Export - CSV (All fields)
Export - CSV (Current fields)
OPENIDM-15332
Privileges do not support IN clause in query filters
Privilege filtering should consider default roles
Extend delegated admin support to role grantsOPENIDM-14995
Privilege filter evaluation returns deny when same expression is used left and right of an 'or' condition
RFE for Identity Management (OpenIDM): OIDC Front and Back Channel Logout
On shutdown on Mac, error message "Failed to execute inactive script: router-authz.js"
Return names as well as labels in missingRequiredAttributes in error response
process-access.json: improve the way authorized roles are defined
openidm-admin and anonymous have userName property with OrientDB repo but not with JDBC repo
"IN" filter does not work for privilege filters
Wrap augmentSecurityContext invocations to collect modifications made by several script invocationsOPENIDM-16043
Support for Identity Connect's Salesforce Community feature.OPENIDM-16041
Implement the augmentSecurityContext script necessary to implement the org model
Add support for augmentSecurityContext script in rsfilter configuration
Intermittent ScriptThrownException "Couldn't read source file .../access.js" on startup under load
Delegated admin doesn't work for user who registers and logs in with Google idP
Investigate: Migration/integration effort for moving to managed/group for IDM authorization
Enhanced privilege calculation for JWT_SESSION module when enableDynamicRoles set to true
Only delegate for privilege access evaluation on failure
Add privilege names to info/login endpoint
Fix exception in delegated admin code
Define configuration surface to configure the managed objects and associated relationship fields targeted by conditional roles (managed and internal)
Java logic to replace the managed-user-processing logic in conditionalRoles.js
Expose config surface to allow users to specify the resource collection defining the 'grantee' set targeted by conditional internal roles
Java logic to create relationships to managed users (or equivalent) according to conditions defined in internal roles
Update with PATCH and PUT on internal user are not working anymore since OPENIDM-11433
Apply privileges to create requests
Not possible to create Managed User anymore with Oracle as a repo
New endpoint that determines the privileges associated with a given object
Attributes returned from queries and other requests should be filtered according to privileges
Include a README for Delegated Administration in the openidm-authz bundle
NPE X-OpenIDM-OAuth-Login: true without providing any token when invoking REST API
500 internal error when Referer header not provided with OAuth
DelegatedAdminFilter does not dissallow relationship attributes
Missing Privilege on an object path should default access to alwaysFalse().
Privileges not reset when different action is called from within a script hook
Advanced Authorization based on Privileges
Scope validation for request-specific client authorization
ADMIN UI FILTERED FOR CUSTOM RULE AND FUNCTIONALITIES
Change to access.js for general access to managed/user/* always results in 403
"pattern" property in access.js rules does not work when used on system endpoints
Relax restrictions on GET requests, so that the presence of a custom header isn't necessary
Separate different role types into different fields for managed/user
missing rules for "health" endpoints in access.js
review security endpoint rules in access.js
Unable to authenticate as Delegated admin in UI with multiple privileges
Privilege with filter does not work for mysql repo
Creation of Internal Role with empty name via REST for mysql repo should not be allowed
Validate relationship cardinality in ConditionalRelationshipGrantorImpl ctor
Vertex relationship signal receipt should compare vertex state as manipulated by onUpdate when making persistence determination