What's Changed

• refactor(jans-cedarling): move the cedar mapping info fields into a json object by @0xtinkle in #11772
• chore: revert back to nightly by @moabu in #11859
• fix(docs): update TARP installation instructions by @ossdhaval in #11856
• fix(README): Add information about project stages by @ossdhaval in #11854
• feat(jans-auth-server): updates to Audience Values for OAuth 2.0 Authorization Servers #11842 by @yuriyz in #11851
• fix(jans-cli-tui): move fido2 hints to dynamic conf by @devrimyatar in #11861
• feat(config-api): endpoint to return table info by @pujavs in #11866
• feat(jans-auth): add type prefixes to each keys which application stores in cache #11565 by @yuriyz in #11871
• ci: update codeowner for Cedarling module by @ossdhaval in #11873
• fix(docs): merge the Cedarling quick start guides by @ossdhaval in #11872
• chore(jans-auth-server): activemq dependency upgrade 5.15.16 -> 5.16.8 ([Snyk] Fix for 1 vulnerabilities) by @mo-auto in #11379
• fix(jans-linux-setup): KC version 26.3.2 by @devrimyatar in #11892
• fix(jans-cli-tui): improve logging by @devrimyatar in #11903
• fix(jans-cli-tui): pagination AIP change for repositories endpoints by @devrimyatar in #11906
• fix(jans-linux-setup): github API endpoint changes for agama projects by @devrimyatar in #11908
• feat(jans-cedarling): use hashes for ID in fields by @SafinWasi in #10853
• fix(jans-cedarling): fix krakend plugin to reflect resource changes by @SafinWasi in #11898
• feat: increase the validity period of tokens in tarp to one day by @duttarnab in #11900
• feat(jans-fido2) : added integration test cases for the device registration flow by @imran-ishaq in #11894
• fix(jans-lock): fix config endpoint URL by @yurem in #11915
• feat(jans-config-api): restore jans-config-api plugins jans-link-plugin by @yurem in #11912
• fix(jans-linux-setup): fido2 test setup fixes by @devrimyatar in #11929
• feat(config-api): audit for config-api endpoint by @pujavs in #11895
• feat(jans-cli-tui): auidit log tab for Config Api by @devrimyatar in #11931
• fix(cloud-native): invalid pathType when nginx ingress controller uses strict-validate-path-type config by @iromli in #11911
• feat(jans-auth-server): created interception script for Logout Status JWT #11250 by @yuriyz in #11930
• fix(jans-linux-setup): session argument for get_sqlalchObj_for_dn by @devrimyatar in #11935
• chore(deps): bump org.eclipse.jetty:jetty-deploy from 9.4.49.v20220914 to 12.0.24 in /jans-bom by @dependabot[bot] in #11933
• fix(docs): fix broken links issue by @ossdhaval in #11902
• fix(docs): update link to the script location by @ossdhaval in #11940
• ci: fix krakend build by @moabu in #11944
• refactor(docs): unify WASM and Javascript Cedarling docs by @ossdhaval in #11941
• fix(docs): fix formatting in Jans README by @ossdhaval in #11938
• feat: offer a way to easily copy the tokens to clipboard by @duttarnab in #11949
• ci: jans-soak test jmeter script by @manojs1978 in #11946

Full Changelog: v1.9.0...nightly

1.9.0 (2025-07-25)

Features

• add check to prevent unsigned user-info jwt in the role_based_scopes_update_token script (Admin UI) (#11724) (52c4682)
• add the mandatory permissions for default roles in Admin UI (#11711) (9a56669)
• added essentialPermissionInAdminUI attribute to AdminPermission object (#11714) (d945703)
• cloud-native: add the mandatory permissions for default roles in Admin UI (#11739) (7831887)
• config-api: audit for config-api endpoints (#11760) (be52530)
• config-api: logs to indicate password related activity (#11791) (838686b)
• jans-auth-server: deprecated /revoke_session endpoint (it duplicates Global Token Revocation functionality) #11470 (#11801) (d7178aa)
• jans-auth-server: improved SessionIdService - added option to load session without local copy #11366 (#11761) (4510bd2)
• jans-auth-server: small improvement of ssa doc #11736 (#11737) (7a6af91)
• jans-auth: exclude htmlunit-* dependencies from final artifacts (#11830) (1c17b6d)
• jans-auth: fix client_registration script imports (#11705) (8b75934)
• jans-cedarling: add maven javadocs plugin in java binding (#11745) (f68e936)
• jans-cedarling: add support for the optional SSA JWT (#11653) (902f9d0)
• jans-cedarling: implement JWT status list validation (#11520) (f2e7f29)
• jans-cedarling: output cedar annotations when there are any policy failures (#11588) (0714a17)
• jans-config-api: add cedarlingLogType attribute in Admin UI configuration (#11755) (d4da957)
• jans-config-api: add endpoint to reset license details in Admin UI configuration (#11786) (56df1e6)
• jans-config-api: update OpenApi specs for Admin UI plugin (#11729) (4dc0c9a)
• jans-fido2: Add unit tests for attestation controller for handling missing username, invalid origin, and challenge, with successful register and verify scenarios. (ca68fd0)
• jans-linux-setup: add Debian 13 MySQL support (#11759) (7fbcd10)
• jans-linux-setup: create clients takes all possible arguments (#11770) (eca4b0c)
• jans-linux-setup: debian 13 support for internal use (#11685) (7b6e25b)
• jans-orm: add method to return internal information about tables (#11695) (7039b74)
• update OpenApi specs for Admin UI plugin (4dc0c9a)

