The description of owner column in delegations table has been updated.
Migration scripts for all impacted databases are provided with this release in the $IDSVR_INSTALL/misc/upgrade/8.0-to-8.1/ directory.
Custom issuers are now enforced to have a unique combination of the issuer identifier and the purpose-type within
a profile. Until now, having such issuers in a token profile would result in runtime errors. Existing custom token issuers
have to be renamed in case they don’t adhere to this new constraint before upgrading. Token procedures using the renamed
issuers have to be updated to use the new issuer names.
A custom ID token issuer cannot have a data source configured now. Having a custom ID token issuer with a configured
data source in a token profile caused runtime errors, thus it is highly unlikely that such issuers are configured.
However, if such issuers are configured, they have to be updated - their data sources have to be unset before upgrading.
Having a custom ID token issuer configured on an authentication profile doesn’t produce any runtime error, however such
an issuer cannot be used in the runtime. Therefore it is recommended to remove such issuers completely.
The Email authenticator was updated so that when the authentication hyperlink is followed in the same user-agent/session
where it was requested, the authentication flow immediately continues in the window/tab where the hyperlink was followed.
In this case, the initial window/tab - which was waiting for the hyperlink to be followed - will move to a new page that
informs the user that authentication is completed (no further action is possible).
The new behavior can be disabled by setting hyperlink-continue-authentication-in-verify-window to false.
To support the new feature, a new template was added (authenticator/email/link-wait-completed/index.vm), as well as
the corresponding message keys.