What's Changed

• chore: hotfix cedarling 1.13.0 by @moabu in #12377
• chore: revert 1.13.0 to nightly by @moabu in #12386
• fix(config-api): agama deployment metadata type fix for deployment by @pujavs in #12374
• refactor(jans-linux-setup): remove jans-kc-link by @devrimyatar in #12375
• feat(core): update jython to v2.7.4 by @yurem in #12394
• fix(cloud-native): add missing jans-lock policy by @iromli in #12402
• feat(jans-auth-server): adding interception script for PAR #10556 by @yuriyz in #12334
• fix(setup): fix jython repository by @yurem in #12410
8000
• fix(jans-config-api): inum of duplicate scopes by @devrimyatar in #12411
• fix(jans-auth-server): swagger yaml has bad identation #12422 by @yuriyz in #12423
• docs(config-api): swagger spec update for agama deployment endpoint by @pujavs in #12421

Full Changelog: v1.13.0...nightly

What's Changed

• chore(main): release 1.11.0 by @mo-auto in #12137
• feat: expose API to manage user tokens by @jgomer2001 in #12144
• chore: revert to nightly by @moabu in #12148
• feat(jans-linux-setup): add add password grant type to scim client for testing by @devrimyatar in #12142
• chore: update ZK repo and version by @jgomer2001 in #12154
• fix(jans-cli-tui): Admin UI Roles by @devrimyatar in #12162
• build: jackrabbit version change by @pujavs in #12165
• fix(jans-cli-tui): error saving auth logging by @devrimyatar in #12172
• (jans-fido2): removed unused fields and fix the typo issue by @imran-ishaq in #12048
• fix(config-api): ssa delete endpoint and fix to admin-ui-permission delete endpoint by @pujavs in #12174
• feat(jans-pycloudlib): add low-level support for SSL persistence connection by @iromli in #12194
• feat(jans-linux-setup): PostgreSQL SSL support by @devrimyatar in #12195
• feat(config-api): scope update for ssa endpoint by @pujavs in #12191
• feat(cloud-native): add support for SSL connection to persistence by @iromli in #12198
• feat(jans-linux-setup) ssl settings for postgresql by @devrimyatar in #12200
• chore: release 1.12.0 by @moabu in #12205
• chore(main): release 1.12.0 by @mo-auto in #12212
• feat(jans-fido2): add comprehensive data model for the performance me… by @imran-ishaq in #12143
• fix: 1.12.0 hotfix by @moabu in #12217
• fix(jans-fido2): resolved schema issue by @imran-ishaq in #12238
• chore: revert from 1.12.0 to nightly by @moabu in #12265
• chore(deps): bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.3 to 3.1.4 in /jans-scim by @dependabot[bot] in #12005
• fix(jans-linux-setup): always set user agent to Mozilla while downloading by @devrimyatar in #12261
• chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 in /jans-scim by @dependabot[bot] in #12006
• feat(jans-auth-server): added jwt-bearer grant type #11979 by @yuriyz in #12098
• fix(cloud-native): fix sql-ssl secret volume permissions by @misba7 in #12275
• Cedarling diagram update by @nynymike in #12270
• fix(docs): broken link in the Rich Authorization Requests #12236 by @The-D-007 in #12239
• fix(jans-cli-tui): agama projects github response by @devrimyatar in #12305
• chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.4.0 to 4.9.6.0 in /jans-casa by @dependabot[bot] in #12188
• feat(jans-auth-server): Added DPoP Proof Replay mitigation(s) #2117 by @yuriyz in #12304
• fix(jans-fido2): fix persistence entity manager issue by @imran-ishaq in #12313
• chore(deps): bump bc.version from 1.80 to 1.82 in /jans-casa by @dependabot[bot] in #12310
• fix(docs): remove unwanted content from Using CLI/TUI document #12216 by @The-D-007 in #12220
• fix(docs): broken link in the cedarling getting started #12231 by @The-D-007 in #12272
• fix(docs): broken link in the Janssen's FIDO2 server #12235 by @The-D-007 in #12277
• chore: update jans source version by @moabu in #12323
• chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.4.0 to 4.9.6.0 in /jans-scim by @dependabot[bot] in #12189
• chore(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0 in /jans-scim by @dependabot[bot] in #12293
• chore(deps): bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to 3.9.0 in /jans-scim by @dependabot[bot] in #12317
• feat(charts): update hpa apiVersion to autoscaling/v2 by @misba7 in #12319
• fix(jans-linux-setup): agama projects github response by @devrimyatar in #12326
• fix(jans-cedarling): Fix broken Cedarling build by @olehbozhok in #12328
• fix(jans-linux-setup): jans command linked to /usr/sbin by @devrimyatar in #12339
• fix: references of using the wrong whl in flask cedarling by @moabu in #12336
• fix(cloud-native): avoid saving keySelectionStrategy config multiple times by @iromli in #12342
• feat(core): disable logging service log level updates if by @yurem in #12348
• fix(docs): broken link in the Cedarling logs #12232 by @The-D-007 in #12273
• jans(lock): implement cedarling protection support by @yurem in #12352
• fix(lock): sync policy scope name by @yurem in #12359
• docs(jans-cedarling): update sidecar instructions by @SafinWasi in #12345
• feat: update terraform provider by @moabu in #12362
• chore: prepare release for 1.13.0 by @moabu in #12367

