Skip to main content
Skip table of contents

Cloud SSO Release Notes

22Q4 – .NET 6 and Minor Updates

  • Migrated application to .NET 6 (LTS)
  • Added SHA1 and SHA256 certificate thumbprint values for SAML apps
  • Disallowed access to Client Apps screen before domain setup and system settings were completed
  • Disallowed access to System Settings screen before domain setup was completed
  • Rearranged the System Settings screen to prioritize iMIS EMS, and hide some very rarely used settings under an "Advanced" expander
  • First-time setup values on the System Settings screen now contain more sensible defaults out-of-the-box (reduces errors on the first SSO connection)
  • SAML app editor screen is now presented in 2 columns to better make use of screen space

21Q3 – PKCE

  • Added support for the OAuth2 PKCE extension specification
    • Will take effect automatically if the correct PKCE parameters are passed (There is no on/off toggle for this feature, it is always on)

21Q2 – Configurable Access Restrictions

  • Added the ability to return a value via the Profile IQA and, depending on the value, conditionally deny access to a specific Client App.
    • The out-of-the-box "No Access" screen can be configured with a customizable header and HTML body.
    • The user can also optionally be redirected to another site instead.
    • Learn more about how to configure this in the Client App documentation.

21Q1 – ROPC Support and ID Token Enhancements

  • ID Tokens can now have additional properties injected into them from the user's custom profile (via the configured IQA). To learn more about this feature, visit the OIDC Profile Data page.
  • ROPC support, both public and confidential, has been added. To enable, configure a client application and enable either of the ROPC grant types.
  • We fixed some bugs around first-time setup in the admin area, and clarified an error message generated by the SSO app when the app is pointed to a different iMIS endpoint than the main Cloud ID instance.

20Q3 – 
 SAML 2.0 Support 

  • We've launched support for SAML 2.0!
    • Customizable assertion attributes based on IQA results
    • SP and IdP initiated logon
    • Optional single logout (Legacy Forms Auth identity mode only)
    • Request tracing for easy debugging
  • The ability to self-onboard your custom SSO domain has also been added.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close