pocket-id-pocket-id-1/CHANGELOG.md

(2025-04-27)

Features

• device authorization endpoint (#270) (22f7d64)
• make family name optional (#476) (630327c)

Bug Fixes

• do not override XDG_DATA_HOME/XDG_CONFIG_HOME if they are already set (#472) (22725d3)
• pass context to methods that were missing it (#487) (4c33793)
• prevent deadlock when trying to delete LDAP users (#471) (270c303)
• rootless Caddy data and configuration (#470) (76b753f)

(2025-04-20)

Features

• add ability to disable API key expiration email (9122e75)
• add ability to send login code via email (#457) (fe1c4b1)
• add description to callback URL inputs (eb689eb)
• send email to user when api key expires within 7 days (#451) (26f01f2)

Bug Fixes

• disable animations not respected on authorize and logout page (e571996)
• hide alternative sign in button if user is already authenticated (4e05b82)
• locale change in dropdown doesn't work on first try (60bad9e)
• remove limit of 20 callback URLs (c37a3e0)

(2025-04-18)

Features

• add gif support for logo and background image (56a8b5d)
• disable/enable users (#437) (c843a60)

Bug Fixes

• add "type" as reserved claim (0111a58)
• callback URL doesn't get rejected if it starts with a different string (f0dce41)
• profile picture empty for users without first or last name (#449) (5a6dfd9)
• user querying fails on global audit log page with Postgres (84f1d5c)

(2025-04-16)

Features

• add qrcode representation of one time link (#424) (#436) (abf17f6)
• disable animations setting toggle (#442) (b45cf68)

Bug Fixes

• define token type as claim for better client compatibility (adf7458)

(2025-04-13)

Features

• global audit log (#320) (b65e693)
• implement token introspection (#405) (7e5d16b)
• modernize ui (#381) (9881a1d)
• onboarding: Added button when you don't have a passkey added. (#426) (72061ba)

Bug Fixes

• add missing rollback for LDAP sync (658a9ca)
• create reusable default profile pictures (#406) (734c681)
• ensure file descriptors are closed + other bugs (#413) (2f76461)
• ensure indexes on audit_logs table (#415) (9e88926)
• ignore profile picture cache after profile picture gets updated (4ba6893)
• improve LDAP error handling (#425) (796bc7e)
• use transactions when operations involve multiple database queries (#392) (ec626ee)
• use UUID for temporary file names (ccc18d7)

Performance Improvements

• run async operations in parallel in server load functions (1762629)

(2025-03-29)

Features

• add support for ECDSA and EdDSA keys (#359) (96876a9)

Bug Fixes

• ldap users aren't deleted if removed from ldap server (7e65827)
• use value receiver for AuditLogData (cbd1bbd)
• use WAL for SQLite by default and set busy_timeout (#388) (519d58d)

(2025-03-25)

Features

• add OIDC refresh_token support (#325) (b8dcda8)

Bug Fixes

• hash the refresh token in the DB (security) (#379) (8c96381)
• skip ldap objects without a valid unique id (#376) (cdfe816)
• stop container if Caddy, the frontend or the backend fails (e6f5019)

(2025-03-20)

Bug Fixes

• wrong base locale causes crash (3120ebf)

(2025-03-20)

Features

• add support for translations (#349) (269b5a3)
• passkeys: name new passkeys based on agguids (#332) (041c565)

(2025-03-18)

Bug Fixes

• kid not added to JWTs (f7e36a4)

(2025-03-18)

Features

• store keys as JWK on disk (#339) (a7c9741)

(2025-03-18)

Features

• profile-picture: allow reset of profile picture (#355) (8f14618)

Bug Fixes

• own avatar not loading (#351) (0423d35)

(2025-03-16)

Bug Fixes

• API keys not working if sqlite is used (8ead0be)
• caching for own profile picture (e45d9e9)
• email logo icon displaying too big (#336) (b483e2e)
• emails are considered as medium spam by rspamd (#337) (39b7f66)
• Fixes and performance improvements in utils package (#331) (348192b)
• remove custom claim key restrictions (9f28503)

