/v/v1.13.0/ Recent content on INDIGO IAM Hugo -- gohugo.io en /v/v1.13.0/blog/2025/11/03/iam-v1.13.0/ Mon, 03 Nov 2025 00:00:00 +0000 /v/v1.13.0/blog/2025/11/03/iam-v1.13.0/ The IAM development team is pleased to announce the release of INDIGO IAM v1.13.0. The main feature of this release is the support for OpenID Federation, a new OIDC specification to federate OpenID Connect Providers (see specification),introduced as an experimental functionality. This release also provides bug fixes and enhancements, as can be seen in the release notes. The major highlights include: add user affiliation information into the home dashboard and tokens allow SCIM bulk operations allow to automatically provision accounts based on trusted external OIDC Providers support for custom JWT expiration during an access token request. /v/v1.13.0/blog/2025/08/04/iam-v1.12.1/ Mon, 04 Aug 2025 00:00:00 +0000 /v/v1.13.0/blog/2025/08/04/iam-v1.12.1/ The IAM development team is pleased to announce the release of INDIGO IAM v1.12.1. This release mainly provides bug fixes, as can be seen in the release notes. The major highlights include: fix MFA with external providers (experimental) fix x509 personal certificate handling validate the read-only registration fields. As usual, the IAM docker image can be obtained from DockerHub. /v/v1.13.0/blog/2025/05/30/iam-v1.12.0/ Fri, 30 May 2025 00:00:00 +0000 /v/v1.13.0/blog/2025/05/30/iam-v1.12.0/ The IAM development team is pleased to announce the release of INDIGO IAM v1.12.0. This release provides bug fixes and enhancements, as can be seen in the release notes. The major highlights include: integration of MFA with external OIDC, SAML and x509 providers (experimental) skip the IAM MFA phase if the providers already authenticated through the second factor improve logging of VOMS-AA operations allow for PATCH operation to replace groups in SCIM endpoint support for resource parameter during an authorization request assign oidc-agent clients ownership to whom approved it add an IAM READER role that gives read access to users and groups info As usual, the IAM docker image can be obtained from DockerHub. /v/v1.13.0/blog/2025/02/03/iam-v1.11.0/ Mon, 03 Feb 2025 00:00:00 +0000 /v/v1.13.0/blog/2025/02/03/iam-v1.11.0/ The IAM development team is pleased to announce the release of INDIGO IAM v1.11.0. The main feature of this release is the possibility to enable the Multi-Factor Authentication (MFA) through a button in the user homepage. This is an experimental feature and will be enhanced in future releases, based also on user feedback. The mfa Spring profile is used to enable MFA functionality. This release also provides bug fixes and enhancements, as can be seen in the release notes. /v/v1.13.0/blog/2024/09/27/iam-v1.10.2/ Fri, 27 Sep 2024 00:00:00 +0000 /v/v1.13.0/blog/2024/09/27/iam-v1.10.2/ The IAM development team is pleased to announce the release of INDIGO IAM v1.10.2. This release mainly provides bug fixes and enhancements, as can be seen in the release notes. The major highlight includes a stronger password quality check, which needs to meet the following criteria: at least 8 characters long include at least one uppercase letter include at least one lowercase letter include at least one number include at least one special character (e. /v/v1.13.0/blog/2024/08/22/iam-v1.10.1/ Thu, 22 Aug 2024 00:00:00 +0000 /v/v1.13.0/blog/2024/08/22/iam-v1.10.1/ The IAM development team is pleased to announce a fast release of INDIGO IAM v1.10.1. This release mainly provides bug fixes, as can be seen in the release notes. The fast release is motivated by the need of fixing the lifecycle user suspension. As usual, the IAM docker image can be obtained from DockerHub. /v/v1.13.0/blog/2024/08/07/iam-v1.10.0/ Wed, 07 Aug 2024 00:00:00 +0000 /v/v1.13.0/blog/2024/08/07/iam-v1.10.0/ The IAM development team is pleased to announce the release of INDIGO IAM v1.10.0. This release provides bug fixes and enhancements, as can be seen in the release notes. The major highlights include: E-mail