Full Changelog: v1.11.0...v1.13.0

Known Issues

• Agama project uploads via TUI/CLI

What's Changed

• chore(main): release 1.11.0 by @mo-auto in #12137
• feat: expose API to manage user tokens by @jgomer2001 in #12144
• chore: revert to nightly by @moabu in #12148
• feat(jans-linux-setup): add add password grant type to scim client for testing by @devrimyatar in #12142
• chore: update ZK repo and version by @jgomer2001 in #12154
• fix(jans-cli-tui): Admin UI Roles by @devrimyatar in #12162
• build: jackrabbit version change by @pujavs in #12165
• fix(jans-cli-tui): error saving auth logging by @devrimyatar in #12172
• (jans-fido2): removed unused fields and fix the typo issue by @imran-ishaq in #12048
• fix(config-api): ssa delete endpoint and fix to admin-ui-permission delete endpoint by @pujavs in #12174
• feat(jans-pycloudlib): add low-level support for SSL persistence connection by @iromli in #12194
• feat(jans-linux-setup): PostgreSQL SSL support by @devrimyatar in #12195
• feat(config-api): scope update for ssa endpoint by @pujavs in #12191
• feat(cloud-native): add support for SSL connection to persistence by @iromli in #12198
• feat(jans-linux-setup) ssl settings for postgresql by @devrimyatar in #12200
• chore: release 1.12.0 by @moabu in #12205
• chore(main): release 1.12.0 by @mo-auto in #12212
• feat(jans-fido2): add comprehensive data model for the performance me… by @imran-ishaq in #12143
• fix: 1.12.0 hotfix by @moabu in #12217

Full Changelog: v1.11.0...v1.12.0

1.11.0 (2025-09-11)

Features

• config-api: audit for config-api endpoint (#11895) (5088857)
• config-api: endpoint to return table info (#11866) (bd94675)
• config-api: lock and fido2 config and scim audit changes (#12107) (cb004f8)
• increase the validity period of tokens in tarp to one day (#11900) (8b0195e)
• jans-auth-server: added cookie interception script #366 (#11975) (aa47c7f)
• jans-auth-server: created interception script for Logout Status JWT #11250 (#11930) (19728e0)
• jans-auth-server: provided configuration for changing case-sensitivity of FAPI response #11394 (#12018) (e388493)
• jans-auth-server: updates to Audience Values for OAuth 2.0 Authorization Servers #11842 (#11851) (e71c35b)
• jans-auth: add type prefixes to each keys which application stores in cache #11565 (#11871) (0a4fe05)
• jans-auth: handle gzip compressed token responses (#12052) (cbde4d6)
• jans-cedarling: Support default_entities in policy_stores (#11936) (0ea7511)
• jans-cedarling: use hashes for ID in fields (#10853) (5c9423a)
• jans-cli-tui: audit log tab for Config Api (#11931) (992a9cc)
• jans-config-api: restore jans-config-api plugins jans-link-plugin (#11912) (2941a9f)
• jans-config-api: ssa revoke endpoint should be created in config-api (#12134) (e0cbefc)
• jans-core: update jetty to 12.0.25 (#12075) (9781cdb)
• jans-linux-setup: add scim user tokens scope (#12136) (e6c0dc9)
• jans-linux-setup: redirecting errors on stderr for the scheduler (#12013) (b00469b)
• offer a way to easily copy the tokens to clipboard (#11949) (053d95e)

