We are happy to announce the release of Curity 3.1.0 and 3.2.0. Though not a major update, this release includes a lot of fixes and features. In addition to the thousands of tests that run on each commit, we spent a lot of additional time during this release cycle on testing. We added a lot more tests and ways of testing to help us detect issues more quickly. We also made a lot of improvements to the core system, resulting in a more secure and performant base. We noticed that some flows ran over three times faster and were able to sustain 300% more concurrent users. If you're still on 2.X, you can expect a tremendous speed boost after upgrading!
As we mentioned a few weeks ago, 3.2 includes a supported Java Virtual Machine (JVM) from Azul Systems, alleviating customers' concerns about the changes to the Oracle JVM licensing model, support terms, and release cycle. One of the few dependencies of the Curity Identity Server is Java. Before now, the only supported Java Runtime Environment (JRE) was Oracle's; however, a supported JRE is now included!
The many new features included in 3.1 are highlighted below. (The only change that was made between 3.1 and 3.2 was the inclusion of the JRE.)
To further enhance the privacy of users, Pairwise Pseudonymous Identifier (PPID) support is now available. The JWT assertion grant type is now supported, which can be used to conform to PSD2 and deliver API-driven authentication. Furthermore, the SDK was enhanced to allow for new ways of sending email besides just SMTP. A plug-in example can be found on Github, and the Javadocs for the SDK were updated to include information about creating these kinds of plug-ins.
UX in the admin UI has also been improved. Management of OAuth clients and service providers was greatly streamlined. Another pain point in the UI has been key and certificate management. These have been greatly improved, allowing admins to configure trust stores using many methods and formats.
- Pairwise Pseudonymous Identifier (PPID) support is now provided
- JWT assertion grant type support for authenticating users has been added
- OAuth client management in the admin UI has been revamped and simplified
- Easier to configure trust stores and other keys/certs in the admin UI
- How emails are sent can be extended using the SDK
- Performance has been improved, tripling the number of requests per second in some cases
- Security has been improved for SMS, clustering, ROPC flow, token refresh flow, etc.
- Additional authentication actions are available
See the complete list of fixes and improvements in the release notes, and let us know if you run into any issues.