Releases: hmcts/idam-web-public
v9.6.2
v9.6.1
Version 9.6.0
Bug Fixes and Azure Service Bus Integration
Release 9.6 is a minor iteration of the IDAM product that includes bug fixes and integration with Azure Service Bus.
New Features
- Azure Service Bus integration in idam-api (toggled off for this release)
- Extend Role Management API V2 with an endpoint for getting all roles
Deprecated / Removed Features
None
Functional Improvements
- Audit changes to user's names and status (in idam-api)
- Add locking to User Management API V2 endpoint for creating a user
Fixes
- Do not allow roles with members to be deleted
- Do not return an error code when loading a user that has an unknown role ID assigned to them
- Handle accout lockout datetime parsing errors in User Management APIs (v1 and v2)
- In the (unlikely) event of multiple users with the same SSO ID, do not process the request and throw an internal server error
Security Changes
None
Operational Improvements
- Allow up to 20KB headers for idam-api requests
Version 9.5.0
Changes to Judiciary Onboarding
Release 9.5 brings significant enhancements to the onboarding experience for Judicial users. Presently, during onboarding, Judicial users are asked to check their inbox for an activation email, follow a link, and create a password—a step rendered obsolete since they are now expected to exclusively use single sign-on and federated logins through ejudiciary.net when accessing CFT applications.
With this update, we're streamlining the onboarding journey by eliminating the redundant activation email and password creation step. The remaining onboarding process remains unchanged.
All the highlights of the Release are below. For more detailed technical change log, see 9.5 Technical Change Log.
New Features
None
Deprecated / Removed Features
- Bulk User Management API is discontinued
- Batch Status API is discontinued
Functional Improvements
- Remove activation emails for JOH onboarding
- Automatic detection of ID conflicts during the SSO journey
- Validation of stale user data on reinstation
- Hardened validation on user registration
Fixes
- Intermittent "412 Precondition Failed" in idam-access-config (when updating service accounts)
- Handle invalid activation tokens in InvitationByPin service
Security Changes
None
Operational Improvements
- Upgrade Spring Boot and other libraries
Version 9.4.0.1
Address CVE-2023-6378, CVE-2023-6481, and change renovate schedule.
Version 9.4.0
Release 9.4 is a minor release that addresses a number of technical debt issues, adds caching improvements, and introduces an endpoint for reinstating deleted archived accounts (to be consumed by the Retain&Dispose Team).
All the highlights of the Release are below. For more detailed technical change log, see 9.4 Technical Change Log.
New Features
- An API endpoint for reinstating an archived account
Deprecated / Removed Features
- PIN API
- Admin API V0
Functional Improvements
- Migrate caching in idam-api to caffeine
- Store user's names in invitations
- Make Invitations work for PIN uplifts
- Improved error handling in API V2
- Protect service accounts in User Management APIs
- Sort archived accounts in the Stale User API
- Add unique index on staleusers.username
Fixes
- NPE on IDAM API (LogAndAuditService)
- Get all stale users might not return user roles
Security Changes
None
Operational Improvements
- Confirm connectivity to ForgeRock AM and IDM for liveness and readiness
- Reduce logs - sample out noisy calls (/health, /assets, /o/userinfo, /details)
- Upgrade Appliciation Insights agents
- Upgrade Sprint Boot
- Upgrade Tomcat
- Upgrade various other libraries
- Pipeliine improvements for running test stages
Version 9.3.0.1
Address CVE-2023-31582, broken test and missing reports.
Version 9.3.0
No changes
Version 9.2.0.3
Version 9.2.0.2
Address CVE-2023-4586, upgrade base java chart.
Replace Divorce contact details with a web form.