Bug Fixes

• add defeat the gorn (5ed2dcd)
• config-api: user name validation modification (#11776) (45386c1)
• doc: added default values for sessionId related properties to avoid confusion (#11781) (0894860)
• docs: add documentation for configuration and session management (#11091) (0184771)
• docs: add note on config refresh behavior in TUI (#11789) (b237d19)
• docs: add upgrade note about manual custom script updates (#11719) (8a6e3db)
• docs: docs fix cedarling propertie link issue (aaa4eb9)
• docs: docs fix Sample Scripts link issue (bf617a3)
• docs: docs fix sample scripts link issue (#11779) (bf617a3)
• docs: docs update jans readme (#11687) (bf42440)
• docs: fix Cedarling property link issue (#11780) (aaa4eb9)
• docs: fix incorrect link in Jans Casa docs (#11798) (ec9a3a9)
• docs: remove attribute page (00e0b2d)
• docs: remove config-api attribute page (#11722) (00e0b2d)
• docs: remove converting data (e729c89)
• docs: remove the link to the converting data document from left nav (#11720) (e729c89)
• docs: reorganise supported OS versions for VM installation (#11679) (329a113)
• docs: update supported OS versions (329a113)
• docs: update testing document with Poetry installation instructions (#11681) (e609156)
• jans-auth-server: set sub claim to client identifier for "client credentials grant" for AT as JWT #11413 (#11778) (60373a7...

1.8.0 (2025-06-24)

Features

• charts: add nodeSelector spec (#11495) (90409f8)
• cloud-native: introduce Logout Status JWT (#11626) (6f5fe8f)
• cloud-native: introduce session_jwt=true at Authorization Endpoint and Session JWT Status List Endpoint (#11477) (5ae709f)
• config-api: scope search to include scopeType (#11607) (b77b72d)
• config-api: use orm method to provide persistence metadata (#11509) (dbdc1bd)
• config-api: use orm method to provide persistence metadata #11459 (#11473) (736d7f6)
• improve the display of cedarling result (#11552) (5ec5268)
• jans-auth-server: introduce session_jwt=true at Authorization Endpoint and Session JWT Status List Endpoint #11229 (#11251) (6b45f51)
• jans-auth-server: introduced Logout Status JWT #11468 (#11505) (92796fb)
• jans-auth: allow to override HttpService2 connection manager setting (54c547a)
• jans-auth: allow to override HttpService2 connection manager settings (#11586) (54c547a)
• jans-auth: update owasp (#11610) (bda24dc)
• jans-cedarling: implement sending logs to the lock server (#11161) (9330821)
• jans-cedarling: improve error message if json parsing of policy store failed (#11508) (4904d90)
• jans-cedarling: jans cedarling java binding (#11441) (da5423f)
• jans-cedarling: upgrade jna in cedarling-java binding (#11614) (aa45972)
• jans-cli-tui: display build date and build versions (#11539) (59415c8)
• jans-cli-tui: load agama community projects in 20 mins interval (#11627) (44873e0)
• jans-cli-tui: required property for attribute (#11593) (6b8c7a9)
• jans-config-api: update the license API url called from config-api (Admin UI Plugin) (#11559) (c8b7437)
• jans-core: added diagnostic to java compiler (#11562) (99bd129)
• jans-linux-setup: optional rdbm db schema (#11503) (f516bbc)
• jans-orm: add method to provide persistence metadata (#11450) (a066fcf)
• jans-orm: implement solution to import hashed passwords (7518dca)
• jans-orm: implement solution to import hashed passwords (#11601) (d8f5faa)
• jans-script: add sample Argon2 Persistence Ezxtension script (#11521) (3e2593f)
• jans-tui: added Jans-Client header (#11594) (13bd6c1)
• jans=-script: add sample Argon2 Persistence Ezxtension script (3e2593f)
• orm: fetch databaseName for PersistenceMetadata (#11485) (f9ffcac)
• orm: fix doc file (#11494) (0e71ad6)
• orm: fix doc file (#11497) (76d8f1d)
• orm: support password hashing using Argon2 (#11465) (5d48b27)
• orm: support password hashing using Argon2 (#11481) (47549af)
• update tf build docs (#11632) (c9f37dd)
• update the license API url called from config-api (Admin UI Plugin) (c8b7437)

Bug Fixes

• ConfigApi access to endpoint without scope verification (92eea4d) 🔒
• build_cedarling_uniffi job in github workflow is failing (355cb2a)
• charts: invalid template function calls when using AWS secrets manager (#11467) (6a114a6)
• config-api: Scope filter based on fieldValuePair (#11528) (560f7a3)
• config-api: Scope filter based on fieldValuePair #11524 (560f7a3)
• docs: Add Cedarling Technical Overview doc (d04336d)
• docs: add appropriate title to the document (#11579) (2907197)
• docs: add Cedarling technical overview doc (#11581) (d04336d)
• docs: correct jans api swagger reference (#11474) (7072a83)
• docs: remove overview title (2907197)
• docs: update release urls to point to latest Janssen release (#11557) ([d13b291](https://github.com/JanssenProject/jans/co...

