We are pleased to announce that version 4.3 of the Curity Identity Server is out.
A couple years ago, we certified the Curity Identity Server for most of the OpenID Foundation’s profiles of OpenID Connect. This new release conforms to all of those and is also self-certified to comply with the dynamic, form post, 3rd-party login, and the FAPI profiles.
We have also implemented support for Dynamic Client Registration Management (DCRM, RFC 7592). In our implementation, we've gone beyond the RFC with support for “management clients” that invoke the DCRM API on behalf of other dynamic clients.
PSD2 is live! This release provides a new feature that will use the DN of the certificate used to authenticate to the DCR endpoint. This will allow TPPs to not have to include it in the JSON posted during registration. If present in the body, it will continue to be accepted as long as it matches, ensuring backward compatibility. This works in non-PSD2 use cases as well, when mutual TLS is used on the DCR endpoint.
As with all releases, this one fixes many bugs and includes a number of smaller enhancements. We hope you enjoy using this release as much as we enjoyed building it!
- Certified to comply with the OpenID Connect basic, config, implicit, hybrid, 3rd-party, form post, dynamic, and both MTLS and private key JWT variants of the Financial-grade API (FAPI) profiles
- Dynamic Client Registration Management (DCRM) defined in RFC 7592 and OpenID Connect is now supported
- A new RESTCONF API builder has been added to the UI that shows how to create any page’s config using the API
- The basic setup wizard allows the admin to login to the dev portal (at developer.curity.io) and download their licenses
- The DN of mutually authenticated, non-templatized clients is now automatically obtained, simplifying PSD2 deployments where the client doesn’t explicitly send it
- TLS 1.3 support was enhanced to allow the ChaCha20-Poly1305 cipher to be used
This is just a selection of what’s new in the release, you can see the complete list of fixes and improvements in the release notes.