Release notes
ForgeRock SDK for Android
Android SDK 3.4.0
September 29, 2022 minor
Added
-
Dynamic SDK Configuration. [SDKS-1759]
-
Android 13 support. [SDKS-1944]
Changed
-
Changed activity type used as parameter in
PushNotification.accept
. [SDKS-1968] -
Updated deserialization of objects to use a class allowlist to prevent access to untrusted data. [SDKS-1818]
-
Updated the
Authenticator
module and sample app to handle the newPOST_NOTIFICATIONS
permission in Android 13. [SDKS-2033] -
Fixed an issue where the
DefaultTokenManager
was not caching theAccessToken
in memory upon retrieval from Shared Preferences. [SDKS-2066] -
Deprecated the
forgerock_enable_cookie
configuration. [SDKS-2069] -
Align
forgerock_logout_endpoint
configuration name with the ForgeRock SDK for iOS. [SDKS-2085] -
Allow leading slash on custom endpoint path. [SDKS-2074]
-
Fixed bug where the
state
parameter value was not being verified upon calling theAuthorize
endpoint. [SDKS-2078]
Android SDK 3.3.3
June 22, 2022 minor
Changed
-
Updated the version of the
com.squareup.okhttp3
library in the SDK to 4.10.0 [SDKS-1957]
Android SDK 3.3.0
May 18, 2022 minor
Added
-
Support SSL pinning [SDKS-80]
-
Restore session token when it is out of sync with the session token that bound with the access token [SDKS-1664]
-
Session token should be included in the header instead of request parameter for
/authorize
endpoint [SDKS-1670] -
Support to broadcast logout event to clear application tokens when user logout the app [SDKS-1663]
-
Obtain timestamp from new
PushNotification
payload [SDKS-1666] -
Add new payload attributes to the
PushNotification
[SDKS-1776] -
Allow processing of push notifications without device token [SDKS-1844]
Fixed
-
Dispose
AuthorizationService
when no longer required [SDKS-1636] -
Authenticator sample app crash after scanning push mechanism [SDKS-1454]
Android SDK 3.2.0
January 26, 2022 minor
Features
-
Google Sign-In Security Enhancement.
-
Fix for WebAuthn Registration & Authentication prompt.
ForgeRock SDK for iOS
iOS SDK 3.4.1
November 15, 2022 minor
Changed
-
Updated legacy encryption algorithm used for generation of cryptographic keys stored in
Secure Enclave
[SDKS-1994] -
Fixed an issue related to push notifications timeout [SDKS-2164]
-
Fixed an unexpected error occurring during the decoding of some push notifications [SDKS-2199]
iOS SDK 3.4.0
September 22, 2022 minor
Added
-
Dynamic SDK Configuration [SDKS-1760]
-
iOS 16 Support [SDKS-1932]
Changed
-
Fixed build errors on Xcode 14 [SDKS-2073]
-
Fixed bug where the
state
parameter value was not verified upon calling theAuthorize
endpoint [SDKS-2077]
iOS SDK 3.3.2
June 20, 2022 minor
Added
-
Interface for log management [SDKS-1863]
Changed
-
Fixed memory leak in the
NetworkCollector
class [SDKS-1931]
iOS SDK 3.3.1
June 08, 2022 minor
Added
-
Add
PushType.biometric
support andBiometricAuthentication
class for biometric authentication. Updated sample app to handle new Push types [SDKS-1865]
Changed
-
Fixed the bug when refreshing the access token we return the old token [SDKS-1824]
-
Fixed bug when multiple threads are trying to access the same resource in the
deviceCollector
andProfileCollector
[SDKS-1912]
iOS SDK 3.3.0
May 19, 2022 minor
Added
-
SSL pinning support [SDKS-1627]
-
Obtain timestamp from new push notification payload [SDKS-1665]
-
Add new payload attributes in the push notification [SDKS-1775]
-
Apple Sign In enhancements to get user profile info [SDKS-1632]
Changed
-
Remove "Accept: application/x-www-form-urlencoded" header from /authorize endpoint for GET requests [SDKS-1729]
-
Remove
iPlanetDirectoryPro
(or session cookie name) from the query parameter, and inject it into the header instead [SDKS-1708] -
Fix issue when expired push notification displayed as "Approved" in the notification history list [SDKS-1491]
-
Fix issues with registering TOTP accounts with invalid period [SDKS-1405]
iOS SDK 3.2.0
January 27, 2022 minor
Changed
-
Updated GoogleSignIn library to the latest version
6.1.0
. -
FRGoogleSignIn is now available through SPM.
iOS SDK 3.1.1
November 17, 2021 minor
Features
-
Added custom implementation for
HTTPCookie
for iOS 11+ devices, to support NSSecureCoding for storing cookies. -
Changed all instances of Archiving/Unarchiving to use NSSecureCoding.
-
SecuredKey
initializer now supports passing a Keychain accessibility flag. -
SecuredKey
now has the same default Keychain accessibility flag as the KeychainService ".afterFirstUnlock".
ForgeRock SDK for JavaScript
JavaScript SDK 3.4.0
October 10, 2022 minor
Changed
-
Fixed HTTP headers by capitalizing all header names
-
Added support for
TextInput
callback -
Updated device profile collection code:
-
Added optional chaining to protect object checks in both browser and node environments
-
Changed usage of
window.crypto
toglobalThis.crypto
to improve compatibility
-
Legacy
ForgeRock SDK 3.0
May 24, 2021 major
Features
-
iOS SDK now supports Swift Package Manager.
