Skip to main content
Skip table of contents

Cloud SSO Release Notes

22Q4 – .NET 6 and Minor Updates

  • Migrated application to .NET 6 (LTS)
  • Added SHA1 and SHA256 certificate thumbprint values for SAML apps
  • Disallowed access to Client Apps screen before domain setup and system settings were completed
  • Disallowed access to System Settings screen before domain setup was completed
  • Rearranged the System Settings screen to prioritize iMIS EMS, and hide some very rarely used settings under an "Advanced" expander
  • First-time setup values on the System Settings screen now contain more sensible defaults out-of-the-box (reduces errors on the first SSO connection)
  • SAML app editor screen is now presented in 2 columns to better make use of screen space

21Q3 – PKCE

  • Added support for the OAuth2 PKCE extension specification
    • Will take effect automatically if the correct PKCE parameters are passed (There is no on/off toggle for this feature, it is always on)

21Q2 – Configurable Access Restrictions

  • Added the ability to return a value via the Profile IQA and, depending on the value, conditionally deny access to a specific Client App.
    • The out-of-the-box "No Access" screen can be configured with a customizable header and HTML body.
    • The user can also optionally be redirected to another site instead.
    • Learn more about how to configure this in the Client App documentation.

21Q1 – ROPC Support and ID Token Enhancements

  • ID Tokens can now have additional properties injected into them from the user's custom profile (via the configured IQA). To learn more about this feature, visit the OIDC Profile Data page.
  • ROPC support, both public and confidential, has been added. To enable, configure a client application and enable either of the ROPC grant types.
  • We fixed some bugs around first-time setup in the admin area, and clarified an error message generated by the SSO app when the app is pointed to a different iMIS endpoint than the main Cloud ID instance.

20Q3 – 
 SAML 2.0 Support 

  • We've launched support for SAML 2.0!
    • Customizable assertion attributes based on IQA results
    • SP and IdP initiated logon
    • Optional single logout (Legacy Forms Auth identity mode only)
    • Request tracing for easy debugging
  • The ability to self-onboard your custom SSO domain has also been added.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.