1.7.0 (2025-05-20)

Features

• jans-auth-server: added refresh token lifetime to Token Endpoint response #11400 (#11414) (00d7c88)
• jans-cedarling: update plugin to use binding (#11356) (c61ef53)
• jans-cli-tui: ssa templates (#11368) (ed18096)
• jans-core: add jakarta.mail for TLS support (#11428) (8cf6b68)
• jans-lock: try to reload /.well-known/openid-configuration on f… (#11392) (00e2257)
• jans-lock: try to reload /.well-known/openid-configuration on failure (00e2257)
• use cedarling uniffi kotlin binding in java project (#11336) (067b3c1)

Bug Fixes

• docs: add Config API OpenAPI Spec generation at build time (#11407) (70277c5)
• docs: add sections to place ADRs and design decisions (#11380) (4c0db93)
• docs: refactor development docs to add content from Wiki (#11409) (71d133f)
• docs: update curl instructions for jans config api (#11415) (39b6b82)
• jans-cedarling: fix logs in jwt module not getting displayed correctly (#11369) (e856545)
• jans-cli-tui: array type in auth properties (#11399) (6e4d7e4)
• jans-cli-tui: object type configuration properties (#11391) (7cf13a1)
• mail dependencies (#11426) (58c02b0)
• remove version_name attribute from manifest.json (#11387) (0febbd9)

Miscellaneous Chores

• prepare release 1.7.0 (#11432) (13e4c41)

1.6.0 (2025-05-08)

