New Release: Curity Identity Server 8.0
We are pleased to announce the release of the Curity Identity Server 8.0.
This major release contains a number of significant new features and introduces some brand new concepts to simplify and streamline usage.
Here are some of the highlights:
A Simplified UI Mode
The Curity Identity Server 8.0 includes a new UI mode which simplifies the user experience (UX) and highlights important aspects of the configuration - convenient for new users and common use cases. You can easily switch between this trimmed view and the previously-existing UI with a toggle in the menu bar.
Android UI SDK for HAAPI
Another major addition is a new UI SDK for Android. This is the third layer in the SDK stack for the Hypermedia Authentication API (HAAPI) which now includes a complete UI that handles all API interactions and view rendering. With this new SDK, a mobile application can be integrated with HAAPI using only a few lines of code. This makes HAAPI a truly low code product. The other SDKs remain underneath this new one, letting developers decide which degree of integration they need.
New Token Procedure Plugins
Another helpful feature is the new token procedure plugins. This new type of plugin has been on many customers’ wishlists, and will allow developers to create advanced, testable customizations of how the product issues tokens. With this new feature, you can write and unit test your procedures in Java, making them more robust. This also simplifies maintenance and provides other customization options.
Native WebAuthn and Passkey Support for HAAPI on iOS
This release includes full passkey support in the WebAuthn authenticator. The new passkey option of this authenticator will force the user to log in and register with a user-verified device, meaning it requires 2-factors of authentication. In addition, the WebAuthn authenticator now supports HAAPI, meaning that iOS users can get a native, passwordless user experience.
GraphQL Account Listing for DynamoDB
The new version of the Curity Identity Server includes the improved GraphQL support with the ability to list accounts stored in DynamoDB backends. This completes the DynamoDB updates that have come over the last few versions and means that it now has parity with the JDBC datasource.
FAPI 2.0 Security Profile Compliance
Last but not least, we are proud to announce that the product adheres to the brand new FAPI 2.0 Security Profile, the second generation of the financial-grade version of OpenID Connect. We have been collaborating in the OpenID Foundation’s FAPI working group to push this specification forward, and voted with the other members to move it to the second implementer’s draft last month.
We are pleased with the way FAPI 2.0 reduces the client-side effort to achieve banking-grade security compared to FAPI 1.0. Support for this draft spec is one of the reasons you’ll see that the server responds with the new issuer (iss) parameter on the authorization endpoint.
Read the release notes for more details.
On Thursday, February 16 we hosted a release webinar to explore what’s new in 8.0. In the session, we will have a conversation with product management, highlighting new features, fixes, and enhancements.