IAM 8.6 - Deprecation announcement
Deprecation announcement for future releases
The following features have been deprecated with IAM 8.6 or earlier releases. They are planned to be removed in future releases and are still available in Airlock IAM 8.6.
REST Endpoints
Topic | Description | May be removed in version | Deprecated since |
|---|---|---|---|
Legacy health endpoint | The legacy health endpoint Use the official health endpoint as documented in Monitoring, health checks, and metrics. | 9.0 | 7.5 |
Legacy password self-service endpoint | The legacy password change self-service endpoint The corresponding plugins in Loginapp >> Session-less REST Endpoints will be removed. Use the corresponding protected self-service endpoints instead. | 9.0 | 8.2 |
Legacy mTAN token self-service endpoints | The legacy mTAN token self-service endpoints The corresponding plugins in Loginapp >> Session-less REST Endpoints will be removed. Use the corresponding protected self-service endpoints instead. | 9.0 | 8.1 |
Legacy Cronto token self-service endpoints | The legacy Cronto token self-service endpoints The corresponding plugins in Loginapp >> Session-less REST Endpoints will be removed. Use the corresponding protected self-service endpoints instead. | 9.0 | 8.2 |
User identification endpoint (authentication) | The Loginapp REST endpoint Use | 9.0 | 8.2 |
User identification endpoint (self-service) | The Loginapp REST endpoint Use | 9.0 | 8.2 |
OTP resend information | The following REST endpoints return information about a possible OTP resend in the field
| 9.0 | 8.3 |
Retrieve endpoints | The following REST “retrieve” endpoints have been deprecated and may be removed with the next major release. The information is returned as additional attributes with the preceding REST response and thus allows to do with fewer roundtrips.
As a consequence, the following next-step codes concerning retrieval will also be removed:
| 9.0 | 8.3 |
Miscellaneous
Topic | Description | May be removed in version | Deprecated since |
|---|---|---|---|
Database collations | Legacy or missing database collations will no longer be supported. Old database schemas and data must be migrated to up-to-date IAM schemas and collations. | 9.0 | 8.1 |
OIDC/OAuth Session Repository | A database schema migration was introduced in IAM 8.3 to write custom OIDC/OAuth claims to the database. The database migration is mandatory with the next major release. The feature toggle that allowed IAM to run on a non-migrated database schema will be removed. | 9.0 | 8.5 |
FIDO Transports Repository | IAM 8.4 introduced the possibility to persist the transport types of registered FIDO tokens in the database. This required a database schema migration. The database schema migration becomes mandatory in the next major release. The feature toggle allowing IAM to run on non-migrated database schemas will be removed. | 9.0 | 8.5 |
Fluentbit as part of IAM | Fluentbit is currently part of the IAM delivery. It may be removed in a future major release. From then on, customers will be responsible for deploying a log concentrator. | 9.0 | 8.5 |
Adminapp web UI paths | Old Adminapp URL paths
are no longer supported. Use the new URL paths:
| 9.0 | 7.5 |
[FILE]-Prefix in config files | The [FILE]-Prefix used to read a config value from a file instead of the configuration itself will be removed. Use config variables instead. The feature was undocumented until IAM 8.1 and works for XML config files. | 9.0 | 8.5 |
XML config format | The YAML config format (introduced in 8.4) is the default for new instances starting with 8.5. Support for the XML config format will be removed. The CLI to migrate from XML to YAML will also be removed. Use the last version still supporting XML config files to migrate to YAML. | 9.0 | 8.5 |
MSOFBA Support | Support for MSOFBA (Microsoft Office form-based authentication) will be removed. | 9.0 | 8.5 |
Legacy SMS Gateway Plugins | The following legacy SMS gateway plugins will be removed. Use an up-to-date SMS gateway plugin instead. Many gateways can be connected using the HTTP SMS Gateway plugin.
| 9.0 | 8.6 |
JCEKS in external secrets | External secrets are currently encrypted using the JCEKS (Java key store encryption scheme). Future versions may no longer support this scheme but will support PKCS#12 (and probably BCFKS). This may make a migration of external secrets necessary. | 9.0 | 8.6 |
Legacy session tickets | IAM session tickets are used to restore user session information in failover and similar scenarios. With IAM 8.4 (and earlier in 8.2), a new session ticket format has been introduced. The support for old session ticket formats will end in IAM 9.0. If migrating from 8.3 or older to IAM 9.0, user sessions may be lost, and users may have to log in again. | 9.0 | 8.6 |
Loginapp Design Kit | Because of a change in the underlying Angular web framework, the Loginapp Design Kit will be replaced by IAM 9.0. Customers will have to redo the design of the Loginapp UI (login web application). See notice on Customization with Loginapp Design Kit for more information. | 9.0 | 8.6 |
Custom code and custom web.xml
Topic | Description | May be removed in version | Deprecated since |
|---|---|---|---|
SAML2 Servlet Context Listener | The | 9.0 | 8.5 |
Deprecated classes and methods | Deprecated Java classes and methods are removed in the next major release. This may result in extra upgrade effort for custom code. | 9.0 | 8.5 |
Java API class moves | Some Java API classes have been moved to different modules. Affected custom code and its build process need to be adapted. | 9.0 | 8.5 |
Orika Bean Mapper | When writing custom REST extensions, Orika may be used to implement bean mappers. Orika will no longer be used in future IAM versions. It is likely to be replaced by MapStruct. Custom code using Orika mappers will have to be adapted. | 9.0 | 8.6 |