Product Chevon-Down
Developer-First Features Certification and Conformance Why Authlete
Solutions Chevon-Down
BY INDUSTRY
Financial Services Media, Entertainment, and Sports B2B SaaS System Integration and Consulting
BY USE CASE
CIAM Transformation Open API OAuth/OIDC Modernization
IMPLEMENTATION
Customer Stories
Pricing
Developers
Resources Chevon-Down
Datasheets and Diagrams Whitepapers and Reports Videos
Company Chevon-Down
About Leadership Careers News
Hamburger Menu
Free Trial
EN
JA

Authlete 2.2 Release Notes - October 2022

Table of Contents

Version Number : 2.2.30

Overview of This Release

This is a minor update of Authlete 2.2. It includes the following new or enhanced features since the version 2.2.25.

Newly Supported Standard Specifications

N/A

New Configuration Items

DCR with Duplicate Software ID

When “Block” is selected, Authlete checks duplication of the value of software_id parameter (which is one of client metadata) in a DCR (Dynamic Client Registration) request. If there is already the same value in the database, Authlete rejects the DCR request.

When “Accept” is selected, Authlete does not do the check as described above.

Added or Updated APIs

Generating Access Token (added)

accessToken is a new request parameter added to the following APIs so that you can specify a value of a new access token by yourself instead of generating the value by the Authlete server.

  • /auth/authorization/issue API
  • /auth/token API
  • /auth/token/issue API
  • /backchannel/authentication/complete API

/auth/token/revoke API (added)

/auth/token/revoke is a new API to revoke tokens. You can specify the following conditions for target access tokens and/or refresh tokens to be revoked.

  • accessTokenIdentifier
  • clientIdentifier
  • refreshTokenIdentifier
  • subject

Up to 20 tokens can be revoked in a single request to the API.