New Release: Curity Identity Server 6.4

New Release: Curity Identity Server 6.4

We are pleased to announce the release of the Curity Identity Server 6.4.

This is a minor release but it includes some great new features and customer-requested fixes.


Rolling SSO and refresh token support

We have added rolling SSO and refresh token support. These features have been frequently requested and will allow login and token extensions to continue as long as the user needs them. If this need goes beyond some configured maximum, however, rolling can be prevented. This prevents perpetual extensions but simplifies login and token refresh for active users.

Java 11 upgrade

Java, the underlying platform on which the Curity Identity Server runs, has been upgraded from Version 8 to Version 11. Although this is a significant change, it should not affect users even if custom plug-ins have been written.

Hypermedia Authentication API-related improvements

Hypermedia Authentication API (HAAPI) has gone through some improvements:

  1. Increased visibility and logging support;
  2. The clock skew of DPoP tokens, added in 6.3.1, is now configurable in the UI;
  3. The Web SDK has been updated with improved error reporting;
  4. Support for some devices, like the Pixel 2, was added by new settings in the attestation policies.

As always, this release also includes some fixes and smaller enhancements. One especially noteworthy improvement is startup performance. Even with the new version of Java, upgrading should be smooth. All customers on 6.X are recommended to upgrade promptly.

Read the release notes for more details.

Release Webinar


On Tuesday, August 31, at 15:00 CEST / 9 AM EDT we will host a short webinar to explore what’s new in 6.4. We will go through the release notes, highlighting new features, fixes and, enhancements.

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.