notification for AUP reminder/expiration, account suspension/restoration and client disabled/enabled events Add a statistical endpoint which shows the number of IAM users Allow for a definition of a set of default groups, automatically linked to newly registered users Mandate the usage of a stronger user password (during the password reset step) Allow to set a property which disables any kind of IAM cache As usual, the IAM docker image can be obtained from DockerHub. /v/v1.13.0/blog/2024/06/19/iam-v1.9.0/ Wed, 19 Jun 2024 00:00:00 +0000 /v/v1.13.0/blog/2024/06/19/iam-v1.9.0/ The IAM development team is pleased to announce the release of INDIGO IAM v1.9.0. This release introduces new features, including: Administrators have the ability to disable a client VO members can re-sign the AUP whenever they choose Clients now have a last used property to find out when was the last time it was used It is now possible to add a nickname as an attribute during the registration process This release also provides bug fixes and enhancements, as can be seen in the release notes. /v/v1.13.0/blog/2024/03/25/iam-v1.8.4/ Mon, 25 Mar 2024 00:00:00 +0000 /v/v1.13.0/blog/2024/03/25/iam-v1.8.4/ The IAM development team is pleased to announce the release of INDIGO IAM v1.8.4. This release is mainly focused on the limitation of the client_credentials grant type, which can be set only by registered IAM users (admins or normal users) in a Client registration/update request. This release also provides bug fixes and enhancements, as can be seen in the release notes. As usual, the IAM docker image can be obtained from DockerHub. /v/v1.13.0/blog/2023/10/30/iam-v1.8.3/ Mon, 30 Oct 2023 00:00:00 +0000 /v/v1.13.0/blog/2023/10/30/iam-v1.8.3/ The IAM development team is pleased to announce the release of INDIGO IAM v1.8.3. This release provides bug fixes and enhancements, as can be seen in the release notes. The major highlights include: save an access token value as a hash and add missing foreign keys to the database because of this change, we strongly recommend to make a backup of your database before upgrading to v1.8.3. The migration will take an amount of time which will be proportional to the amount of currently active access tokens, which could be very long enable caching of scope matchers and of the contents of the well-known endpoint on a Redis server match custom scopes based on string equality fix CERN workflow for restored accounts fix authorization on IAM APIs such to avoid cases where access is granted to already approved scopes instead of effective token scopes. /v/v1.13.0/blog/2023/06/05/iam-v1.8.2/ Mon, 05 Jun 2023 00:00:00 +0000 /v/v1.13.0/blog/2023/06/05/iam-v1.8.2/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.8.2. This release provides bug fixes and enhancements, as can be seen in the release notes. The major highlights include: addition of new admin scopes in order to access IAM API endpoints an administrator access token is not enough to have full access to IAM API endpoints; iam:admin.read and iam:admin.write scopes are required Spring-Boot update to version 2. /v/v1.13.0/blog/2023/02/28/iam-v1.8.1/ Tue, 28 Feb 2023 00:00:00 +0000 /v/v1.13.0/blog/2023/02/28/iam-v1.8.1/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.8.1. This release provides bug fixes and enhancements, as can be seen in the release notes. The major highlights are: Add a Scopes tab to the Organization Management section of the IAM dashboard, that basically replaces the functionality of the System Scope tab on the ADMINISTRATIVE section of the MitreID dashboard (only visible by Admins); Add a Managed groups tab to the Organization Management section of the IAM dashboard (visible by Group Managers), that allows to list the groups a user is manager of, their subgroups, their members, etc. /v/v1.13.0/blog/2022/09/09/iam-v1.8.0/ Fri, 09 Sep 2022 00:00:00 +0000 /v/v1.13.0/blog/2022/09/09/iam-v1.8.0/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.8.0. This release provides many bug fixes and enchancements, but