Release notes
Release 3.3.1, April 22nd, 2024
Fix
Fixed an issue were Firely Auth running in docker was unable to connect to a SQL server user store.
Release 3.3.0, March 20th, 2024
Security
Disabling 2FA authentication for a client will now require a 2FA token from the user as an additional security step
Added ‘Require2fa’ to the default appsettings. This replaces the current ‘RequireMfa’ setting.
Feature
Firely Auth will now warn about invalid key/value pairs submitted to the launchContext API
Values in the form of ‘<resourceType>/<id>’ submitted to the launchContext API will now be automatically translate to id-only values
Release 3.3.0-rc3, February 1st, 2024
Configuration
EnableLegacyFhirContext
is added to switch the syntax offhirContext
between SoF v2.1 and v2.0. See Firely Auth Settings for details.ClientClaims
andClientClaimPrefix
are added to help a client to define custom claims in the client credential flow. See Firely Auth Settings for details.
Feature
Harmonized Serilog sinks with Firely Server. See Changing the sink for details of all supported sinks.
Enabled clients to add static custom claims in the client credential flow. See Firely Auth Settings for details.
Fix
Fixed the EHR launch context in case of a user login via an external identity provider.
Improved the validation of setting
AllowedResourceTypes
. Any invalid FHIR resource types will be rejected now.Improved the validation of setting
AllowFirelySpecialScopes
. Firely special scopes can now only be requested if an registered client has the setting set totrue
.In case of the EHR launch, no
System.ArgumentException
is thrown if bothlaunch
andlaunch/patient
scopes are present in the request for the access token.
Release 3.3.0-rc2, November 23nd, 2023
Feature
Release 3.2.0, June 20th, 2023
Configuration
Attention
To make it easier to understand, some configuration sections are renamed or reorganized. Please check the bullets below for a summary of changes. For the details, please check page Firely Auth Settings.
Section
KeyManagementConfig
is renamed toKeyManagement
.Section
FhirServerConfig
is renamed toFhirServer
.Section
ClientRegistrationConfig
is renamed toClientRegistration
.Section
TokenConfig
is removed, theAccessTokenType
for each client is moved to the registration of the specific client.Section
TokenIntrospectionConfig
is removed, the secret of a token introspection end point can be configured using settingIntrospectionSecret
within sectionFhirServer
.For registering a specific client, the
LaunchIds
setting is removed. A dynamic Smart on Fhir launch context can be requested via theLaunchContext
endpoint. See LaunchContext endpoint for details about how to request launch context dynamically.
Feature
Users now can change their own passwords after login.
A user account will be blocked temporarily after 5 unsuccessful authentication attempts and it will be unblocked in 5 minutes.
Added a setting
KeySize
to adjust the RSA key size generated by Firely Auth. By default, it is set to 2048.Added a setting
PasswordHashIterations
to adjust the password hashing iterations in case of different security considerations. By default it is set to 600000. See User store for more details.Introduced
LaunchContext
endpoint for requesting Smart on Fhir launch context dynamically. See LaunchContext endpoint for more details.Added security attributes to session cookies.
Fix
Disabled Client Initiated Backchannel Authentication (CIBA).
Attention
The aud
used in an access token is updated to the FHIR_BASE_URL
instead of the name of FHIR server.
Release 3.1.0, March 9th, 2023
Feature
Added a setting to configure CORS support for only a limited set of origins. See AllowedOrigins for more details.
Release 3.0.0, December 2022
This is the first public release of Firely Auth, providing support for SMART on FHIR v1 and v2 and a SQL Server user store.