Bug Fixes

• add no gorn mode (#12011) (46fc7c4)
• cloud-native: error running kc-jans-scheduler (#12053) (86c2fed)
• cloud-native: invalid pathType when nginx ingress controller uses strict-validate-path-type config (#11911) (ba6f74b)
• config-api: asset endpoint fix for uplaod and fetch (27f800a)
• config-api: asset endpoint fix for upload and fetch (#12039) (27f800a)
• css style for paragraph rendering (#12014) (e3fd6ee)
• docs: fix broken links issue (#11902) (7b94ab4)
• docs: fix formatting in Jans README (#11938) (4766343)
• docs: fix person authentication docs url issue (#12103) (600bbce)
• docs: fix person authentication url issue (600bbce)
• docs: Fix script link issue (7b94ab4)
• docs: include benchmark doc link (#11987) (2b3663a)
• docs: Lock Server Docs Update (#12032) (c666eb9)
• docs: merge the Cedarling quick start guides (#11872) (1686099)
• docs: remove doc readme (df7184e)
• docs: remove duplicate interception-scripts file (83ac957)
• docs: remove duplicate interception-scripts readme file (#11963) (83ac957)
• docs: remove unused README (#12104) (df7184e)
• docs: update `application-session (79e71b5)
• docs: update `readmeformat (4766343)
• docs: update doc SMTP configuration in TUI section (#12105) (0229a6d)
• docs: update endpoint file title (#11962) (34356f4)
• docs: update java Cedarling docs (#12102) (66c9d3e)
• docs: update java doc (66c9d3e)
• docs: update link to the script location (#11940) (79e71b5)
• docs: update TARP installation instructions (#11856) (41d08d9)
• ignore trailing slash of issuer (5fc0ed5)
• jans-auth-server: acr mappings (alias) does not work if acr comes from request object's "claims/id_token" ([#12060](htt...

1.9.0 (2025-07-25)

Features

• add check to prevent unsigned user-info jwt in the role_based_scopes_update_token script (Admin UI) (#11724) (52c4682)
• add the mandatory permissions for default roles in Admin UI (#11711) (9a56669)
• added essentialPermissionInAdminUI attribute to AdminPermission object (#11714) (d945703)
• cloud-native: add the mandatory permissions for default roles in Admin UI (#11739) (7831887)
• config-api: audit for config-api endpoints (#11760) (be52530)
• config-api: logs to indicate password related activity (#11791) (838686b)
• jans-auth-server: deprecated /revoke_session endpoint (it duplicates Global Token Revocation functionality) #11470 (#11801) (d7178aa)
• jans-auth-server: improved SessionIdService - added option to load session without local copy #11366 (#11761) (4510bd2)
• jans-auth-server: small improvement of ssa doc #11736 (#11737) (7a6af91)
• jans-auth: exclude htmlunit-* dependencies from final artifacts (#11830) (1c17b6d)
• jans-auth: fix client_registration script imports (#11705) (8b75934)
• jans-cedarling: add maven javadocs plugin in java binding (#11745) (f68e936)
• jans-cedarling: add support for the optional SSA JWT (#11653) (902f9d0)
• jans-cedarling: implement JWT status list validation (#11520) (f2e7f29)
• jans-cedarling: output cedar annotations when there are any policy failures (#11588) (0714a17)
• jans-config-api: add cedarlingLogType attribute in Admin UI configuration (#11755) (d4da957)
• jans-config-api: add endpoint to reset license details in Admin UI configuration (#11786) (56df1e6)
• jans-config-api: update OpenApi specs for Admin UI plugin (#11729) (4dc0c9a)
• jans-fido2: Add unit tests for attestation controller for handling missing username, invalid origin, and challenge, with successful register and verify scenarios. (ca68fd0)
• jans-linux-setup: add Debian 13 MySQL support (#11759) (7fbcd10)
• jans-linux-setup: create clients takes all possible arguments (#11770) (eca4b0c)
• jans-linux-setup: debian 13 support for internal use (#11685) (7b6e25b)
• jans-orm: add method to return internal information about tables (#11695) (7039b74)
• update OpenApi specs for Admin UI plugin (4dc0c9a)