-
Android and iOS SDKs now provide a
revokeAccessToken
method to revoke OAuth tokens, but preserve session.
Breaking changes
Code that has been deprecated in one of the earlier 2.x releases has been removed from the SDK in 3.0.
Android SDK:
-
Removed
Config.getInstance(Context)
. -
Removed
FRAuth Builder
. -
Removed
FRUserViewModel
.
iOS SDK:
-
Removed public
var
value fromSingleValueCallback
. -
Removed
FRURLProtocolResponseEvaluationCallback
. -
Removed
FRURLProtocol.validatedURLs
. -
Removed the deprecated
FRAuth.shared.next() (public func next)
method.
JavaScript SDK:
-
WebAuthn’s thrown error message text has been changed to align with the specification.
-
Renamed
getAuthorizeUrl
method togetAuthCodeByIframe
. -
Removed the single parameter from
createVerifier
function. -
Removed
nonce
function.
Known limitations
-
Cross-platform (Android, iOS and JavaScript) support for social login requires Identity Cloud, or AM 7.1 or later.
-
The SDK’s officially supported identity providers for social login are Apple, Facebook, and Google.
-
Mobile biometric authentication for both the Android and iOS SDKs requires Identity Cloud, or AM 7.1 or later.
Documentation updates
-
Added Troubleshooting your JavaScript app, which covers cross-domain (third-party) cookie failures, and Apple’s WebKit limitations concerning WebAuthn and "platform authenticators" (such as Touch ID).
ForgeRock SDK 2.2
December 18, 2020 minor
Features
-
Token management, WebAuthn, logout, and refresh token grant enhancements (Android, iOS, JavaScript).
Documentation updates
ForgeRock SDK 2.1
August 21, 2020 minor
Features
-
Support for AM 7.
-
Support for self-registration and self-service trees. To determine the level of support, see Supported Callbacks.
Authentication and registration using social identity providers is not supported in this release. -
Support for web authentication (WebAuthn).
-
Support for suspended authentication.
-
Added processing for new callbacks:
-
NumberAttributeInputCallback
-
BooleanAttributeInputCallback
-
SuspendedTextOutputCallback
-
-
Support for obtaining the "Page Header" and "Page Description" values from a Page node.
Documentation updates
Known issues
No known issues at this time.
ForgeRock SDK 2.0
June 30, 2020 major
Features
-
Added the ForgeRock Authenticator module:
-
Support for transactional authorization.
-
Updated the ability to customize endpoint locations:
-
New method to Intercept and modify REST calls.
-
Added handling of new callbacks.
-
Support for Apple’s "Secure Enclave".
-
Support in the ForgeRock JavaScript SDK for
localStorage
, or your own, custom, token storage implementation, as an alternative toindexedDB
. -
Added ability to override the session cookie name, in all ForgeRock SDKs.
Documentation updates
-
How to Intercept and modify REST calls (all SDKs).
-
How to Perform transactional authorization (all SDKs).
-
Blog: Use polyfills (JavaScript SDK).
GA.12.10.2019
December 10, 2019 preview
Features
For a complete list of features, see Feature highlights.
Beta.10.21.2019
October 21, 2019 beta
Features
For a complete list of features, see Feature highlights.
ForgeRock product stability labels
ForgeRock products support many features, protocols, APIs, GUIs, and command-line interfaces. Some of these are standard and very stable. Others offer new functionality that is continuing to evolve.
ForgeRock acknowledges that you invest in these features and interfaces, and therefore must know when and how ForgeRock expects them to change. For that reason, ForgeRock defines stability labels and uses these definitions in ForgeRock products.
Stability Label | Definition |
---|---|
Stable |
This documented feature or interface is expected to undergo backwards-compatible changes only for major releases. Changes may be announced at least one minor release before they take effect. |
Evolving |
This documented feature or interface is continuing to evolve and so is expected to change, potentially in backwards-incompatible ways even in a minor release. Changes are documented at the time of product release. While new protocols and APIs are still in the process of standardization, they are Evolving. This applies for example to recent Internet-Draft implementations, and also to newly developed functionality. |
Legacy |
This feature or interface has been replaced with an improved version, and is no longer receiving development effort from ForgeRock. You should migrate to the newer version, however the existing functionality will remain. Legacy features or interfaces will be marked as Deprecated if they are scheduled to be removed from the product. |
Deprecated |
This feature or interface is deprecated, and likely to be removed in a future release. For previously stable features or interfaces, the change was likely announced in a previous release. Deprecated features or interfaces will be removed from ForgeRock products. |
Removed |
This feature or interface was deprecated in a previous release, and has now been removed from the product. |
Technology Preview |
Technology previews provide access to new features that are considered as new technology that is not yet supported. Technology preview features may be functionally incomplete, and the function as implemented is subject to change without notice. DO NOT DEPLOY A TECHNOLOGY PREVIEW INTO A PRODUCTION ENVIRONMENT. Customers are encouraged to test drive the technology preview features in a non-production environment, and are welcome to make comments and suggestions about the features in the associated forums. ForgeRock does not guarantee that a technology preview feature will be present in future releases, the final complete version of the feature is liable to change between preview and the final version. Once a technology preview moves into the completed version, said feature will become part of the ForgeRock platform. Technology previews are provided on an “AS-IS” basis for evaluation purposes only, and ForgeRock accepts no liability or obligations for the use thereof. |
Internal/Undocumented |
Internal and undocumented features or interfaces can change without notice. If you depend on one of these features or interfaces, contact ForgeRock support or email info@forgerock.com to discuss your needs. |