| Flow-continuation tokens (Email links) | | If using email links for a password reset, user verification, or if using the flow continuation concept in general (public self-service flows), the IAM database schema must be upgraded. | |
| Client-centric OIDC/OAuth AS | | As announced with IAM 7.3, 7.4, 7.5, and 7.6, the client-centric AS (authorization server) will be removed in IAM 8.0 and all instances using it must migrate to the AS-centric AS. Since IAM 7.7 is the last release with both AS variants (client-centric and AS-centric), a seamless transition requires to do the migration in IAM 7.7 (or earlier). See AS-centric AS - seamless migration for more information. | |
| | | The default Key Transport Algorithm in the SAML Federation Config has changed to use the more secure RSA-OAEP. Existing configurations migrated to IAM 7.7 continue to use the old algorithm without OAEP. It is strongly recommended to check RSA-OAEP compatibility with the SAML SPs and then manually change the IdP configuration to use RSA-OAEP as Key Transport Algorithm. This affects both the JSP-Loginapp and the Loginapp REST UI. | |
Loginapp, Adminapp, Transaction Approval | REST client authentication | | The Request Credential Policy to authenticate single requests in the Loginapp, Adminapp, and Transaction Approval modules will be removed in IAM 8.0. Configuration migration ensures that older configurations still work using a legacy adapter plugin. It is recommended to adapt the configuration to use the new Request Authentication plugins in 7.7. See Authentication of REST requests. | |
| SSO ticket-based admin authentication | | If using SSO tickets to authenticate admins to the Adminapp (Adminapp >> Administrators >> SSO Ticket Authentication): The feature has been improved and the Authenticator property has been removed. If using the Authenticator property to lookup and verify the user, the configuration has to be manually changed. Use the new properties User Store, Roles Blocklist, Username Key, and Roles key. | |
| | | Note that the minimum supported Oracle version is now 19c. The database must be upgraded if still using an older Oracle version. See also Hardware and system requirements. | |