Bug Fixes

• add defeat the gorn (5ed2dcd)
• config-api: user name validation modification (#11776) (45386c1)
• doc: added default values for sessionId related properties to avoid confusion (#11781) (0894860)
• docs: add documentation for configuration and session management (#11091) (0184771)
• docs: add note on config refresh behavior in TUI (#11789) (b237d19)
• docs: add upgrade note about manual custom script updates (#11719) (8a6e3db)
• docs: docs fix cedarling propertie link issue (aaa4eb9)
• docs: docs fix Sample Scripts link issue (bf617a3)
• docs: docs fix sample scripts link issue (#11779) (bf617a3)
• docs: docs update jans readme (#11687) (bf42440)
• docs: fix Cedarling property link issue (#11780) (aaa4eb9)
• docs: fix incorrect link in Jans Casa docs (#11798) (ec9a3a9)
• docs: remove attribute page (00e0b2d)
• docs: remove config-api attribute page (#11722) (00e0b2d)
• docs: remove converting data (e729c89)
• docs: remove the link to the converting data document from left nav (#11720) (e729c89)
• docs: reorganise supported OS versions for VM installation (#11679) (329a113)
• docs: update supported OS versions (329a113)
• docs: update testing document with Poetry installation instructions (#11681) (e609156)
• jans-auth-server: set sub claim to client identifier for "client credentials grant" for AT as JWT #11413 (#11778) (60373a7...

1.8.0 (2025-06-24)

Features

• charts: add nodeSelector spec (#11495) (90409f8)
• cloud-native: introduce Logout Status JWT (#11626) (6f5fe8f)
• cloud-native: introduce session_jwt=true at Authorization Endpoint and Session JWT Status List Endpoint (#11477) (5ae709f)
• config-api: scope search to include scopeType (#11607) (b77b72d)
• config-api: use orm method to provide persistence metadata (#11509) (dbdc1bd)
• config-api: use orm method to provide persistence metadata #11459 (#11473) (736d7f6)
• improve the display of cedarling result (#11552) (5ec5268)
• jans-auth-server: introduce session_jwt=true at Authorization Endpoint and Session JWT Status List Endpoint #11229 (#11251) (6b45f51)
• jans-auth-server: introduced Logout Status JWT #11468 (#11505) (92796fb)
• jans-auth: allow to override HttpService2 connection manager setting (54c547a)
• jans-auth: allow to override HttpService2 connection manager settings (#11586) (54c547a)
• jans-auth: update owasp (#11610) (bda24dc)
• jans-cedarling: implement sending logs to the lock server (#11161) (9330821)
• jans-cedarling: improve error message if json parsing of policy store failed (#11508) (4904d90)
• jans-cedarling: jans cedarling java binding (#11441) (da5423f)
• jans-cedarling: upgrade jna in cedarling-java binding (#11614) (aa45972)
• jans-cli-tui: display build date and build versions (#11539) (59415c8)
• jans-cli-tui: load agama community projects in 20 mins interval (#11627) (44873e0)
• jans-cli-tui: required property for attribute (#11593) (6b8c7a9)
• jans-config-api: update the license API url called from config-api (Admin UI Plugin) (#11559) (c8b7437)
• jans-core: added diagnostic to java compiler (#11562) (99bd129)
• jans-linux-setup: optional rdbm db schema (#11503) (f516bbc)
• jans-orm: add method to provide persistence metadata (#11450) (a066fcf)
• jans-orm: implement solution to import hashed passwords (7518dca)
• jans-orm: implement solution to import hashed passwords (#11601) (d8f5faa)
• jans-script: add sample Argon2 Persistence Ezxtension script (#11521) (3e2593f)
• jans-tui: added Jans-Client header (#11594) (13bd6c1)
• jans=-script: add sample Argon2 Persistence Ezxtension script (3e2593f)
• orm: fetch databaseName for PersistenceMetadata (#11485) (f9ffcac)
• orm: fix doc file (#11494) (0e71ad6)
• orm: fix doc file (#11497) (76d8f1d)
• orm: support password hashing using Argon2 (#11465) (5d48b27)
• orm: support password hashing using Argon2 (#11481) (47549af)
• update tf build docs (#11632) (c9f37dd)
• update the license API url called from config-api (Admin UI Plugin) (c8b7437)

Bug Fixes

• ConfigApi access to endpoint without scope verification (92eea4d) 🔒
• build_cedarling_uniffi job in github workflow is failing (355cb2a)
• charts: invalid template function calls when using AWS secrets manager (#11467) (6a114a6)
• config-api: Scope filter based on fieldValuePair (#11528) (560f7a3)
• config-api: Scope filter based on fieldValuePair #11524 (560f7a3)
• docs: Add Cedarling Technical Overview doc (d04336d)
• docs: add appropriate title to the document (#11579) (2907197)
• docs: add Cedarling technical overview doc (#11581) (d04336d)
• docs: correct jans api swagger reference (#11474) (7072a83)
• docs: remove overview title (2907197)
• docs: update release urls to point to latest Janssen release (#11557) ([d13b291](https://github.com/JanssenProject/jans/co...

