Release Notes

The following describes our support policy and abbreviated release notes per version.

Support Policy

We provide backporting of security patches for the previous major release for a 6 month period. Therefore, if you are operating on version 1.x.x, we will continue to release security updates after version 2.0 is released for a period of 6 months.

It is expected you will keep AuthStack up-to-date to ensure it remains secure, as we adapt to the changing web ecosystem.

A valid licence subscription is required to obtain updates.

AuthStack 2.1.5

  1. Further UI tweaks and corrections
  2. Fixed issue with report graph colouring
  3. Fixed issue with pagination on Connections listing

AuthStack 2.1.4

  1. Updated the X.509 certificate manager to support certs with empty data in certain fields
  2. Minor UI fixes when editing multiple Service Providers and Attribute Mappings
  3. Added additional functionality on the apps listing to show which profile is logged in to which application. Supports multiple logged in users
  4. Added quick links to buy Yubikeys from Amazon under MFA settings

AuthStack 2.1.3

Further update for iOS support and QR barcodes.

AuthStack 2.1.2

Base32 encoding function changed, remove padding from secrets generated for OTP. Backward compatibly update for iOS

AuthStack 2.1.1

Minor fix for IE in frontend JS bundle

AuthStack 2.1.0

New Features

Added IdP-initiated Single Sign-On POST binding options. The Service Provider page was updated to reflect the option to mark a service provider as "IdP initiated SSO", along with a relaystate URL

AuthStack 2.0.5

General bug fixes

  1. Fixed a bug where attribute mapping editing would incorrectly render, indicating that attributes that were in an unticked state, when they were not
  2. Fixed the same bug at the edit connection screen

New Features

Added Service Provider visibility option. It controls how Service Providers are displayed at application listing page (/apps route).

Visibility can be:

  1. Public - visible to everyone
  2. Authenticated - visible to authenticated users.
  3. Authorized - visible to authorized users. Authorization is performed by inspecting defined attributes of the current active profile.

Therefore it's now possible to limit which apps are shown (public, any logged in users, or those users belonging to a certain group). Even though the apps themselves would limit access based on permissions it's often desirable to avoid showing all integrated applications.

AuthStack 2.0.4

Added base64 handlebars helper for attribute mappings page.

AuthStack 2.0.3

Minor UI fixes related to authstack administration (Application and Exception log pages).

AuthStack 2.0.2

Updated driver-ldap to version 1.3.0. This version allows for changing which attribute is being used as username during SSO login.

AuthStack 2.0.1

Updated driver-ldap to version 1.2.12. This version of the driver adds additional filtering options when creating LDAP filters.

AuthStack 2.0

AuthStack Version 2.0 brings a major core upgrade as we move from Lumen to Laravel framework. This is a seamless upgrade path which will not require major changes to our clients white labelling or deployment strategy.

AuthStack 1.1

This release adds integration with MFAStack, bringing support for MFA during the login process. This is available to both users and administrators, adding an additional layer of security. MFAStack supports both OTP and U2F, with Yubikey hardware and all major OTP software supported.

AuthStack 1.0

We're very excited to announce the first version of AuthStack, which is available for public release, after 2 years of continuous development and internal usage. This release reflects the accumulation of years of experience managing SSO platforms, both from an IdP and SP perspective. AuthStack provides an Enterprise grade IdP which supports SAML and provides extensive configuration options with regards to User Authentication sources and mapping of attributes. AuthStack will continue to be developed, with the first major update to bring MFA support from integration with MFAStack, our Multi-Factor Authentication server.

Next Article

Upgrade Guide

We're happy to talk

Our offices are open 8.30am - 7pm GMT, Monday to Friday - but you can always contact us via email. When we receive your email during opening hours, we aim to respond within 30 minutes or less. Should your email reach us out of hours, we will contact you when the office re-opens.

You can contact us using live chat