We are pleased to announce that version 4.5 of the Curity Identity Server is out.
The new year is quickly approaching, and projects are trying to wind up before year's end. For this reason, we have made an extra release even though the last one was just two weeks ago. This includes a number of fixes and some features needed by customers racing to complete projects.
One of the primary additions is support encrypted ID tokens (or JWEs) in the OpenID Connect authenticator. This allows an OpenID Connect provider to encrypt the ID token with a public key, and Curity will be able to decrypt it using the corresponding private key.
There were also a number of changes made to the NetiD authenticator. It was previously removed from the UI, but is added back. Also, it is possible to use with other kinds of user IDs besides personal numbers (Swedish social security numbers). It is also possible now to get the user ID from the previous authenticator if one is configured; this avoids the prompt previously shown to collect the user ID.
- Encrypted JSON Web Token (JWE) support in the OpenID Connect authenticator
- Per OAuth client credential manager support for the ROPC flow
- Improved NetiD support, including ability to use other user IDs than personal numbers