1.7.0 (2025-05-20)

Features

• jans-auth-server: added refresh token lifetime to Token Endpoint response #11400 (#11414) (00d7c88)
• jans-cedarling: update plugin to use binding (#11356) (c61ef53)
• jans-cli-tui: ssa templates (#11368) (ed18096)
• jans-core: add jakarta.mail for TLS support (#11428) (8cf6b68)
• jans-lock: try to reload /.well-known/openid-configuration on f… (#11392) (00e2257)
• jans-lock: try to reload /.well-known/openid-configuration on failure (00e2257)
• use cedarling uniffi kotlin binding in java project (#11336) (067b3c1)

Bug Fixes

• docs: add Config API OpenAPI Spec generation at build time (#11407) (70277c5)
• docs: add sections to place ADRs and design decisions (#11380) (4c0db93)
• docs: refactor development docs to add content from Wiki (#11409) (71d133f)
• docs: update curl instructions for jans config api (#11415) (39b6b82)
• jans-cedarling: fix logs in jwt module not getting displayed correctly (#11369) (e856545)
• jans-cli-tui: array type in auth properties (#11399) (6e4d7e4)
• jans-cli-tui: object type configuration properties (#11391) (7cf13a1)
• mail dependencies (#11426) (58c02b0)
• remove version_name attribute from manifest.json (#11387) (0febbd9)

Miscellaneous Chores

• prepare release 1.7.0 (#11432) (13e4c41)

1.6.0 (2025-05-08)

