- Support PingOne Protect Marketplace Nodes [SDKS-3296]
- Support new ReCaptcha Enterprise node [SDKS-3324]
- Expose realm, Success and Failure URL in SessionToken [SDKS-3352]
- Missing UIKit import issue for SPM [SDKS-3348]
- SSL pinning not working with root certificates [SDKS-3334]
- Build failed because FRCore.swiftmodule is not built for arm64 [SDKS-3347]
- Skip Type 4 TextOutputCallback [SDKS-3226]
- Make PolicyAdviceCreator public [SDKS-3349]
- Added SDK support for deleting registered WebAuthn devices from the server. [SDKS-1753]
- Added support for signing off from PingOne to the centralized login flow. [SDKS-3021]
- Added the ability to dynamically configure the SDK by collecting values from the server's OpenID Connect
.well-known
endpoint. [SDKS-3023]
- SSL pinning configuration was ignored in
FRURLProtocol
class. [SDKS-3239]
- Removed scope validation from
AccessToken
initialization. [SDKS-3305]
- Added privacy manifest files to the SDK's modules [SDKS-3086]
- Removed
storage
field from the HardwareCollector
[SDKS-3086]
- Updated Google SDK version to 7.1.0 [SDKS-3086]
- Updated PingOneSignals SDK version to 5.2.3 [SDKS-3086]
- Added a new module for integration with
PingOne Protect
[SDKS-2901]
- Added support for the
TextInput
callback [SDKS-546]
- Added an interface for customizing the biometric UI prompts when device binding or signing [SDKS-2990]
- Added
x-requested-with: forgerock-sdk
and x-requested-platform: ios
immutable HTTP headers to each outgoing request [SDKS-2997]
- Blocked the device binding and signing features on simulators [SDKS-2995]
- AppIntegrity Callback support [SDKS-2630] [SDKS-2761]
- New ephemeralAuthSession browser type (iOS13+) [SDKS-2707]
iat
and nbf
claims to Device Binding jws payload [SDKS-2748]
- Custom claims to device signing verifier [SDKS-2788]
- Fixed an issue where the
issuer
parameter was not properly parsed when using AM 7.2.x [SDKS-2653]
- Updated Jailbreak Detectors [SDKS-2796]
- Fixed an issue related to Inadequate Cache Control [SDKS-2700]
- Fixed the issue when sfViewController setting in Centralized login had the "entersReaderIfAvailable" as true [SDKS-2746]
- Fixed the issue with DeviceProfile Collector affecting phones with dual sim cards in iOS 16.3 and earlier [SDKS-2776]
- Improved unit and e2e tests [SDKS-2637]
- Fixed the issue with device binding api access level [SDKS-2886]
- Fixed the issue with removing userkey from local device repo [SDKS-2887]
- Interceptor support for the Authenticator module [SDKS-2545]
- Deep link support for
mfauth
scheme in Authenticator sample app [SDKS-2524]
- Interface for access_token refresh [SDKS-2563]
- Ability to process new JSON format of IG policy advice [SDKS-2239]
- Fixed an issue on parsing
issuer
from combined MFA registration uri [SDKS-2542]
- Added error message about duplicated accounts while performing combined MFA registration [SDKS-2627]
- Support for passkeys [SDKS-2140]
DeviceBinding
callback support [SDKS-1748]
DeviceSigningVerifier
callback support [SDKS-2023]
- Support for combined MFA in the Authenticator SDK [SDKS-1972]
- Support for policy enforcement in the Authenticator SDK [SDKS-2166]
- Interface for listing and deleting WebAuthn credentials from the device [SDKS-2279]
- Interface for assigning device name during the WebAuthn registration process [SDKS-2297]
- SwiftUI QuickStart Example [SDKS-2405]
- Added error message description to the
WebAuthnError
enum [SDKS-2226]
- Updated the order of presenting the registered WebAuthn keys on the device [SDKS-2251]
- Updated Facebook SDK Version to 16.0.1 [SDKS-1839]
- Updated Google SDK Version to 7.0.0 [SDKS-2426]
- In WebAuthnRegistrationCallback:
public func register(node: Node? = nil, onSuccess: @escaping StringCompletionCallback, onError: @escaping ErrorCallback)
to public func register(node: Node? = nil, window: UIWindow? = UIApplication.shared.windows.first, deviceName: String? = nil, usePasskeysIfAvailable: Bool = false, onSuccess: @escaping StringCompletionCallback, onError: @escaping ErrorCallback)
- In WebAuthnAuthenticationCallback:
public func authenticate(node: Node? = nil, onSuccess: @escaping StringCompletionCallback, onError: @escaping ErrorCallback)
to public func authenticate(node: Node? = nil, window: UIWindow? = UIApplication.shared.windows.first, preferImmediatelyAvailableCredentials: Bool = false, usePasskeysIfAvailable: Bool = false, onSuccess: @escaping StringCompletionCallback, onError: @escaping ErrorCallback)
- In FacebookSignInHandler:
public static func handle(_ application: UIApplication, _ url: URL, _ options: [UIApplication.OpenURLOptionsKey : Any] = [:]) -> Bool
to public static func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey : Any]? = nil) -> Bool
.