Bug Fixes

• fix(jans-linux-setup): pass -n to setup.py when invoked by -yes by @devrimyatar in #11180
• fix(docs): fix image paths in SAML SSO document by @ossdhaval in #11183
• fix(docs): add missing script to index by @yurem in #11186
• fix(jans-auth-server): Access Token from and OIDC flow should not contain the code #11181 by @yuriyz in #11197
• docs(jans-cedarling): improve cedarling docs by @rmarinn in #11193
• docs(jans-cedarling): new quickstart using tarp by @SafinWasi in #11004
• chore: release nightly by @moabu in #11213
• feat(jans-auth-server): add none client authentication support to PAR endpoint #10573 by @yuriyz in #11201
• feat: add ability to use cedarling authz before and after authentication by @duttarnab in #11203
• fix(jans-cedarling)!: role entity not being created in the unsigned interface by @rmarinn in #11176
• fix(docs): proofread and update the Cedarling quick start guide by @ossdhaval in #11210
• fix(docs): proofread and update the TBAC Cedarling quick start guide by @ossdhaval in #11214
• fix(docs): update titles for the Cedarling quick start guides by @ossdhaval in #11220
• Update rhel.md for sha command update by @manojs1978 in #11189
• feat: refactor tarp to adjust with security changes in chrome browser by @duttarnab in #11232
• feat(jans-linux-setup): support for cleanUpInactiveClientAfterHoursOfInactivity for clients by @devrimyatar in #11231
• chore(deps): bump blazemeter/taurus from 1.16.38@sha256:5bb39436180f7c769e00140b781bb1054a1eb4592dd9b82f76dcde470811bf39 to sha256:aa22ab6b42d24ec87ea9f68e4d6db9118619eecf69db76c1c0711f3515897780 in /demos/benchmarking/docker-jans-loadtesting-jmeter by @dependabot in #11238
• fix(jans-cedarling): entity builder not finding the 'iss' entity by @rmarinn in #11235
• bug(jans-cedarling)!: Fix all tokens_metadata to token_metadata by @olehbozhok in #11215
• feat(jans-auth-server): add configurable way to put user claims to session attributes #9625 by @yuriyz in #11219
• fix: validate license configuration in the database when fetching license details from Agama Lab server upon expiry (Admin UI) by @duttarnab in #11245
• fix(jans-pycloudlib): resolve schema error caused by marshmallow upgrades by @iromli in #11247
• fix: remove ID from profile instead of nullify it by @jgomer2001 in #11253
• chore(cloud-native): sync jans-pycloudlib to handle marshmallow library API changes by @iromli in #11255
• feat: rename jans-tarp project to janssen-tarp by @duttarnab in #11249
• chore: updgrade nimbus so json-smart is bumped to 2.5.2 by @jgomer2001 in #11264
• chore(jans-cedarling): add post to cedar schema by @SafinWasi in #11227
• [Snyk] Security upgrade io.swagger.core.v3:swagger-core-jakarta from 2.2.7 to 2.2.11 by @mo-auto in #11166
• build(config-api): lib version to resolve vulnerabilities by @pujavs in #11262
• feat(core): update resteasy to new version by @yurem in #11269
• Update resteasy by @yurem in #11273
• fix(jans-cedarling): fix usage outdated field resource_type by @olehbozhok in #11266
• fix(bom): use right jakarta.ws.rs-api version by @yurem in #11278
• feat(jans-cedarling): Optimize Cedar libraries size by @olehbozhok in #11281
• fix(jans-cedarling): fix docs bootstrap properties, remove redundant property by @olehbozhok in #11275
• fix(bom): deprecate jackson-module-jaxb-annotations by @yurem in #11286
• fix(bom): deprecate jackson-module-jaxb-annotations by @yurem in #11287
• fix(core): fix ClassNotFoundException XmlElement exception by @yurem in #11293
• fix(cloud-native): demo scripts fail to deploy cluster due to python externally-managed-environment error by @iromli in #11290
• feat(jans-cedarling): add some logging msgs for jwt service startup by @rmarinn in #11178
• feat: add field reset button in cedarling authz form by @duttarnab in #11260
• fix: update terraform provider docs and API calls by @moabu in #11301
• feat(jans-cli-tui): splash screen by @devrimyatar in #11298
• feat: allow linking to occur in a popup by @jgomer2001 in #11305
• fix(config-api): custom script creation failing #11307 by @pujavs in #11308
• Jans linux setup jetty 12 11276 by @devrimyatar in #11295
• fix(jans-cli-tui): add pylib to path before importing promptoolkit by @devrimyatar in #11313
• feat(jans-cedarling): go binding for cedarling by @olehbozhok in #11239
• fix(jans-linux-setup): jetty.sh script waits service started by @devrimyatar in #11319
• feat(jans-auth): add missing erver side tests dependecy by @yurem in #11315
• Lock api by @yurem in #11317
• Auth deps by @yuremm in #11321
• feat(jans-config-api): disable jetty ee9-jsp module in jans-config-api by @yurem in #11324
• chore(deps): bump setuptools from 70.0.0 to 80.1.0 in /docs by @dependabot in #11327
• chore(deps): bump blazemeter/taurus from 1.16.40 to 1.16.41 in /demos/benchmarking/docker-jans-loadtesting-jmeter by @dependabot in #11302
• chore(deps): bump docker/setup-qemu-action from 5306bad0baa6b616b9934712d4eba8da2112606d to 737ba1e397ec2caff0d098f75e1136f9a926dc0a by @dependabot in #11283
• chore(deps): bump actions/setup-python from 5.0.0 to 5.6.0 by @dependabot in #11282
• chore(deps): bump sigstore/cosign-installer from 3.5.0 to 3.8.2 by @dependabot in #11270
• fix(jans-fido2): #11331 minor edits by @maduvena in #11332
• chore: misc casa image updates by @jgomer2001 in #11334
• docs: add cedarling rust docs by @moabu in #11311
• chore(deps): bump org.quartz-scheduler:quartz from 2.3.2 to 2.5.0 in /jans-casa by @dependabot in #10206
• chore(deps): bump commons-io:commons-io from 2.17.0 to 2.19.0 in /jans-casa by @dependabot in #11217
• fix: fix the android and iOS sample app based on changes in cedarling uniffi binding by @duttarnab in #11294
• chore(deps): bump org.apache.maven.plugins:maven-clean-plugin from 2.5 to 3.4.1 in /jans-casa by @dependabot in #10903
• chore(deps): bump org.apache.maven.plugins:maven-war-plugin from 2.3 to 3.4.0 in /jans-casa by @dependabot in #9985
• chore(deps): bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 in /jans-casa by @dependabot in #9996
• chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 2.1.1 to 3.21.0 in /jans-casa by @dependabot in #10064
• chore(ci): SBOM enrichment and upload as a release asset by @ossdhaval in #11267
• feat(cloud-native): upgrade to Jetty 12 by @iromli in #11297
• fix(jans-cedarling): switch cedarling instance to pointer by @SafinWasi in #11338
• fix(core): fix unable to decorate com.sun.faces.config.ConfigureListener by @yurem in #11345
• feat(jans-link): turn off Weld dev mode in production by @yuremm in #11347
• fix(charts): missing feature of jans-keycloak-link by @iromli in #11257
• fix(jans-cli-tui): include jans-logo.txt in package by @devrimyatar...

1.5.0 (2025-04-04)

⚠ BREAKING CHANGES

• jans-cedarling: move TOKEN_CONFIGS into the token_metadata schema (#10972)