the major highlightes are: Spring Boot migration to 2.6.6 version and Flyway upgrade to 7.15.0 version New clients management and registration pages on IAM dashboard migrated away from MitreID New consent page in IAM migrated away from MitreID Support for JWT-based client authentication Compliance with some AARC guidelines, in particular G025 for expressing affiliation information and G021 on the exchange of specific assurance information between Infrastructures Persistence layer migrations for Multi-Factor Authentication support Significant changes and other details are described in the release notes. /v/v1.13.0/blog/2021/12/03/iam-v1.7.2/ Fri, 03 Dec 2021 00:00:00 +0000 /v/v1.13.0/blog/2021/12/03/iam-v1.7.2/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.7.2. This release paves the way for the upgrade to v1.8.0 which will provide an update of the core Spring dependencies IAM is built upon. In order to enable a smooth transition without requiring manual interventions from deployers, we need to issue an intermediate release that just updates the version of the flyway library that is used to manage the database schema updates. /v/v1.13.0/blog/2021/09/13/iam-v1.7.1/ Mon, 13 Sep 2021 00:00:00 +0000 /v/v1.13.0/blog/2021/09/13/iam-v1.7.1/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.7.1. This release fixes a problem introduced in v1.7.0 of the IAM test client application released last week that prevented its correct behaviour. Also starting with this release IAM test client does not expose received tokens in the default configuration. In order to restore the previous behaviour, set the following envirnoment variable: IAM_CLIENT_HIDE_TOKENS=false or, in the application.yml file use: /v/v1.13.0/blog/2021/09/07/new-iam-website/ Tue, 07 Sep 2021 00:00:00 +0000 /v/v1.13.0/blog/2021/09/07/new-iam-website/ The IAM website and documentation has moved, and if you’re reading this you already know. The new IAM website is powered by Docsy, a Hugo theme for creating technical documentation sites, which is increasingly popular in Open Source projects. The new site provides new and improved documentation. If you find something is missing or broken, let us know by opening an issue or suggest changes. The new Docsy website makes this very easy to anyone with a Github account, just see the tab on the right of each page. /v/v1.13.0/blog/2021/09/07/iam-v1.7.0/ Tue, 07 Sep 2021 00:00:00 +0000 /v/v1.13.0/blog/2021/09/07/iam-v1.7.0/ The IAM development team is pleased to announce the release of INDIGO IAM v.1.7.0. This release provides many bug fixes and enhancements, as can be seen in the release notes. The highlights of this release are: Scalability improvements: the group membership persistence management has been refactored to improve scalability; SCIM APIs have also been changed to support pagination over group members (see the new SCIM API documentation for more information); Improved token exchange flexibility: token exchange can now be controlled in more detail using scope and token exchange policies; SSH key management: IAM now allows users to link SSH keys to their account; ssh keys are then exposed to relying parties either via the SCIM APIs or via the OpenID connect userinfo endpoint; see the documentation. /v/v1.13.0/docs/older-releases/ Mon, 01 Jan 0001 00:00:00 +0000 /v/v1.13.0/docs/older-releases/ Older documentation versions The following documentation versions are no longer actively maintained: v1.9.0 → https://indigo-iam.github.io/v/v1.9.0 v1.8.4 → https://indigo-iam.github.io/v/v1.8.4 v1.8.3 → https://indigo-iam.github.io/v/v1.8.3 v1.8.2 → https://indigo-iam.github.io/v/v1.8.2 v1.8.1 → https://indigo-iam.github.io/v/v1.8.1 v1.8.0 → https://indigo-iam.github.io/v/v1.8.0 v1.7.2 → https://indigo-iam.github.io/v/v1.7.2 v1.7.1 → https://indigo-iam.github.io/v/v1.7.1 v1.7.0 → https://indigo-iam.github.io/v/v1.7.0 from v1.1.0 to v1.6.0 (previous web site) → https://indigo-iam.github.io/docs/v/current /v/v1.13.0/search/ Mon, 01 Jan 0001 00:00:00 +0000 /v/v1.13.0/search/