It should now be called from application(_ application:, didFinishLaunchingWithOptions launchOptions: )
instead of application(_ app:, open url:, options:)
.
- FRAClient.updateAccount() now throws
AccountError.accountLocked
upon attempt to update a locked account [SDKS-2166]
- HOTPMechanism.generateCode() and TOTPMechanism.generateCode() now throws
AccountError.accountLocked
upon attempt to get an OATH token for a locked account [SDKS-2166]
- Updated legacy encryption algorithm for iOS SE [SDKS-1994]
- Fixed an issue related to push notifications timeout [SDKS-2164]
- Fixed an unexpected error occurring during the decoding of some push notifications [SDKS-2199]
- Dynamic SDK Configuration [SDKS-1760]
- iOS 16 Support [SDKS-1932]
- Fixed build errors on Xcode 14 [SDKS-2073]
- Fixed bug where the
state
parameter value was not verified upon calling the Authorize
endpoint [SDKS-2077]
- Interface for log management [SDKS-1863]
- Fixed memory leak in NetworkCollector [SDKS-1931]
- Add PushType.biometric support and BiometricAuthentication class for biometric authentication. Updated sample app to handle new Push types [SDKS-1865]
- Fixed the bug when refreshing the access token we return the old token [SDKS-1824]
- Fixed bug when multiple threads are trying to access the same resource in the deviceCollector and ProfileCollector [SDKS-1912]
- SSL Pinning Support [SDKS-1627]
- Obtain timestamp from new Push Notification payload [SDKS-1665]
- Add new payload attributes in the Push Notification [SDKS-1775]
- Apple Sign In enhancements to get user profile info [SDKS-1632]
- Remove "Accept: application/x-www-form-urlencoded" header from /authorize endpoint for GET requests [SDKS-1729]
- Remove iPlanetDirectoryPro (or session cookie name) from the query parameter and inject it to the header instead [SDKS-1708]
- Fix issue when expired push notification displayed as "Approved" in the notification history list [SDKS-1491]
- Fix Issues with registering TOTP accounts with invalid period [SDKS-1405]
- Updated GoogleSignIn library to the latest version '6.1.0'
- Made FRGoogleSignIn available through SPM
- Added custom implementation for
HTTPCookie
for iOS 11+ devices, in order to support NSSecureCoding for storing cookies. [SDKS-1366]
- Changed all instances of Archiving/Unarchiving to use NSSecureCoding. [SDKS-1366]
SecuredKey
initializer supports passing a Keychain accessibility flag. [SDKS-1334]
SecuredKey
now has the same default Keychain accessibility flag as the KeychainService ".afterFirstUnlock". [SDKS-1334]
- Fixed an issue where the
MetadataCallback
was overriding the stage property of a node [SDKS-1209]
- Fixed an issue which was affecting the Centralized Login feature [SDKS-1157]
- Various bug-fixes and enhancements for the Authenticator SDK [SDKS-1186], [SDKS-1238], [SDKS-1241]
- ForgeRock iOS SDK now supports and available through Swift Package Manager. [SDKS-912]
- ForgeRock iOS SDK now supports Social Login for
Sign in with Apple
, Google Sign-In
, and Facebook Login
. [SDKS-879]
- New SDK modules,
FRGoogleSignIn
and FRFacebookSignIn
, are now available to enable Social Login with AM using providers' native SDKs. [SDKS-879]
WebAuthnRegistrationCallback
, and WebAuthnAuthenticationCallback
are introduced to support AM's WebAuthn Registration Node
and WebAuthn Authentication Node
. [SDKS-782]
FRUser.revokeAccessToken()
is introduced to revoke OAuth2 token only, and keep existing SSO token. [SDKS-979]
Account
, OathTokenCode
, PushNotification
and all Mechanism
classes now conform to Codable
protocol, and introduce new method toJson()
to return serialized JSON String value of the object. [SDKS-1004]
FRAClient.getAllNotifications()
is introduced to retrieve all notifications across all mechanisms. [SDKS-1009]
- SDK now persists SSO Token through
FRSession
instance without OAuth2 configuration. [SDKS-873]