Features

• Refactor Link Interception Script ([#11144])(15a44bc)
• add ability to decode token jwt so that users can check claims in payload (#10930) (a88aab3)
• add ability to show decision, system and metric logs in tarp based on user selection (#10917) (4df25f0)
• add ability to to use cedarling authorize_unsigned in tarp (#11147) (3185a89)
• add tolerations (03ae383)
• add tolerations to helm charts (#11100) (03ae383)
• admin-ui should only make monthly request agama-lab to validate license (#10966) (3647fe8)
• apply password policy to set/reset password (#11149) (52f0f47)
• charts: cloudtools integration with Helm charts (#11102) (5739aa3)
• cloud-native: create utility image to run commands for cluster (#10987) (51e175c)
• code refactoring for UI improvement in tarp (#11151) (123e62f)
• docs: session management (#11098) (d3fcf8b)
• jans-auth-server: do not return claim in introspection response if it's null. #10865 (#10877) (eb3de16)
• jans-auth-server: introduce rate limit support for DCR (#10991) (6a1ccce)
• jans-auth-server: make all ssa attributes optional during creation #10858 (#10896) (a01b1ca)
• jans-auth-server: rate limit - use guava cache to auto-expire buckets during high load #11054 (#11059) (01a0a9f)
• jans-auth-server: removed CleanerTimer from AS (replaced by independent clean service) (#11096) (bb51848)
• jans-auth-server: requirePkce configuration property on client level (#10962) (4cda61c)
• jans-auth-server: set expiration to the past (to clean up) on SSA revoke #10916 (#10939) (8c460ca)
• jans-cedarling: add alias to load key policy_store_version` (#10893) (21e4acc)
• jans-cedarling: add an example that runs profiling (#10979) (dc38e10)
• jans-cedarling: Add bootstrap properties of memory logger max_items and max_item_size (#10924) (2189094)
• jans-cedarling: create uniffi binding for cedarling with sample ios app using it (#10816) (026ed0b)
• jans-cedarling: implement loading types from other namespace (#10807) (da05595)
• jans-cedarling: include a sample android app in cedarling uniffi binding (#10994) (5b74f9d)
• jans-cedarling: New interface: authorizeUnverified - send Principal as Object v. JWT (#11035) (37b72ad)
• jans-cedarling: Support JSON logic for principal boolean operations (#10956) (cbe4dbc)
• jans-cli-tui: add hints to fido configuration screen (#10864) (39ffa8a)
• jans-cli-tui: SSA custom attributes 10855 (#10870) (6f2cb6b)
• jans-linux-setup: data cleaning cron job task (#10946) (33d5eb2)
• jans-linux-setup: LDAP Link installation is optional (#10964) (673d7fb)
• jans-linux-setup: link jans script to /usr/local/bin (#11125) (d8c7a17)
• jans-linux-setup: link jans script to /usr/localbin (d8c7a17)
• jans-linux-setup: ubuntu24 support (#10949) (481fdca)
• jans-lock: configure maven to update OpenAPI lock-server.yaml (#10952) (11c2249)
• jans-lock: configure maven to update OpenAPI lock-server.yaml (#10953) (a8f09f2)

Bug Fixes

• admin UI unable to fetch MAU _threshold on restart of config-api (b4cfaa2)
• charts: broken istio integration (#11041) (8b536ab)
• core: remove jansAlias from jansDocument (#11085) (a3a9bb2)
• docs: add Cedarling quick start guide and binding type documents (#10906) (bc0686f)
• docs: Cedarling docs updates (#10998) (903e29f)
• docs: Cedarling documentation reorganisation (#10900) (33920c2)
• docs: incorrect package name in rhel document (#10890) ([1d98a9c](https://github.com/JanssenPro...

