Conditional redirect of unauthenticated requests based on request query parameters
Query parameters can now be used in the property OAuth Login URL List to create rules that evaluate request URLs for login redirect. Previously, the rules were based only on the request domain, path, and header.
Invalidation of sessions on logout
Always invalidate sessions is a new property to invoke the AM REST logout endpoint.
DENY keyword for not-enforced rules
Support for JDK 8 is removed in this release.