internals like the user service, token service, userinfo endpoint, sign in message and validation pipeline
- Added support for hybrid flow and thus improved compatibility with the Microsoft Katana OpenID Connect middleware
- Added identity token validation endpoint for clients that don’t have access to the necessary crypto libraries
- More control over CSP and cookies
Docs will be updated in the next days.
As always – thank you very much for feedback, bug reports etc… we are getting closer to RTW!