Kantega SSO Enterprise 6.3.x release notes

We are pleased to announce Kantega SSO Enterprise 6.3.

Note that this version will trigger an update of config warning in the Configuration status page upon install. It will convert your settings for Disable Traditional Login and Disable Basic Auth to a new format.

 

Read the update notes for important information about this release if you’re updating from major versions 5.x or 4.x, and see the full changelog below.

 

 

Compatible applications

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.

Application

Compatible from Server version

Compatible from Data Center version

Application

Compatible from Server version

Compatible from Data Center version

Bamboo

7.2.1

8.0.1

Bitbucket

7.6.0

7.6.0

Confluence

7.9.0

7.9.0

Jira

8.12.0

8.12.0

Changelog

Changes in 6.3.0

Dec 2, 2022 13:00 CET

New features in IP restriction basic auth, cloud user sync, traditional login

Features

  • traditional login ‘Disable Traditional Login’ has been renamed to Prevent Traditional Login, and the UI has been improved with more precise texts. The ‘Disable Basic Auth’ feature has been separated into its own page and is no longer dependent on Traditional Login. You can now also prevent traditional login for JSM users (non-licensed customers) and Jira users (jira-software or jsm agents) separately, with other under-the-hood improvements as well. This change incurs a breaking change, and you will get an “Update Config” prompt.

  • basic auth Basic Auth settings has been moved to its own page, and you can now configure IP restrictions to control which clients should be able to use Basic Auth.

  • keycloak api connector We are happy to announce that we have added API Connector user sync support for Keycloak, with equivalent capabilities to the user sync capabilities for Azure, Okta and Google.

  • google api connector We have added nested groups to the Google Workspace (previously Google GSuite) Connector. This means that when a group is member of another group, the members of a “child group” will also get memberships to the “parent” group.

Improvements

  • saml/OIDC kerberos Reset captcha counter on SSO login.

Bug fixes

  • api connectors The “Set up provider” link from API Connectors (which is present when you have no IDP, but have configured an API connector) gave a proxy error due to method POST on the link to the IDP setup Wizard

  • proxy rule The /proxy-rule page gave an incorrect back-link when not visited from a page with IP restriction settings.