zitadel/internal/api
Livio Spring 33235a5cbe fix(oidc): make sure id_token does not contain any info from access token actions (#8053)
# Which Problems Are Solved

During tests of 2.53.3 we noticed that in cases where the
`idTokenRoleAssertion` was disabled, claims set in the
preAccessTokenTrigger where also set in the id_token.

# How the Problems Are Solved

The userinfo of the id_token now uses a correct copy of their own.

# Additional Changes

None.

# Additional Context

- relates to #7822 
- relates to #8046
2024-05-31 15:08:00 +02:00
..
assets fix: exclude db connection error details (#7785) 2024-04-23 08:35:25 +00:00
authz chore(deps): update all go deps (#7773) 2024-04-15 09:17:36 +00:00
call fix: reset the call timestamp after a bulk trigger (#6080) 2023-07-07 08:15:05 +00:00
grpc feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
http fix: exclude db connection error details (#7785) 2024-04-23 08:35:25 +00:00
idp feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
info fix: correct method and path for session api activity (#6880) 2023-11-22 12:12:23 +02:00
oidc fix(oidc): make sure id_token does not contain any info from access token actions (#8053) 2024-05-31 15:08:00 +02:00
robots_txt fix: introduce measures to avoid bots crawling and indexing activities (#5728) 2023-05-05 10:25:02 +02:00
saml feat(actions): allow getting metadata of organizations from user grants (#7782) 2024-04-22 11:34:23 +00:00
service fix(eventstore): tests 2020-11-26 09:19:14 +01:00
ui fix(logging): reduce log level of errors in introspection and login UI (#8047) 2024-05-31 08:11:32 +00:00
api.go feat: improve instance not found error (#7413) 2024-02-28 10:49:57 +00:00