zitadel

mirror of https://github.com/zitadel/zitadel.git synced 2024-12-14 11:58:02 +00:00

History

Livio Spring 5b40af79f0 fix: correctly check user state (#8631 ) # Which Problems Are Solved ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability to request tokens, which could lead to unauthorized access to applications and resources. # How the Problems Are Solved Additionally to checking the user state on the session API and login UI, the state is checked on all oidc session methods resulting in a new token or when returning the user information (userinfo, introspection, id_token / access_token and saml attributes)		2024-09-17 13:21:49 +00:00
..
assets	feat: trusted (instance) domains (#8369 )	2024-07-31 18:00:38 +03:00
authz	fix: race condition in system jwt signature check (#8618 )	2024-09-13 17:18:37 +02:00
call	fix: reset the call timestamp after a bulk trigger (#6080 )	2023-07-07 08:15:05 +00:00
grpc	fix: user grants deactivation (#8634 )	2024-09-17 12:18:29 +00:00
http	feat(oidc): use web keys for token signing and verification (#8449 )	2024-08-23 14:43:46 +02:00
idp	chore(tests): use a coverage server binary (#8407 )	2024-09-06 14:47:57 +02:00
info	fix: correct method and path for session api activity (#6880 )	2023-11-22 12:12:23 +02:00
oidc	fix: correctly check user state (#8631 )	2024-09-17 13:21:49 +00:00
robots_txt	fix: introduce measures to avoid bots crawling and indexing activities (#5728 )	2023-05-05 10:25:02 +02:00
saml	fix: correctly check user state (#8631 )	2024-09-17 13:21:49 +00:00
service	fix(eventstore): tests	2020-11-26 09:19:14 +01:00
ui	feat: invite user link (#8578 )	2024-09-11 10:53:55 +00:00
api.go	feat: trusted (instance) domains (#8369 )	2024-07-31 18:00:38 +03:00