What's Changed

• chore: release nightly by @moabu in #10709
• docs: fix installation references by @moabu in #10711
• fix(jans-linux-setup): Store fido2 authenticator_cert in DB by @devrimyatar in #10697
• Lock update by @yurem in #10701
• fix(jans-linux-setup): update jansservices module post setup by @devrimyatar in #10715
• feat(jans-cedarling): Load bootstrap properties from environment variables by @olehbozhok in #10692
• feat: update help section of tarp by @duttarnab in #10708
• feat(jans-cedarling): add krakend plugin by @SafinWasi in #10713
• feat: add support for parameterizable enter/exit urls in flows by @jgomer2001 in #10716
• fix(jans-cli-tui): ScrollablePane for config-api main screen by @devrimyatar in #10722
• fix(jans-cli-tui): save config-api configuration by @devrimyatar in #10724
• feat(agama): allow integration of Agama flows in AS consent by @jgomer2001 in #10727
• fix: account absent start url in native flows by @jgomer2001 in #10731
• feat(config-api): testng framwork changes by @pujavs in #10734
• feat(config-api): testng framework cleanup changes by @pujavs in #10736
• feat(jans-linux-setup): restart admin-ui via jans by @devrimyatar in #10740
• chore(jans-linux-setup): revert admin-ui restart by @devrimyatar in #10744
• fix(jans-auth-server): second authorization challenge call does not invoke the right script #10745 by @yuriyz in #10746
• test(config-api) scim test failure by @pujavs in #10750
• feat(jans-cedarling): implement environment variable loading for sidecar by @SafinWasi in #10751
• feat(config-api): lock stat endpoint and SAML TR fix by @pujavs in #10755
• feat(jans-auth-server): allow invoke consent script by acr #10548 by @yuriyz in #10712
• fix(jans-auth-server): typo in determineConsentFlow method #10758 by @yuriyz in #10759
• feat(jans-cedarling): custom tokens and putting tokens in principal attrs by @rmarinn in #10706
• fix(jans-cedarling): fix token handling by @SafinWasi in #10761
• docs: add Agama section for consent flows by @jgomer2001 in #10765
• feat(jans-lock): redirect for consent if external script is enabled a… by @yurem in #10771
• docs(config-api): customization doc by @pujavs in #10777
• docs(jans-cedarling): update schema for tokens by @SafinWasi in #10738
• fix(docs): update Agama Lab quick start guide by @ossdhaval in #10779
• feat(jans-cedarling): implement benchmarks for startup and authz by @rmarinn in #10775
• fix: align consent script wrt latest AS updates by @jgomer2001 in #10780
• fix(jans-auth-server): always save access_token to persistence regardless of cache configuration #10763 by @yuriyz in #10784
• chore: replace deprecated LDAP enum by DB by @jgomer2001 in #10792
• docs(agama-lab-docs): remove duplicate image by @kdhttps in #10793
• feat(jans-cedarling): Improve log searching and retrieval by @olehbozhok in #10772
• fix!(jans-cedarling): fix cedarling-properties docs to be more proper by @olehbozhok in #10788
• fix(jans-linux-setup): fido document store paths by @devrimyatar in #10801
• fix: references to file location_type by @moabu in #10797
• chore(cloud-native): sync assets and configuration for cloud-native setup by @iromli in #10768
• ci: publish cedarling wasm to npm by @moabu in #10804
• fix: Corrected fido-2-devices link to heading in user management document. Issue #9636 by @DanielSEncora in #10794
• docs(jans-cedarling): update readme for scope based access by @SafinWasi in #10811
• docs: javadocs are now consistent with code, issue#4120 by @DanielSEncora in #10813
• feat(demo-tarp): use @janssenproject/cedarling_wasm npm package #10805 by @duttarnab in #10806
• fix(docs): update broken link in custom claims document by @The-D-007 in #10781
• chore(jans): upgrade packages installed to a non-vulnerable version by @misba7 in #10725
• feat(jans-cedarling): update sidecar for log retrieval by @SafinWasi in #10786
• chore(docs): fix miscellaneous issues by @ossdhaval in #10834
• fix(docs): update LDAP link document with configuration details by @ossdhaval in #10824
• docs(terraform-provider-jans): fix docs example by @misba7 in #10828
• fix: update resource endpoints for terraform by @moabu in #10836
• chore: update person orm bean by @jgomer2001 in #10822
• chore(main): release 1.4.0 by @mo-auto in #10818
• feat(jans-auth-server): add Token Exchange interception script #8157 by @yuriyz in #10520
• chore: release 1.4.0 by @moabu in #10837
• docs(jans-cedarling): shorten conditional by @SafinWasi in #10812
• doc(jans-auth-server): added /internal/stat to swagger #10839 by @yuriyz in #10852
• fix: getting 401 Unauthorized for /jans-config-api/api/v1/stat by @duttarnab in #10857
• fix(docs): add SSA configuration docs by @ossdhaval in #10823

New Contributors

• @DanielSEncora made their first contribution in #10794
• @The-D-007 made their first contribution in #10781

Full Changelog: v1.3.0...v1.4.0

1.3.0 (2025-01-20)

Features

• agama: modify RRF and RFAC behavior for non-web clients (#10547) (58fd359)
• allow integration of Agama flows into the authz challenge enpoint (#10587) (856f9fe)
• cedarling integration with tarp (#10681) (4f44337)
• cloud-native: secure mounted configuration schema (#10577) (57c266a)
• extract wasm tar in /jans-tarp folder (#10689) (ca8f453)
• integrate cedarling with jans-tarp (#10662) (9f9ae8a)
• jans-auth-server: introduced new 'prepareAuthzRequest' method in authorization challenge script (#10598) (02c240e)
• jans-auth: log current folder in UserJansExtUidAttributeTest test (ca79ace)
• jans-auth: log current folder in UserJansExtUidAttributeTest test (#10667) (51ce4dc)
• jans-auth: Remove copyright footer (#10666) (474661c)
• jans-auth: Show valid client name or id in consent form (#10649) (5a53d53)
• jans-cedarling: add to decision log diagnostic info (#10581) (6f8dc7c)
• jans-cedarling: add WASM bindings for Cedarling (#10542) (ec7c7e1)
• jans-cedarling: implement CEDARLING_ID_TOKEN_TRUST_MODE (#10585) (d76f28c)
• jans-cedarling: Make SparKV use generics, and update MemoryLogger to use those. (#10593) (25c7a49)
• jans-fido2: Add test cases for RP domain origin validation and handle multiple origins #9248 (22f0cbe)
• jans-fido2: Add test cases for RP domain origin. (#10572) (22f0cbe)
• jans-lock: lock should collect MAU and MAC based on log entries… (#10328) (b8a7e1a)
• jans-pycloudlib: secure mounted configuration schema (#10551) (2d27184)

