From fa5e6d191483781642a59b82c17dc2fc4702c946 Mon Sep 17 00:00:00 2001 From: Livio Spring Date: Wed, 29 May 2024 18:14:46 +0200 Subject: [PATCH] docs(advisory): add technical advisory for token type change (#8029) # Which Problems Are Solved Among others #7822 changed the event type of the `user.token.added` to `user.token.v2.added`. To make customers aware of this in case they use it for calculating DAU / MAU, resp. for an audit trail, we want to raise awareness. # How the Problems Are Solved Technical advisory to state the change. # Additional Changes None. # Additional Context Relates to #7822 Co-authored-by: Fabi --- docs/docs/support/advisory/a10009.md | 2 +- docs/docs/support/advisory/a10010.md | 30 ++++++++++++++++++++++++ docs/docs/support/technical_advisory.mdx | 14 ++++++++++- 3 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 docs/docs/support/advisory/a10010.md diff --git a/docs/docs/support/advisory/a10009.md b/docs/docs/support/advisory/a10009.md index 7137fdceaf..014700760a 100644 --- a/docs/docs/support/advisory/a10009.md +++ b/docs/docs/support/advisory/a10009.md @@ -6,7 +6,7 @@ title: Technical Advisory 10009 Version: 2.53.0 -Date: Calendar week 23/24 2024 +Date: 2024-05-28 ## Description diff --git a/docs/docs/support/advisory/a10010.md b/docs/docs/support/advisory/a10010.md new file mode 100644 index 0000000000..c2fd95902e --- /dev/null +++ b/docs/docs/support/advisory/a10010.md @@ -0,0 +1,30 @@ +--- +title: Technical Advisory 10010 +--- + +## Date and Version + +Version: 2.53.0 + +Date: 2024-05-28 + +## Description + +Version 2.53.0 optimizes the way tokens are created and migrates them to the v2 implementation already used by OAuth / OIDC tokens created through the session API. + +Because of this tokens events are no longer created on the user itself. To be as backwards compatible as possible a separate event is created on the user for the audit log. + +## Statement + +This change was tracked in the following PR: +[perf(oidc): optimize token creation](https://github.com/zitadel/zitadel/pull/7822), which was released in Version [2.53.0](https://github.com/zitadel/zitadel/releases/tag/v2.53.0) + +## Mitigation + +If you use the ListEvents API to check the audit trail of a user or being able to compute Daily or Monthly Active Users, be sure to also include the `user.token.v2.added` event type in your search +if you already query for the `user.token.added` event type. + +## Impact + +Once this update has been released and deployed, the `user.token.added` event will no longer be created when a user access token is created, but instead a `user.token.v2.added`. +Existing `user.token.added` events will be untouched. diff --git a/docs/docs/support/technical_advisory.mdx b/docs/docs/support/technical_advisory.mdx index 565dae3904..e205b87683 100644 --- a/docs/docs/support/technical_advisory.mdx +++ b/docs/docs/support/technical_advisory.mdx @@ -164,7 +164,19 @@ We understand that these advisories may include breaking changes, and we aim to Fixes rare cases where updating projections was blocked by a `WRITE_TOO_OLD`-error when using cockroachdb. 2.53.0 - 2024-05-27 + 2024-05-28 + + + + A-10010 + + Event type of token added event changed + Breaking Behavior Change + + Version 2.53.0 improves the token issuance. Due to this there are changes to the event types created on token creation. + + 2.53.0 + 2024-05-28