- All
JailbreakDetector
and DeviceCollector
's initialization methods are now exposed as public methods to help developers more easily customize and utilize existing implementation. [SDKS-836]
PlatformCollector
's attribute names were changed from timezone
and jailbreakScore
to timeZone
and jailBreakScore
respectively to align with AM and Android SDK. [SDKS-908]
Browser.validateBrowserLogin()
is now available in Objective-c as well. [SDKS-975]
- Jailbreak detection logic was updated to prevent Jailbreak detection bypass. [SDKS-840]
- Removed public var value from SingleValueCallback [SDKS-910]
- Removed FRURLProtocolResponseEvaluationCallback [SDKS-910]
- Removed FRURLProtocol.validatedURLs [SDKS-910]
- Removed deprecated FRAuth.shared.next() (public func next) method [SDKS-910]
FRUser.browser()
is introduced to support external user-agent authorization. Browser
object can be constructed through BrowserBuilder
, and BrowserBuilder
allows to customize URL query parameter, and to choose which external user-agent to be used. [SDKS-328]
FRUser.logout()
now also invalidates id_token
, if exists, using OIDC end session endpoint after it invalidates SSO Token (using /sessions
endpoint), and OAuth2 token(s) (using /token/revoke
endpoint). [SDKS-328]
- Fix Secure Enclave availability validation using
CryptoKit
for iOS 13 and above. [SDKS-673]
- Fix inconsistent font size for TextField in login screen. [SDKS-675]
AuthorizationPolicy
's validatingURL
and delegate
properties are now public properties. [SDKS-696]
- Fix the issue that
refresh_token
is not persisted when refresh_token grant type does not return new refresh_token
. [SDKS-648]
- Change
FRUser.getAccessToken
to clear OAuth2 tokens and handle error more percisely to reflect the user authentication status. If refresh_token
grant returns invalid_grant
, SDK will resume with /authorize
flow with SSO Token (other errors with refresh_token
grant will throw an exception), and if the /authorize
request fails with current SSO Token, SDK will clear all credentials and states assuming that there is no more valid credentials. [SDKS-700]
FRUser.currentUser.getAccessToken
method will now validate SSO Token associated with AccessToken
, and make sure that it is same as current FRSession.currentSession.sessionToken
value. If two values are different, SDK will invalidate OAuth2 token, and try to authorize new OAuth2 token(s) with current SSO Token. [SDKS-700]
FRUser.currentUser.getUserInfo
no longer thorws an exception for session renewal failure; instead SDK now invokes API without Authorization
header if token renewal failed. [SDKS-644]
SuspendedTextOutputCallback
is now supported in iOS SDK for Email Suspend Node
in AM. [SDKS-504]
Node
now supports pageHeader
, and pageDescription
attributes from Page Node
. [SDKS-517]
NumberAttributeInputCallback
, and BooleanAttributeInputCallback
are now supported for IDM integration Callback
. [SDKS-494]
AbstractValidatedCallback
supports updated Policies
structures. [SDKS-460]
FRProximity.setLocationAccuracy
is added to specify CLLocationManager.desiredAccuracy
configuration used in LocationCollector
. [SDKS-617]
FRUI
no longer asks for user's consent when DeviceProfileCallback
is the only Callback
in the Node
. [SDKS-436]
FRAuth
was mistakenly allowing other app's private Keychain Access storage when .entitlement is misconfigured. [SDKS-552]
FRProximity
SDK's LocationCollector
now requests for Location Authorization while collecting Device Profile information if the authorization has not been asked yet. [SDKS-617]
FRAuth
introduces new dependency, FRCore
which contains generic core functionalities that can be shared across other ForgeRock iOS SDK. [SDKS-241]
FRCore
has been added to iOS SDK suite. FRCore
is responsible to handle generic iOS tools and functionalities that are not relevant to ForgeRock products.