Bug Fixes

• actions: immutable github sha instead of github head_ref (5091b56)
• agama: update expected status code (#10618) (c0dce75)
• build acct linking agama (#10575) (85b95ec)
• cloud-native: add missing endpoints to aio image (#10595) (5fb1903)
• cloud-native: resolve image builds on slow network (#10524) (3409098)
• config-api: setting agama flow as auth method (#10539) (3c00152)
• docker-jans-auth: missing permissions on /app/templates (#10641) (f1b3ca2)
• docker-jans-persistence-loader: exclude external tables when creating indexes (#10522) (9610bc1)
• docs: add documentation for jans wrapper command (#10611) (b65f5e1)
• docs: correct the file name for Keycloak link document (#10680) (35e6ef0)
• docs: minor fixes to the Jans README (#10604) (41bf8b8)
• docs: minor URL fixes (ba9908d)
• docs: minor URL fixes (#10632) (ba9908d)
• docs: remove tent references (040ff17)
• docs: remove tent references from documentation (#10603) (040ff17)
• implement missing method from interface (#10646) (2381a09)
• jans-auth-server: access evaluation tests are failing on jenkins (#10630) (8789289)
• jans-auth-server: access evaluation tests are failing on jenkins #10629 (37e177c)
• jans-auth-server: access evaluation tests are failing on jenkins #10629 (8789289)
• jans-auth-server: challenge endpoint returns 400 if authorize throws an unexpected exception (#10553) (02c3df7)
• jans-auth-server: failing test - SelectAccountHttpTest selectAccountTest #10647 (d19e34f)
• jans-auth-server: NPE during client name rendering #10663 (9dbcb0d)
• jans-auth-server: test is failing - TokenRestWebServiceHttpTest requestAccessTokenFail #10637 (db38009)
• jans-auth-server: tests corrections (ef8a07a)
• jans-auth: log current folder in UserServiceTest test (#10675) (1468b47)
• jans-cedarling: fix Cedarling WASM docs (#10601) (7690030)
• jans-kc-link: remove default keycloak configs (#10679) ([261c936](https://github.com/JanssenProject/jans/...

☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️ ☃️

1.2.0 (2024-12-24)

Features

• add internationalization in selector page (#10405) (00facf6)
• add programatic access to labels in Agama (#10313) (1e91d9b)
• config-api: agama download endpoint (#10463) (5bec96c)
• config-api: implemenetd agama repo endpoint and fixed user pwd validation for patch (#10373) (03d3529)
• jans-agama: update htmlunit (#10464) (3cc7c5a)
• jans-auth-server: access token lifetime from UpdateToken interception script has highest priority #9748 (#10379) (c2ef55d)
• jans-auth-server: added exp,nbf, and iat to UserInfo JWT (#10390) (c99a71a)
• jans-auth-server: allow to use openidSubAttribute for localAccountId for pairwise identifier look up #9696 (#10269) (5d72a06)
• jans-auth-server: introduced /.well-known/authzen-configuration endpoint (#10321) (efb7ab6)
• jans-auth-server: updated first party native authn implementation ( in backwards compatibility way) #10380 (#10442) (bc431fb)
• jans-cedarling: add logging cedarling version on start application (#10288) (20ed173)
• jans-cedarling: add support for Cedar schema action introspection (#10358) (ed0edb9)
• jans-cedarling: add well-known authzen configuration endpoint (#10435) (cc6fc7b)
• jans-cedarling: automatically add entity references into the context (#10387) (ed44ec0)
• jans-cedarling: Bootstrap support for JSON and YAML properties (#10216) (e7ffb08)
• jans-cedarling: implement loading policy store from CEDARLING_POLICY_STORE_URI (#10336) (ffe9f49)
• jans-cedarling: implement loading role from many JWT tokens (#10422) (8da040e)
• jans-cedarling: implement new bootstrap configs for JWT validation (#10306) (6d810a5)
• jans-cedarling: initialize flask sidecar (#10270) (46f9a51)
• jans-cedarling: pass entities data into the context (#10275) (e2e4f89)
• jans-cli-tui: user fido devices (#10305) (811d953)
• jans-fido2: major FIDO2 / Passkeys upgrade ProjectPasskeys (#10080) (e823bf7)
• jans-link: add ingress resource for jans-link (#10494) (2779a7e)
• jans-linux-setup: jans-fido2-model auth lib (#10468) (f99d870)
• jans-linux-setup: location of service scripts, config-api plugins (#10341) (7299fea)
• jans-linux-setup: Retreive Agama Lab project scripts (#10335) (26713a8)
• migrate and fix e-mail otp plugin (#10294) (d3f83cb)
• misc UI updates (#10278) (c0a6639)
• terraform-provider-jans: update terraform provider with latest API changes (#10485) (075650c)

Bug Fixes

• actions: microk8s action passing correct arguments (#10363) (a1517a0)
• assign nightly version (2dd3484)
• bom: deprecate commons-lang due to conflict with commons-lang3 (#10267) (396551e)
• bug if version passed is a tag (82694ca)
• cloud-native: applications are failing to start when prometheus metrics are enabled (#10459) (b293ebe)
• config-api: application status endpoint specification changes (#10203) (c49a0af)
• config-api: user password being displayed as clear text (#10441) (4e7c13b)
• config-api: user password patch fix (#10396) (0345f11)
• docker-jans-config-api: resolve path to external healthcheck script (#10450) (bef11a6)
• docker-jans-monolith: update scripts location (#10481) (45fe7a5)
• docs: autogenerate docs (#10232) (50e5957)
• jans-auth-server: lower possibility to get data loss during status index pool update #10284 (#10285) (16371ee)
• jans-auth: fido - #10445 modified the script and properties file for fido (#10446) (99285e9)
• jans-auth: fix client side jans-auth tests failures [#10212](https://git...