Bug Fixes

• fix(jans-linux-setup): pass -n to setup.py when invoked by -yes by @devrimyatar in #11180
• fix(docs): fix image paths in SAML SSO document by @ossdhaval in #11183
• fix(docs): add missing script to index by @yurem in #11186
• fix(jans-auth-server): Access Token from and OIDC flow should not contain the code #11181 by @yuriyz in #11197
• docs(jans-cedarling): improve cedarling docs by @rmarinn in #11193
• docs(jans-cedarling): new quickstart using tarp by @SafinWasi in #11004
• chore: release nightly by @moabu in #11213
• feat(jans-auth-server): add none client authentication support to PAR endpoint #10573 by @yuriyz in #11201
• feat: add ability to use cedarling authz before and after authentication by @duttarnab in #11203
• fix(jans-cedarling)!: role entity not being created in the unsigned interface by @rmarinn in #11176
• fix(docs): proofread and update the Cedarling quick start guide by @ossdhaval in #11210
• fix(docs): proofread and update the TBAC Cedarling quick start guide by @ossdhaval in #11214
• fix(docs): 7F2 update titles for the Cedarling quick start guides by @ossdhaval in #11220
• Update rhel.md for sha command update by @manojs1978 in #11189
• feat: refactor tarp to adjust with security changes in chrome browser by @duttarnab in #11232
• feat(jans-linu 103CE x-setup): support for cleanUpInactiveClientAfterHoursOfInactivity for clients by @devrimyatar in #11231
• chore(deps): bump blazemeter/taurus from 1.16.38@sha256:5bb39436180f7c769e00140b781bb1054a1eb4592dd9b82f76dcde470811bf39 to sha256:aa22ab6b42d24ec87ea9f68e4d6db9118619eecf69db76c1c0711f3515897780 in /demos/benchmarking/docker-jans-loadtesting-jmeter by @dependabot in #11238
• fix(jans-cedarling): entity builder not finding the 'iss' entity by @rmarinn in #11235
• bug(jans-cedarling)!: Fix all tokens_metadata to token_metadata by @olehbozhok in #11215
• feat(jans-auth-server): add configurable way to put user claims to session attributes #9625 by @yuriyz in #11219
• fix: validate license configuration in the database when fetching license details from Agama Lab server upon expiry (Admin UI) by @duttarnab in #11245
• fix(jans-pycloudlib): resolve schema error caused by marshmallow upgrades by @iromli in #11247
• fix: remove ID from profile instead of nullify it by @jgomer2001 in #11253
• chore(cloud-native): sync jans-pycloudlib to handle marshmallow library API changes by @iromli in #11255
• feat: rename jans-tarp project to janssen-tarp by @duttarnab in #11249
• chore: updgrade nimbus so json-smart is bumped to 2.5.2 by @jgomer2001 in #11264
• chore(jans-cedarling): add post to cedar schema by @SafinWasi in #11227
• [Snyk] Security upgrade io.swagger.core.v3:swagger-core-jakarta from 2.2.7 to 2.2.11 by @mo-auto in #11166
• build(config-api): lib version to resolve vulnerabilities by @pujavs in #11262
• feat(core): update resteasy to new version by @yurem in #11269
• Update resteasy by @yurem in #11273
• fix(jans-cedarling): fix usage outdated field resource_type by @olehbozhok in #11266
• fix(bom): use right jakarta.ws.rs-api version by @yurem in #11278
• feat(jans-cedarling): Optimize Cedar libraries size by @olehbozhok in #11281
• fix(jans-cedarling): fix docs bootstrap properties, remove redundant property by @olehbozhok in #11275
• fix(bom): deprecate jackson-module-jaxb-annotations by @yurem in #11286
• fix(bom): deprecate jackson-module-jaxb-annotations by @yurem in #11287
• fix(core): fix ClassNotFoundException XmlElement exception by @yurem in #11293
• fix(cloud-native): demo scripts fail to deploy cluster due to python externally-managed-environment error by @iromli in #11290
• feat(jans-cedarling): add some logging msgs for jwt service startup by @rmarinn in #11178
• feat: add field reset button in cedarling authz form by @duttarnab in #11260
• fix: update terraform provider docs and API calls by @moabu in #11301
• feat(jans-cli-tui): splash screen by @devrimyatar in #11298
• feat: allow linking to occur in a popup by @jgomer2001 in #11305
• fix(config-api): custom script creation failing #11307 by @pujavs in #11308
• Jans linux setup jetty 12 11276 by @devrimyatar in #11295
• fix(jans-cli-tui): add pylib to path before importing promptoolkit by @devrimyatar in #11313
• feat(jans-cedarling): go binding for cedarling by @olehbozhok in #11239
• fix(jans-linux-setup): jetty.sh script waits service started by @devrimyatar in #11319
• feat(jans-auth): add missing erver side tests dependecy by @yurem in #11315
• Lock api by @yurem in #11317
• Auth deps by @yuremm in #11321
• feat(jans-config-api): disable jetty ee9-jsp module in jans-config-api by @yurem in #11324
• chore(deps): bump setuptools from 70.0.0 to 80.1.0 in /docs by @dependabot in #11327
• chore(deps): bump blazemeter/taurus from 1.16.40 to 1.16.41 in /demos/benchmarking/docker-jans-loadtesting-jmeter by @dependabot in #11302
• chore(deps): bump docker/setup-qemu-action from 5306bad0baa6b616b9934712d4eba8da2112606d to 737ba1e397ec2caff0d098f75e1136f9a926dc0a by @dependabot in #11283
• chore(deps): bump actions/setup-python from 5.0.0 to 5.6.0 by @dependabot in #11282
• chore(deps): bump sigstore/cosign-installer from 3.5.0 to 3.8.2 by @dependabot in #11270
• fix(jans-fido2): #11331 minor edits by @maduvena in #11332
• chore: misc casa image updates by @jgomer2001 in #11334
• docs: add cedarling rust docs by @moabu in #11311
• chore(deps): bump org.quartz-scheduler:quartz from 2.3.2 to 2.5.0 in /jans-casa by @dependabot in #10206
• chore(deps): bump commons-io:commons-io from 2.17.0 to 2.19.0 in /jans-casa by @dependabot in #11217
• fix: fix the android and iOS sample app based on changes in cedarling uniffi binding by @duttarnab in #11294
• chore(deps): bump org.apache.maven.plugins:maven-clean-plugin from 2.5 to 3.4.1 in /jans-casa by @dependabot in #10903
• chore(deps): bump org.apache.maven.plugins:maven-war-plugin from 2.3 to 3.4.0 in /jans-casa by @dependabot in #9985
• chore(deps): bump org.apache.maven.plugins:maven-resources-plugin from 2.6 to 3.3.1 in /jans-casa by @dependabot in #9996
• chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 2.1.1 to 3.21.0 in /jans-casa by @dependabot in #10064
• chore(ci): SBOM enrichment and upload as a release asset by @ossdhaval in #11267
• feat(cloud-native): upgrade to Jetty 12 by @iromli in #11297
• fix(jans-cedarling): switch cedarling instance to pointer by @SafinWasi in #11338
• fix(core): fix unable to decorate com.sun.faces.config.ConfigureListener by @yurem in #11345
• feat(jans-link): turn off Weld dev mode in production by @yuremm in #11347
• fix(charts): missing feature of jans-keycloak-link by @iromli in #11257
• fix(jans-cli-tui): include jans-logo.txt in package by @devrimyatar...

