Open in app

Sign in

Write

Sign in

Gravitee.io AM 2.9

Titouan Compiègne
graviteeio
Published in
3 min readSep 18, 2019

We are pleased to announce that Gravitee.io Access Management 2.9 is now available.

What’s new ?

Here are the highlights of this release:

  • New type of identity providers
  • Role Management

New type of identity providers

Currently applications can authenticate users against what we call internal identity providers, such as Active Directory, LDAP, Database, … or via external identity providers using protocols such as OpenID Connect.

Starting from the Access Management 2.9 version you will be able to use new enterprise identity providers for authentication, whatever the protocol used.

Bridging OIDC-OAuth 2.0/SAML 2.0

The first new identity provider that will be announced is the support of the SAML 2.0 protocol. You will be able to connect your SAML 2.0 Identity Provider to authenticate your users.

This identity provider will be released in the coming weeks, we will looking forward for new identity providers to offer flexibility and interoperability with your Information System. Stay tuned for more information.

Role Management

Until now, the only way to set roles to a user was to use the identity provider role mapper feature. You can now assign roles to users or groups directly from the administration UI or the REST API.

Assign roles to a user

Application metadata

Applications (i.e a « clients ») have a new key/value map to store custom information. These information can be used in the tokens (Access or ID Token) via the token claims mapping feature.

Using the application metadata

Force user consent

Currently if a user has already approved consents, Gravitee.io AM doesn’t prompt the consent page again until the consents have been expired or revoked.

You can now be able to force consent page via the query parameter prompt=consent during the login flow (OAuth 2.0/OIDC Authorization request)

Forcing the consent page can be useful for potential legal or business requirements (description has changed, new information, …).

And more …

  • Contextual information about the current authentication. If you have developed a custom identity provider you can now use contextual information (such as the incoming http request with the IP address, query parameters, …) to authenticate your users
  • Consent technical id can now be retrieved in the POST CONSENT Extension Point.

To discover all these new features, just follow the installation guide or start to play with Gravitee.io by using Docker.

Waiting for your feedbacks, we would be happy to talk and help you from Gitter channel.

Identity Management
Access Management
Saml2
Consent

--

--

Titouan Compiègne
graviteeio

Written by Titouan Compiègne

13 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams