RETRACTED - v1.11.9

☠️ WARNING ☠️

This version contains a regression which can cause the refresh flow to fail for existing consent sessions. Please do not upgrade to this version. For new systems, you can still use this version.

---

This release introduces two new features:

• The ability to specify token lifespans on a per-client basis using a new HTTP endpoint;
• The additional context in the refresh token hook.

Bug Fixes

• Backport fix for client specific CORS (#1754) (#3163) (996258d)

• docs: Correct the tracing service name environment variable (6e2343c):

  While I believe this used to be specific to OTEL, it now appears to be
  configurable "globally", according to spec/config.json.

• Fixed configuration editor for the documentation page (#3105) (0a77a06):

  Closes ory/docs#722

• Handle server error when refresh token requests come same time (#3207) (e66ba3c)

• Link OIDC Certification image (#3124) (17b517f)

• Ping logic for SQL Registry (#3095) (a383b5a), closes #2734

• Swagger for dynamic client registration (#3141) (9902ec7)

• Updated process ending instructions (#3176) (b72491e):

  cmd + c doesn't end the process on macOS but ctrl + c does.

Code Generation

• Pin v1.11.9 release commit (8814e79)

Documentation

• Fix missing image (7925597)

Features

• Add session and requester to refresh token webhook data (#3204) (6d23859), closes #3203

• Add token_endpoint_auth_signing_alg to cli (#3148) (ed6eb30)

• Custom client token ttl (#3206) (9544c03), closes #3157:

  This change introduces a new endpoint that allows you to control how long client tokens last. Now you can configure the lifespan for each valid combination of Client, GrantType, and TokenType.

Changelog

• b0d672d autogen(docs): generate and bump docs
• 44b2c44 autogen(docs): regenerate and update changelog
• b62b21b autogen(docs): regenerate and update changelog
• b5af690 autogen(docs): regenerate and update changelog
• e586fd7 autogen(docs): regenerate and update changelog
• 3f96276 autogen(docs): regenerate and update changelog
• 9bc59be autogen(docs): regenerate and update changelog
• d0533c4 autogen(docs): regenerate and update changelog
• dd63a18 autogen(docs): regenerate and update changelog
• f0cb539 autogen(openapi): regenerate swagger spec and internal client
• dbf1056 autogen(openapi): regenerate swagger spec and internal client
• 5c8350e autogen(openapi): regenerate swagger spec and internal client
• 8814e79 autogen: pin v1.11.9 release commit
• 5127bb7 autogen: pin v1.11.9-pre.0 release commit
• 540d932 chore: delete semantic.yml
• ceada19 chore: deprecate coupon
• 1faa00b chore: display GitHub Action badge
• 87b20be chore: replace x/json.go with ory/x's jsonx patch (#3183)
• c9be891 chore: update repository templates
• fa87290 chore: update repository templates
• 88992d3 chore: update repository templates
• 6b954c2 chore: update repository templates
• 5a75323 chore: update repository templates
• 3fa88fc chore: update repository templates
• f2f1347 chore: update repository templates
• 2a4ad74 chore: update repository templates
• fbde500 chore: update repository templates
• 7925597 docs: fix missing image
• 6d23859 feat: add session and requester to refresh token webhook data (#3204)
• ed6eb30 feat: add token_endpoint_auth_signing_alg to cli (#3148)
• 9544c03 feat: custom client token ttl (#3206)
• 6e2343c fix(docs): correct the tracing service name environment variable
• 996258d fix: backport fix for client specific CORS (#1754) (#3163)
• 0a77a06 fix: fixed configuration editor for the documentation page (#3105)
• e66ba3c fix: handle server error when refresh token requests come same time (#3207)
• 17b517f fix: link OIDC Certification image (#3124)
• a383b5a fix: ping logic for SQL Registry (#3095)
• 9902ec7 fix: swagger for dynamic client registration (#3141)
• b72491e fix: updated process ending instructions (#3176)

Artifacts can be verified with cosign using this public key.