1.5.0 (2025-04-04)

⚠ BREAKING CHANGES

• jans-cedarling: move TOKEN_CONFIGS into the token_metadata schema (#10972)

Features

• Refactor Link Interception Script ([#11144])(15a44bc)
• add ability to decode token jwt so that users can check claims in payload (#10930) (a88aab3)
• add ability to show decision, system and metric logs in tarp based on user selection (#10917) (4df25f0)
• add ability to to use cedarling authorize_unsigned in tarp (#11147) (3185a89)
• add tolerations (03ae383)
• add tolerations to helm charts (#11100) (03ae383)
• admin-ui should only make monthly request agama-lab to validate license (#10966) (3647fe8)
• apply password policy to set/reset password (#11149) (52f0f47)
• charts: cloudtools integration with Helm charts (#11102) (5739aa3)
• cloud-native: create utility image to run commands for cluster (#10987) (51e175c)
• code refactoring for UI improvement in tarp (#11151) (123e62f)
• docs: session management (#11098) (d3fcf8b)
• jans-auth-server: do not return claim in introspection response if it's null. #10865 (#10877) (eb3de16)
• jans-auth-server: introduce rate limit support for DCR (#10991) (6a1ccce)
• jans-auth-server: make all ssa attributes optional during creation #10858 (#10896) (a01b1ca)
• jans-auth-server: rate limit - use guava cache to auto-expire buckets during high load #11054 (#11059) (01a0a9f)
• jans-auth-server: removed CleanerTimer from AS (replaced by independent clean service) (#11096) (bb51848)
• jans-auth-server: requirePkce configuration property on client level (#10962) (4cda61c)
• jans-auth-server: set expiration to the past (to clean up) on SSA revoke #10916 (#10939) (8c460ca)
• jans-cedarling: add alias to load key policy_store_version` (#10893) (21e4acc)
• jans-cedarling: add an example that runs profiling (#10979) (dc38e10)
• jans-cedarling: Add bootstrap properties of memory logger max_items and max_item_size (#10924) (2189094)
• jans-cedarling: create uniffi binding for cedarling with sample ios app using it (#10816) (026ed0b)
• jans-cedarling: implement loading types from other namespace (#10807) (da05595)
• jans-cedarling: include a sample android app in cedarling uniffi binding (#10994) (5b74f9d)
• jans-cedarling: New interface: authorizeUnverified - send Principal as Object v. JWT (#11035) (37b72ad)
• jans-cedarling: Support JSON logic for principal boolean operations (#10956) (cbe4dbc)
• jans-cli-tui: add hints to fido configuration screen (#10864) (39ffa8a)
• jans-cli-tui: SSA custom attributes 10855 (#10870) (6f2cb6b)
• jans-linux-setup: data cleaning cron job task (#10946) (33d5eb2)
• jans-linux-setup: LDAP Link installation is optional (#10964) (673d7fb)
• jans-linux-setup: link jans script to /usr/local/bin (#11125) (d8c7a17)
• jans-linux-setup: link jans script to /usr/localbin (d8c7a17)
• jans-linux-setup: ubuntu24 support (#10949) (481fdca)
• jans-lock: configure maven to update OpenAPI lock-server.yaml (#10952) (11c2249)
• jans-lock: configure maven to update OpenAPI lock-server.yaml (#10953) (a8f09f2)

Bug Fixes

• admin UI unable to fetch MAU _threshold on restart of config-api (b4cfaa2)
• charts: broken istio integration (#11041) (8b536ab)
• core: remove jansAlias from jansDocument (#11085) (a3a9bb2)
• docs: add Cedarling quick start guide and binding type documents (#10906) (bc0686f)
• docs: Cedarling docs updates (#10998) (903e29f)
• docs: Cedarling documentation reorganisation (#10900) (33920c2)
• docs: incorrect package name in rhel document (#10890) ([1d98a9c](https://github.com/JanssenPro...

