We are pleased to announce the release of the Curity Identity Server 6.4.
This is a minor release but it includes some great new features and customer-requested fixes.
We have added rolling SSO and refresh token support. These features have been frequently requested and will allow login and token extensions to continue as long as the user needs them. If this need goes beyond some configured maximum, however, rolling can be prevented. This prevents perpetual extensions but simplifies login and token refresh for active users.
Java, the underlying platform on which the Curity Identity Server runs, has been upgraded from Version 8 to Version 11. Although this is a significant change, it should not affect users even if custom plug-ins have been written.
Hypermedia Authentication API (HAAPI) has gone through some improvements: 1) Increased visibility and logging support; 2) The clock skew of DPoP tokens, added in 6.3.1, is now configurable in the UI; 3) The Web SDK has been updated with improved error reporting; 4) Support for some devices, like the Pixel 2, was added by new settings in the attestation policies.
As always, this release also includes some fixes and smaller enhancements. One especially noteworthy improvement is startup performance. Even with the new version of Java, upgrading should be smooth. All customers on 6.X are recommended to upgrade promptly.
Read the release notes for more details.
On Tuesday, August 31, at 15:00 CEST / 9 AM EDT we will host a short webinar to explore what’s new in 6.4. We will go through the release notes, highlighting new features, fixes and, enhancements.