There is a newer version of the record available.

Published November 3, 2025 | Version v1.13.0
Software Open

indigo-iam/iam: INDIGO Identity and Access Management v1.13.0

Authors/Creators

  • 1. CISCO
  • 2. INFN-CNAF
  • 3. @stfc
  • 4. INFN Laboratori Nazionali di Legnaro
  • 5. INFN
  • 6. Istituto Nazionale di Fisica Nucleare

Description

[!IMPORTANT] Don't forget to back-up your database before upgrading. This is a release that contains database migrations.

What's Changed

  • Search users by Subject DN by @S203932 in https://github.com/indigo-iam/iam/pull/952
  • Store user affiliation into user info table by @garaimanoj in https://github.com/indigo-iam/iam/pull/781
  • Return only FQANs with parent group equal to the VO name in the proxy by @federicaagostini in https://github.com/indigo-iam/iam/pull/993
  • Add endpoint to retrieve clients owned by user by @garaimanoj in https://github.com/indigo-iam/iam/pull/974
  • Option to limit custom scopes to admins only by @mmutadich in https://github.com/indigo-iam/iam/pull/994
  • Allow users to remove themselves from groups by @rmiccoli in https://github.com/indigo-iam/iam/pull/960
  • SCIM API bulk operations by @mmutadich in https://github.com/indigo-iam/iam/pull/969
  • Configurable support button by @mmutadich in https://github.com/indigo-iam/iam/pull/998
  • Implement SCIM filtering by @S203932 in https://github.com/indigo-iam/iam/pull/946
  • Enable command line execution for development by @darcato and @federicaagostini in https://github.com/indigo-iam/iam/pull/825
  • Configurable text in the registration button by @S203932 in https://github.com/indigo-iam/iam/pull/997
  • Configurable 'nbf' duration for tokens by @mmutadich in https://github.com/indigo-iam/iam/pull/1017
  • Restrict authZ on /iam/account/search endpoint by @rmiccoli in https://github.com/indigo-iam/iam/pull/1018
  • Add RPM build workflow on Continuous Integration by @enricovianello in https://github.com/indigo-iam/iam/pull/1027
  • Ensure removal of configured MFA totp before account deletion by @garaimanoj in https://github.com/indigo-iam/iam/pull/1013
  • Add endpoint to retrieve the list of group memberships of a user by @garaimanoj in https://github.com/indigo-iam/iam/pull/983
  • Synch affiliation with CERN HR DB by @mmutadich in https://github.com/indigo-iam/iam/pull/1005
  • Notify VO Admins when a certificate is added by a user by @S203932 in https://github.com/indigo-iam/iam/pull/972
  • Revoke all refresh tokens for a client by @mmutadich in https://github.com/indigo-iam/iam/pull/978
  • Implement JIT account provisioning for OPs by @rmiccoli in https://github.com/indigo-iam/iam/pull/928
  • Fix both H2 and MySQL devcontainers by @jacogasp in https://github.com/indigo-iam/iam/pull/1044
  • Scoped voPerson_id by @S203932 in https://github.com/indigo-iam/iam/pull/1051
  • Build and expose the OpenID Provider's OID Federation Entity Configuration by @rmiccoli in https://github.com/indigo-iam/iam/pull/999
  • Implement OID Federation Trust Chain resolution and validation by @rmiccoli in https://github.com/indigo-iam/iam/pull/1014
  • Add openid_relying_party metadata by @rmiccoli in https://github.com/indigo-iam/iam/pull/1065
  • Token lifetime configurable in token request by @mmutadich in https://github.com/indigo-iam/iam/pull/981
  • Fix wrong information displayed when viewing other accounts with READER_ROLE by @garaimanoj in https://github.com/indigo-iam/iam/pull/1056
  • Update nimbus-jose-jwt dependency version to 9.37.4 by @rmiccoli in https://github.com/indigo-iam/iam/pull/1063

[!NOTE] The added OpenID Federation features are considered as experimental. They will be enhanced and expanded in future releases.

Files

indigo-iam/iam-v1.13.0.zip

Files (5.4 MB)

Name Size Download all
md5:0408c0ad7eb36ef7f76c1f898e7d213e
5.4 MB Preview Download

Additional details

Related works

Is supplement to
Software: https://github.com/indigo-iam/iam/tree/v1.13.0 (URL)

Software

Repository URL
https://github.com/indigo-iam/iam