FRAuth
is now able to handle AM's Transactional Authorization requests out of box for IG integration, and with a little bit of customization for custom REST Apps. FRAuth
SDK can support Authentication by Service
and Transaction - Authenticate to Tree
in Policy environment. [SDKS-87]
MetadataCallback
is now supported in FRAuth
SDK. For AM 6.5.2, when MetadataCallback
is returned with stage
value, SDK automatically parses MetadataCallback
into Node
's stage
property. Please refer this blog post for more details. [SDKS-304]
FRAuth
now allows more flexible customization on server infomration. Custom URL paths can be configured through .plist
config file, or ServerConfigBuilder
. [SDKS-302]
FRAuth
now supports Device Profile Node
in AM 7.0.0. [SDKS-294]
FRCore
introduces an ability to customize internal SDK requests through RequestInterceptor
. Use FRCore.RequestInterceptor
to implement the interceptor, and FRAuth.FRRequestInterceptorRegistry
to register interceptors. [SDKS-250]
FRAuth
now supports customizable cookie name to align with AM. Use .plist
config file, or ServerConfigBuilder
to change cookieName
. [SDKS-382]
FRAuthenticator
SDK is now available; use FRAuthenticator
to implement OATH, and Push Authentication with AM in the application.
FRAuth
now supports noSession
parameter in Authentication Tree. If no SSO Token is returned with 200 status code, NodeCompletion
returns nil
for all three parameters. [SDKS-433]
ConfirmationCallback
and TextOutputCallback
's invalid MessageType
error is fixed. SDK should now be able to support those callbacks received from AM.
- Single Sign-On issue where it fails to decrypt the data from other applications is fixed. SDK should now be able to encrypt/decrypt and share the data across the apps within SSO group.
FRURLProtocol.validatedURLs
and FRURLProtocol.refreshTokenPolicy
are now deprecated; use TokenManagementPolicy
and TokenManagementPolicyDelegate
to perform Token Management feature. [SDKS-386]
ServerConfig(url:realm:timeout:)
is now deprecated; use ServerConfigBuilder
to construct ServerConfig
. [SDKS-302]
FRSession
is now added to replace SessionManager
. Use FRSession
to authenticate against Authentication Tree in AM, persist and manage Session Token. [SDKS-174]
FRSession.authenticate
retrieves Session Token, and creates FRUser.currentUser
without OAuth2 token set. Use FRUser.currentUser.getAccessToken
to obtain OAuth2 token set if needed. [SDKS-174]
forgerock_enable_cookie
option is now available; you can set Boolean value to indicate whether or not SDK to persist and manage Cookies from AM. [SDKS-183]
- FRAuth iOS SDK adds security layer on Keychain Service to encrypt all stored data with
SecuredKey
(using Secure Enclave when available). [SDKS-192]
FRUser.login
now returns AuthError.userAlreadyAuthenticated
when there is already authenticated user session. [SDKS-174]
- When Session Token is updated, or changed through
FRSession.authenticate
, or FRUser.login
, previously granted OAuth2 token set will automatically be revoked. [SDKS-174]
FRAuth.next
is now deprecated; use FRSession.authenticate
instead. [SDKS-174]
SessionManager
is now deprecated and will become internal class. Use FRSession
and FRUser
instead. [SDKS-174]
SessionManager
is now publicly accessible to retrieve SSO Token
/ AccessToken
/ FRUser
object, and to revoke SSO Token
[SDKS-174]
SessionManager
is now accessible through SessionManager.currentManager
singleton object after SDK initialization [SDKS-174]
FRAuth.start()
stops validating OAuth2 value(s) in configuration and make OAuth2Client
and TokenManager
become optional properties [SDKS-174]
- General Availability release for SDKs
- Changed OAuth2 authorization request to POST [SDKS-125]
- Added iOS 13 Dark Mode support to FRUI [SDKS-130]
- Fixed CPU usage issue [SDKS-131]
- Fixed FRProximity location collector issue [SDKS-124, SDKS-151]
- Fixed cosmetic issues on sample apps [SDKS-124, SDKS-132]
- Changed DropDown UI component in FRUI [SDKS-134]
- Initial release for FRAuth SDK
- Initial release for FRUI SDK
- Initial release for FRProximity SDK
- Initial Cocoapods deployment for beta version