OpenID Connect provider and authenticators 1.5 released

release
oidc
#1

This new release is mainly here to introduce a new XWiki specific feature on the provider side: you can now setup a bridge to allow accessing any resource of the provider using the OpenID Connect access token (only resources the user associated with the token has access to of course). See https://extensions.xwiki.org/xwiki/bin/view/Extension/OpenID%20Connect/OpenID%20Connect%20Provider/#HTokenbasedaccess.

The security has been increased on the provider side for the storage of the access tokens, the consequence is that all the already delivered tokens are now invalid and all clients will have to authenticate again.

0 Likes