Release notes
Release 3.3.1, April 22nd, 2024
Fix
Fixed an issue were Firely Auth running in docker was unable to connect to a SQL server user store.
Release 3.3.0, March 20th, 2024
Security
Disabling 2FA authentication for a client will now require a 2FA token from the user as an additional security step
Added ‘Require2fa’ to the default appsettings. This replaces the current ‘RequireMfa’ setting.
Feature
Firely Auth will now warn about invalid key/value pairs submitted to the launchContext API
Values in the form of ‘<resourceType>/<id>’ submitted to the launchContext API will now be automatically translate to id-only values
Release 3.3.0-rc3, February 1st, 2024
Configuration
EnableLegacyFhirContextis added to switch the syntax offhirContextbetween SoF v2.1 and v2.0. See Firely Auth Settings for details.ClientClaimsandClientClaimPrefixare added to help a client to define custom claims in the client credential flow. See Firely Auth Settings for details.
Feature
Harmonized Serilog sinks with Firely Server. See Changing the sink for details of all supported sinks.
Enabled clients to add static custom claims in the client credential flow. See Firely Auth Settings for details.
Fix
Fixed the EHR launch context in case of a user login via an external identity provider.
Improved the validation of setting
AllowedResourceTypes. Any invalid FHIR resource types will be rejected now.Improved the validation of setting
AllowFirelySpecialScopes. Firely special scopes can now only be requested if an registered client has the setting set totrue.In case of the EHR launch, no
System.ArgumentExceptionis thrown if bothlaunchandlaunch/patientscopes are present in the request for the access token.
Release 3.3.0-rc2, November 23nd, 2023
Feature
Release 3.2.0, June 20th, 2023
Configuration
Attention
To make it easier to understand, some configuration sections are renamed or reorganized. Please check the bullets below for a summary of changes. For the details, please check page Firely Auth Settings.
Section
KeyManagementConfigis renamed toKeyManagement.Section
FhirServerConfigis renamed toFhirServer.Section
ClientRegistrationConfigis renamed toClientRegistration.Section
TokenConfigis removed, theAccessTokenTypefor each client is moved to the registration of the specific client.Section
TokenIntrospectionConfigis removed, the secret of a token introspection end point can be configured using settingIntrospectionSecretwithin sectionFhirServer.For registering a specific client, the
LaunchIdssetting is removed. A dynamic Smart on Fhir launch context can be requested via theLaunchContextendpoint. See LaunchContext endpoint for details about how to request launch context dynamically.
Feature
Users now can change their own passwords after login.
A user account will be blocked temporarily after 5 unsuccessful authentication attempts and it will be unblocked in 5 minutes.
Added a setting
KeySizeto adjust the RSA key size generated by Firely Auth. By default, it is set to 2048.Added a setting
PasswordHashIterationsto adjust the password hashing iterations in case of different security considerations. By default it is set to 600000. See User store for more details.Introduced
LaunchContextendpoint for requesting Smart on Fhir launch context dynamically. See LaunchContext endpoint for more details.Added security attributes to session cookies.
Fix
Disabled Client Initiated Backchannel Authentication (CIBA).
Attention
The aud used in an access token is updated to the FHIR_BASE_URL instead of the name of FHIR server.
Release 3.1.0, March 9th, 2023
Feature
Added a setting to configure CORS support for only a limited set of origins. See AllowedOrigins for more details.
Release 3.0.0, December 2022
This is the first public release of Firely Auth, providing support for SMART on FHIR v1 and v2 and a SQL Server user store.