Version Number : 2.3.12
Overview of This Release
This is a minor update of Authlete 2.3. It includes the following new or enhanced features since the version 2.3.1.Newly Supported Standard Specifications
N/ANew Service Configuration Items
ID Token / Type of the aud claim
If “array” is selected, the type of the aud claim of ID tokens always becomes array. If “string” is selected, the type of the aud claim of ID tokens always becomes string.ID Token / Reissuable
If “Enable” is selected, an ID token can be reissued in a refresh token flow. See JavaDoc of TokenResponse class for details.IDA / Validation Schema Set
Choice of the validation schema set that is used to validate the content of ‘verified_claims’. Authlete recognizes the following names of validation schema sets.- “unspecified”: Same as “standard”
- “standard”: The set of the legitimate JSON schema.
- “standard+id_document”: A set of customized JSON schema that mostly conform to the standard but additionally accept ‘id_document’ as a valid name of evidence.
New Client Configuration Items
N/AAdded or Updated APIs
/auth/revocation API
Support client assertion client authentication method and mTLS at/auth/revocation API.
/auth/token/revoke API
Support JWT access tokens at /auth/token/revoke API.accessTokenDuration request parameter
Added theaccessTokenDuration request parameter to the following APIs. When this request parameter holds a positive integer, it is used as the duration of the access token. In other cases, this request parameter is ignored.
/auth/authorization/issueAPI/auth/tokenAPI/auth/token/issueAPI
locked response parameter
Added thelocked response parameter to the following APIs. The parameter indicates whether a client is locked.
/client/get/{clientId}API/client/get/listAPI
claimsAtUserInfo response parameter
Added theclaimsAtUserInfo response parameter to the following APIs. This parameter represents the claim that the client application requested to be embedded in the userinfo response.
/auth/authorization/API