Product Chevon-Down
Developer-First Features Certification and Conformance Why Authlete
Solutions Chevon-Down
BY INDUSTRY
Financial Services Media, Entertainment, and Sports B2B SaaS System Integration and Consulting
BY USE CASE
CIAM Transformation Open API OAuth/OIDC Modernization
IMPLEMENTATION
Customer Stories
Pricing
Developers
Resources Chevon-Down
Datasheets and Diagrams Whitepapers and Reports Videos
Company Chevon-Down
About Leadership Careers News
Hamburger Menu
Free Trial
EN
JA

Authlete 2.3 Release Notes - September 2023

Table of Contents

Version Number : 2.3.12

Overview of This Release

This is a minor update of Authlete 2.3. It includes the following new or enhanced features since the version 2.3.1.

Newly Supported Standard Specifications

N/A

New Service Configuration Items

ID Token / Type of the aud claim

If “array” is selected, the type of the aud claim of ID tokens always becomes array. If “string” is selected, the type of the aud claim of ID tokens always becomes string.

ID Token / Reissuable

If “Enable” is selected, an ID token can be reissued in a refresh token flow.

See JavaDoc of TokenResponse class for details.

IDA / Validation Schema Set

Choice of the validation schema set that is used to validate the content of ‘verified_claims’.

Authlete recognizes the following names of validation schema sets.

  • “unspecified”: Same as “standard”
  • “standard”: The set of the legitimate JSON schema.
  • “standard+id_document”: A set of customized JSON schema that mostly conform to the standard but additionally accept ‘id_document’ as a valid name of evidence.

New Client Configuration Items

N/A

Added or Updated APIs

/auth/revocation API

Support client assertion client authentication method and mTLS at /auth/revocation API.

/auth/token/revoke API

Support JWT access tokens at /auth/token/revoke API.

accessTokenDuration request parameter

Added the accessTokenDuration request parameter to the following APIs. When this request parameter holds a positive integer, it is used as the duration of the access token. In other cases, this request parameter is ignored.

  • /auth/authorization/issue API
  • /auth/token API
  • /auth/token/issue API

locked response parameter

Added the locked response parameter to the following APIs. The parameter indicates whether a client is locked.

  • /client/get/{clientId} API
  • /client/get/list API

claimsAtUserInfo response parameter

Added the claimsAtUserInfo response parameter to the following APIs. This parameter represents the claim that the client application requested to be embedded in the userinfo response.

  • /auth/authorization/ API