SSO 4.01 new features
A summary of new features and changes in functionality introduced with single sign-on 4.01.
Important:
This page covers only those new features introduced with the single sign-on version specified in the page title. Check prior new features pages if you migrate from an earlier version. Make sure to also read the upgrade guide corresponding to this Genero version.
Corresponding upgrade guide: SSO 4.01 upgrade guide.
Previous new features guides with single sign-on information can be found in the Genero Application Server User Guide.
| Overview | Reference |
|---|---|
The oidc.app.start.mode configuration entry of the
OpenidConnectServiceProvider service defines how the identity of the client is
verified before starting the application. You can configure "gnonce" (genero number
once) or a cookie. |
See Configure application starting mode |
| Starting with FGLGWS 4.01.02 | |
| The OpenID Connect service of FGLGWS has enhancements to how scopes are exchanged. The Genero Identity Provider (GIP) follows the standard RFC 8693 as the default method when creating OAuth ID and access tokens with the scope parameter. | See Support for RFC 8693 in the Genero Identity Provider (GIP) creation of OAuth ID and access tokens with scopes |
| Starting with FGLGWS 4.01.04 | |
The OpenID Connect service configuration of FGLGWS has a new entry
(oidc.accesstoken.decode) added to decode roles and scopes in the access
token. |
See New option oidc.accesstoken.decode for decoding access tokens with roles and scopes |
Note:
The new features listed in this topic are available in the latest versions of the FGLGWS and GAS. Contact your support channel for more details.