⚠ BREAKING CHANGES

• chore(charts)!: remove spanner support from Helm charts by @iromli in #10071
• chore(cloud-native)!: remove spanner support from OCI images by @iromli in #10070
• chore(jans-pycloudlib)!: remove couchbase support from pycloudlib by @iromli in #10129
• chore(cloud-native)!: remove couchbase support from OCI images by @iromli in #10132
• chore(charts)!: remove couchbase support from Helm charts by @iromli in #10138

What's Changed

• chore(jans-linux-setup) remove spanner db by @devrimyatar in #10068
• chore(charts)!: remove spanner support from Helm charts by @iromli in #10071
• fix(config-api): date filter fix by @pujavs in #10075
• chore(docs): docs remove spanner refs by @ossdhaval in #10076
• feat(jans-cedarling): improve error handling for JWKS responses by @rmarinn in #9982
• feat(jans-cedarling): ensure that all cedarling test fixture files are human-readable. by @djellemah in #10036
• feat(jans-config-api): adding allowSmtpKeystoreEdit property in admin-ui configuration by @duttarnab in #10091
• fix(jans-cli-tui): more verbose in smtp test response by @devrimyatar in #10090
• fix(jans-bom): define plugins in base parent project by @yurem in #10087
• fix(jans-orm): throw exception if table in DB is not exists by @yurem in #10096
• fix(jans-casa): primary button not changing color when customized via custom branding plugin by @mjatin-dev in #10084
• fix(jans-cli-tui): remove filePath when putting asset by @devrimyatar in #10107
• fix(jans-lock): fix broken link in lock docs by @yurem in #10110
• feat(jans-cedarling): add env variable for python by @SafinWasi in #10115
• chore(cloud-native)!: remove spanner support from OCI images by @iromli in #10070
• chore: upgrade javascript libraries to newer versions in HTML files by @mjatin-dev in #10108
• fix: remove unnecessary mount for k8s setup by @moabu in #10112
• docs(update): custom scripts docs update by @mmrraju in #10125
• chore(jans-pycloudlib)!: remove couchbase support from pycloudlib by @iromli in #10129
• fix(docs): fix docs link by @ossdhaval in #10123
• chore(jans-linux-setup): drop couchbase support by @devrimyatar in #10133
• fix(docs): remove Couchbase references by @ossdhaval in #10119
• chore(jans-cedarling): remove ipaddr by @SafinWasi in #10140
• ci: move jenkins operations to GH by @moabu in #10082
• chore(cloud-native)!: remove couchbase support from OCI images by @iromli in #10132
• feat(jans-cedarling): Implement check authorization principals based on the schema for action by @olehbozhok in #10126
• fix(jans-orm): update SQL ORM tests to conform latest JSON Filter API by @yurem in #10150
• fix(jans-link): add missing configuration providers by @yurem in #10124
• feat(jans-cedarling): update Trusted Issuers schema in the policy store by @rmarinn in #10141
• fix(jans-bom): update libs by @yurem in #10154
• fix(config-api): adding missing scope in spec and udated example of search field by @pujavs in #10156
• fix(jans-linux-setup): use sqlconnection instead of mysqlconnection by @devrimyatar in #10161
• chore(cloud-native): upgrade libs to reduce vulnerabilities by @iromli in #10168
• chore(charts)!: remove couchbase support from Helm charts by @iromli in #10138
• fix(jans-linux-setup): missing scopes of api-admin by @devrimyatar in #10162
• feat(jans-cli-tui): session management by @devrimyatar in #10164
• feat: implement native internationalization for Agama projects by @jgomer2001 in #10165
• ci: remove python3 ldap package by @moabu in #10172
• chore: adjust projects that use localization labels by @jgomer2001 in #10174
• feat(jans-cedarling): implement mapping JWT payload to cedar-policy entity by @olehbozhok in #10169
• refactor(jans-cedarling): relax JWT validation to allow optional claims by @rmarinn in #10173
• fix(jans-cli-tui): file type scripts by @devrimyatar in #10181
• chore(jans-pycloudlib): remove ldap references from pycloudlib by @iromli in #10177
• fix: admin-ui plugin should send appropriate message on expiry/ for inactive license. #10178 by @duttarnab in #10189
• User auth test by @yurem in #10191
• chore(jans-cedarling): update python example and docs by @SafinWasi in #10183
• feat(jans-auth-server): openID AuthZEN implementation by @yuriyz in #10197
• chore(release): release 1.1.6 by @moabu in #10201

Full Changelog: v1.1.5...v1.1.6