Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
6.10.x release notes
What's new
- Improved JSM portal redirection, improved metadata reload, several smaller improvements and bugfixes.
Upgrade consideration
No special considerations apply to this update.
Data Center
This version is fully compatible with Jira, Confluence, Bitbucket, and Bamboo Data Center.
Changelog
6.10.1
Released on 23 April 2024 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- Fixed bug in OAuth2/Social Login wizard for configuring a new IdP.
- Updated dependencies (Bouncy Castle).
Changes specific to Jira
- None
Changes specific to Confluence
- None
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- None
6.10.0
Released on 2 April 2024 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- SAML Single Sign-On 6.10.0 comes with the User Sync 2.13.0 release, see 2.13.x release notes.
- Now displays the last metadata reload date next to the option to reload metadata every day for better visibility and management.
Ensured SAML authentication cannot proceed if the certificate is no longer valid, closing a security loophole.
Eliminated an open redirect vulnerability associated with whitespace and control characters in the redirection path.
Addressed an issue where "SaveIdPSelection" parameter in the IdP selection template did not behave as intended across different Tomcat versions.
- Fixed an issue with the OIDC Keycloak wizard removing
/authunexpectedly. The Azure AD integration has been updated to reflect its new name, Microsoft Entra ID, aligning with Microsoft's rebranding initiative.
Corrected a flaw where request info was not always added to the tracker, improving tracking accuracy.
Resolved a bug where the "Contact support" dialog was broken, ensuring users can reach out for support when needed.
Changes specific to Jira
- Simplified SSO redirection management for JSM Portals with the introduction of an exclusion list, making it easier to define and manage exceptions.
-
/visitportalURLs for Service Managment used in the customer welcome emails now trigger SSO if the redirection is enabled for the portal. So customers clicking this link are logged in via SSO and see the portal instead of the page to set a local password. - Fixed an issue where logouts were not being recorded in the audit log.
Changes specific to Confluence
- Fixed an issue where logouts were not being recorded in the audit log.
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- None