What's Changed

• chore: release nightly by @moabu in #10709
• docs: fix installation references by @moabu in #10711
• fix(jans-linux-setup): Store fido2 authenticator_cert in DB by @devrimyatar in #10697
• Lock update by @yurem in #10701
• fix(jans-linux-setup): update jansservices module post setup by @devrimyatar in #10715
• feat(jans-cedarling): Load bootstrap properties from environment variables by @olehbozhok in #10692
• feat: update help section of tarp by @duttarnab in #10708
• feat(jans-cedarling): add krakend plugin by @SafinWasi in #10713
• feat: add support for parameterizable enter/exit urls in flows by @jgomer2001 in #10716
• fix(jans-cli-tui): ScrollablePane for config-api main screen by @devrimyatar in #10722
• fix(jans-cli-tui): save config-api configuration by @devrimyatar in #10724
• feat(agama): allow integration of Agama flows in AS consent by @jgomer2001 in #10727
• fix: account absent start url in native flows by @jgomer2001 in #10731
• feat(config-api): testng framwork changes by @pujavs in #10734
• feat(config-api): testng framework cleanup changes by @pujavs in #10736
• feat(jans-linux-setup): restart admin-ui via jans by @devrimyatar in #10740
• chore(jans-linux-setup): revert admin-ui restart by @devrimyatar in #10744
• fix(jans-auth-server): second authorization challenge call does not invoke the right script #10745 by @yuriyz in #10746
• test(config-api) scim test failure by @pujavs in #10750
• feat(jans-cedarling): implement environment variable loading for sidecar by @SafinWasi in #10751
• feat(config-api): lock stat endpoint and SAML TR fix by @pujavs in #10755
• feat(jans-auth-server): allow invoke consent script by acr #10548 by @yuriyz in #10712
• fix(jans-auth-server): typo in determineConsentFlow method #10758 by @yuriyz in #10759
• feat(jans-cedarling): custom tokens and putting tokens in principal attrs by @rmarinn in #10706
• fix(jans-cedarling): fix token handling by @SafinWasi in #10761
• docs: add Agama section for consent flows by @jgomer2001 in #10765
• feat(jans-lock): redirect for consent if external script is enabled a… by @yurem in #10771
• docs(config-api): customization doc by @pujavs in #10777
• docs(jans-cedarling): update schema for tokens by @SafinWasi in #10738
• fix(docs): update Agama Lab quick start guide by @ossdhaval in #10779
• feat(jans-cedarling): implement benchmarks for startup and authz by @rmarinn in #10775
• fix: align consent script wrt latest AS updates by @jgomer2001 in #10780
• fix(jans-auth-server): always save access_token to persistence regardless of cache configuration #10763 by @yuriyz in #10784
• chore: replace deprecated LDAP enum by DB by @jgomer2001 in #10792
• docs(agama-lab-docs): remove duplicate image by @kdhttps in #10793
• feat(jans-cedarling): Improve log searching and retrieval by @olehbozhok in #10772
• fix!(jans-cedarling): fix cedarling-properties docs to be more proper by @olehbozhok in #10788
• fix(jans-linux-setup): fido document store paths by @devrimyatar in #10801
• fix: references to file location_type by @moabu in #10797
• chore(cloud-native): sync assets and configuration for cloud-native setup by @iromli in #10768
• ci: publish cedarling wasm to npm by @moabu in #10804
• fix: Corrected fido-2-devices link to heading in user management document. Issue #9636 by @DanielSEncora in #10794
• docs(jans-cedarling): update readme for scope based access by @SafinWasi in #10811
• docs: javadocs are now consistent with code, issue#4120 by @DanielSEncora in #10813
• feat(demo-tarp): use @janssenproject/cedarling_wasm npm package #10805 by @duttarnab in #10806
• fix(docs): update broken link in custom claims document by @The-D-007 in #10781
• chore(jans): upgrade packages installed to a non-vulnerable version by @misba7 in #10725
• feat(jans-cedarling): update sidecar for log retrieval by @SafinWasi in #10786
• chore(docs): fix miscellaneous issues by @ossdhaval in #10834
• fix(docs): update LDAP link document with configuration details by @ossdhaval in #10824
• docs(terraform-provider-jans): fix docs example by @misba7 in #10828
• fix: update resource endpoints for terraform by @moabu in #10836
• chore: update person orm bean by @jgomer2001 in #10822
• chore(main): release 1.4.0 by @mo-auto in #10818
• feat(jans-auth-server): add Token Exchange interception script #8157 by @yuriyz in #10520
• chore: release 1.4.0 by @moabu in #10837
• docs(jans-cedarling): shorten conditional by @SafinWasi in #10812
• doc(jans-auth-server): added /internal/stat to swagger #10839 by @yuriyz in #10852
• fix: getting 401 Unauthorized for /jans-config-api/api/v1/stat by @duttarnab in #10857
• fix(docs): add SSA configuration docs by @ossdhaval in #10823

New Contributors

• @DanielSEncora made their first contribution in #10794
• @The-D-007 made their first contribution in #10781

Full Changelog: v1.3.0...v1.4.0