Releases: TankerHQ/sdk-ruby
Releases · TankerHQ/sdk-ruby
v2.29.0
OpenID Connect
The identity verification using the OIDC has been revamped to improve security and isolation between Tanker servers and an application server using Tanker:
- A new mandatory nonce, created through
create_oidc_nonce, should be used in OIDC authorization code flow. It allows:- Application server to deny any request using an IdToken already seen. Preventing Tanker from impersonating end-users
- Tanker to perform an additional challenge with end-users before accepting an IdToken. Preventing an Application server from impersonating end-users
- OIDC for provisional identity verification is not available anymore
The OIDC verification guide has been updated accordingly.
v2.28.0
v2.27.0
v2.26.0
Server operation
- Allow user enrollment server side through the new
enroll_userAPI. Follow the user enrollment guide for more detail about its usage.
v2.25.0
Local storage
- API breakage:
Options' constructor'swritable_pathhas been replaced bypersistent_pathandcache_path. They allow separating permanent device keys from the cache. - Upgrading to this version will force a verification on all devices.
Misc improvements
- Improved error reporting when using invalid identities.
- Tanker's state is now
Stoppedafter aConflictonverify_identity.
v2.24.0
Pre-verified verification methods
It is now possible to use pre-verified verification methods with set_verification_method, see the dedicated guide.
Error Handling
- Correctly throw
PreconditionFailedinstead ofInternalErrorwhen using 2FA without activating the feature beforehand.
v2.23.0
v2.22.0
v2.21.0
v2.20.0
- It is now possible to remove users from groups with update_group_members