Safewhere Identify 5.16 Release Notes

New features and improvements

• Only store hashes of Access tokens in the database, which are stored to support Token introspection and revocation, to improve security and reduce the size of data storage.
• Information about access tokens that the Identity configurator generates to provision data using the REST API is stored in the database. This change ensures that the tokens are valid when the Enable REST API Access token revocation check option is enabled.
• Apply [Obfuscation(Exclude = true)] to decorate all serializable classes, excluding exceptions. This update aims to facilitate zero downtime upgrade from this version to new versions.
• Add the Encrypt attribute to the database connection strings. The latest version of Microsoft.Data.SqlClient has changed its default value when Encrypt attribute is not specified in the connection setting from false to true, which breaks deployments where the SQL Server uses a self-signed certificate.
• Additional validations have been implemented for OAuth/OIDC applications.

Bug Fixes

• Fixed: #107520 [IC] Secrets are incorrectly handled when deploying an Identify tenant.
• Fixed: #107765 [IdentifyAdmin] Source dropdown option only shows NameID for NameID transformation when current logged user is not part of Root organization.
• Fixed: #108051 [RESTAPI] Group resource update is incorrectly handled with ConfigurationContributor permission