Table of Contents
This minor update introduces changes for Authlete 3.0. This new version is available from March 26th (Thu).
Added support for AWS KMS as a new HWM provider.
Implemented support for using refreshToken and refreshTokenHash as identifiers in the /auth/token/update API.
Removed unused server properties, and consolidated default property definition logic.
Added support for OAuth SPIFFE Client Authentication using JWT-SVIDs
Fixed an issue where a newly created client alias could be used to attempt to delete older related entries in the cache.
Fixed an issue where a VCI encryption request holding a credential_response_encryption without the optional ‘zip’ parameter would result in NPE.
Fixed an issue where the service update audit logs would be missing the api_key in some cases.
Fixed an issue where the credential request would return invalidRequest instead of invalidProofs in some cases.
Fixed an issue where the CIMD endpoints would return 401 Unauthorized instead of 400 Bad Request on registration, metadata retrieval and metadata validation failures.
Fixed an issue where the cache would be updated before committing changes to the database in certain scenarios, which could lead to data inconsistencies.
N/A
