What's new in this release
...
- WSO2 Identity Server now supports Proof Key for Code Exchange (PKCE) for the OAuth 2.0 Authorization Code Grant Type. It is able to mitigate code interception attacks that may occur during authentication. See Mitigating Authorization Code Interception Attacks for more information.
- The WSO2 IS can now issue SAML 2.0 security tokens for WS-Federation (Passive). The previous version of the Identity Server was only capable of issuing SAML 1.1 tokens for the passive security token service. See Configuring WS-Federation Single Sign-On for more information.
- You now have the ability to configure OpenID Connect Single Logout as the WSO2 Identity Server now supports the OpenID Connect Session Management specification. This means that any relying party application can now monitor the session/login status of a user who has logged in through the WSO2 Identity Server and automatically logs out any end-users who have logged out. For more information about this feature, see Configuring OpenID Connect Single Logout.
The
UserStoreCountServiceis a new API supported by WSO2 Identity Server that you can use to take a count of the number of users or roles in the userstore. For more information on this API, see Counting Users and Roles with APIs.
...