Curity 3.3.0. Released!

We are happy to announce that version 3.3.0 of the Curity Identity Server has been released. It’s a minor release; but contains several enhancements, fixes and new features that we believe you will find useful. See a short summary of what’s new and some highlights below. The complete list of new features and fixes can be found in the release notes on the developer portal.

The most significant new feature is support for certificate-constrained access tokens and mutual TLS. This is an exciting feature because it allows for the use of Proof of Possession (PoP) tokens instead of only bearer tokens. This is needed when creating financial-grade APIs.

Another very helpful new feature that has been added is prefix scopes. This is useful, for instance, in PSD2 where the Berlin Group has stipulated that consent and payment information should be provided as a scope value. When combined with mutual TLS, signed request objects, DCR, and other features already in Curity, conforming to PSD2 is a snap! For non-financial services customers, this feature can be helpful to allow a client to request numerous scopes all starting with some certain value, for instance, /products/widgets/.


  • Mutual TLS and certificate-constrained tokens are now supported
  • Prefix or wildcard scopes can be configured to satisfy various use cases, not least of all PSD2
  • Improvements and fixes to the UI Builder - Can now be used without a Curity installation being available on the workstation
  • Certificates can now be viewed and downloaded with the UI

You can see the complete list of fixes and improvements in the release notes.

Any questions or feedback on the release, do not hesitate to get in touch.