Skip to content

v0.17.0
Compare
Choose a tag to compare
@evert evert released this 11 Mar 20:17
v0.17.0
b28d7e7
This commit was signed with the committer’s verified signature.
evert Evert Pot
GPG key ID: F189847A04AD9D0F
Verified
Learn about vigilant mode.
  • Privileges assigned to groups are now inherited by all users who are part of
    that group, allowing the use of groups as 'roles'.
  • Added a /user/by-href/:href endpoint, allowing API clients to look up
    users by their 'identity' like their email address.
  • Added a hasPassword property to each user. This is only visible on 'your
    own' user or if you are an admin.
  • The /token-exchange endpoint for one-time tokes now requires a client_id
    parameter, similar to OAuth2 endpoints.
  • Fixed a number of internal APIs that let people generate passwords for non-
    user principals, or oauth2 credentails for groups. Everything is a bit
    stricter.
  • Internally, 'users', 'apps' and 'groups' are now more often referred to by
    the name 'principal'. Before, these 3 categories of things were also referred
    to as 'user'. This migration is not complete, but it's a big first step.
    Eventually we'll have separate API roots for each of these.
Assets 2
Loading