Release Notes
This public release contains the definition and documentation of:
- "Identity and Consent Management" 0.4.0
The content of the release includes the "Identity And Consent Management" approved deliverables in documentation folder.
Added
- Mandatory fields in signed Authorization Code Flow request objects by @AxelNennker & @garciasolero in #285
- New JWT Bearer Flow specification in addition to the three previously supported flows: Authorization Code Flow, CIBA and Client Credentials by @jpengar, @AxelNennker & @subha5h in #294
- Statement of future adoption of OAuth 2.1 by @jpengar in #303
- Recommended value for the audience field of signed authentication requests for CIBA by @mhfoo in #306
Changed
- Further alignment of
CAMARA-API-access-and-user-consent.mdwith CAMARA terms and definitions by @jpengar in #280 - Update request object errors by @garciasolero in #287
- Clarify protocols for CAMARA API access by @AxelNennker in #281
- Document when Authorization Code Flow is applicable with regards to involved devices by @Elisabeth-Ericsson in #256
- CIBA Flow descriptions to further clarify the Authentication request authorization process with regard to User privacy by @jpengar & @AxelNennker in #293
- Clarify and generalize login_hint usage to include Operator and Temporary Tokens (TS.43) in the ICM documentation by @AxelNennker in #297
- Client assertion audience clarification for CIBA by @jpengar in #302
Fixed
- Fix typo autenticate -> authenticate by @AxelNennker in #274
- Update the references to the OAuth 2.0 Security Best Practices (RFC 9700) by @AxelNennker in #263
- Consistent consent check statement in Authorization Code Flow and CIBA by @shilpa-padgaonkar in #305
Removed
N/A
Full Changelog: r2.3...r3.3
Contributors
garciasolero, jpengar, and 4 other contributors