Overview

This minor update introduces changes for Authlete 3.0. This new version was made available on June 11th (Wed).

New Features & Improvements

Added support for Native SSO

Implemented single sign-on across native mobile apps, which includes the following API changes :

• Added the nativeSsoRequested response parameter to the /auth/authorization API
• Added the sessionId request parameter to the auth/authorization/issue API
• Added the sessionId, deviceSecret, deviceSecretHash response parameters to the auth/token API
• Added a new /nativesso API
• Added the native_sso_supported metadata to the /service/configuration API
• Added the new nativeSsoSupported property to the /service/create API
• Added the nativeSsoSupported property to the /service/update API
• Added the capability to logout from all applications through the /nativesso/logout API

New activity log events have also been added as necessary.

IP token duration per client

Added the ability to define ID token duration at client level. Of all non-zero positive numbers the smallest one will be used as the duration for the ID token.

Client list API performance improvements

Added index to access_token table in order to reduce response time when querying the API for the list of clients a subject has granted access to.

Specs support

N/A

Bug fixes

Trust anchors update fix

Fixed an issue where service update API did not return updated trust anchors in the response when no trust anchors had been owned by the service.

Client update error fix

Fixed an issue where the accumulation of request_uri when using Pushed Authorization Requests (PAR) would result in 400 errors during client updates.

Other

N/A