(2025-03-13)

Features

• allow setting path where keys are stored (#327) (7b654c6)

Bug Fixes

• docker: missing write permissions on scripts (ec4b41a)

(2025-03-11)

Features

• api key authentication (#291) (62915d8)

Bug Fixes

• alternative login method link on mobile (9ef2ddf)

(2025-03-10)

Features

• add env variable to disable update check (31198fe)

Bug Fixes

• redirection not correctly if signing in with email code (e5ec264)
• typo in account settings (#307) (c822192)

(2025-03-10)

Features

• account: add ability to sign in with login code (#271) (eb1426e)
• increase default item count per page (a9713cf)

Bug Fixes

• add back setup page (6a8dd84)
• add timeout to update check (04efc36)
• make sorting consistent around tables (8e344f1)

(2025-03-06)

Features

• display groups on the account page (#296) (0f14a93)
• enable sd_notify support (#277) (91f254c)

Bug Fixes

• default sorting on tables (#299) (ff34e3b)

(2025-03-03)

Bug Fixes

• support LOGIN authentication method for SMTP (#292) (2d733fc)

(2025-03-03)

Bug Fixes

• profile picture orientation if image is rotated with EXIF (1026ee4)

(2025-03-01)

Bug Fixes

• add groups scope and claim to well known endpoint (4bafee4)
• profile picture of other user can't be updated (#273) (ef25f6b)
• support POST for OIDC userinfo endpoint (1652cc6)

(2025-02-25)

Bug Fixes

• add option to manually select SMTP TLS method (#268) (01a9de0)
• ldap: sync error if LDAP user collides with an existing user (fde951b)

(2025-02-24)

Bug Fixes

• delete profile picture if user gets deleted (9a167d4)
• updating profile picture of other user updates own profile picture (887c5e4)

(2025-02-22)

Bug Fixes

• add validation that PUBLIC_APP_URL can't contain a path (a6ae7ae)
• binary profile picture can't be imported from LDAP (840a672)

(2025-02-19)

Features

• add ability to upload a profile picture (#244) (652ee6a)

Bug Fixes

• app config strings starting with a number are parsed incorrectly (816c198)
• emails do not get rendered correctly in Gmail (dca9e7a)

(2025-02-16)

Features

• add LDAP group membership attribute (#236) (39b46e9)

(2025-02-14)

Features

• add end session endpoint (#232) (7550333)

Bug Fixes

• alignment of OIDC client details (c3980d3)
• layout of OIDC client details page on mobile (3de1301)
• show "Sync Now" and "Test Email" button even if UI config is disabled (4d0fff8)

(2025-02-13)

Features

• add ability to set custom Geolite DB URL (2071d00)

(2025-02-12)

Features

• add ability to override the UI configuration with environment variables (4e85842)
• add warning for only having one passkey configured (#220) (39e403d)
• display source in user and group table (#225) (9ed2adb)

Bug Fixes

• user linking in ldap group sync (#222) (2d78349)

(2025-02-08)

Features

• add custom ldap search filters (#216) (626f87d)
• update host configuration to allow external access (#218) (bea1158)

(2025-02-05)

Features

• add JSON support in custom claims (15cde6a)
• add option to disable Caddy in the Docker container (e864d5d)

(2025-02-04)

Bug Fixes

• don't return error page if version info fetching failed (d06257e)

(2025-02-03)

Features

• allow LDAP users and groups to be deleted if LDAP gets disabled (9ab1787)
• map allowed groups to OIDC clients (#202) (13b02a0)

Bug Fixes

• caddy: trusted_proxies for IPv6 enabled hosts (#189) (37a835b)
• missing user service dependency (61e71ad)
• non LDAP user group can't be updated after update (ecd74b7)
• use cursor pointer on clickable elements (7798580)

(2025-01-27)

Bug Fixes

• smtp hello for tls connections (#180) (781ff7a)

(2025-01-24)

Bug Fixes

• add __HOST prefix to cookies (#175) (164ce6a)
• send hostname derived from PUBLIC_APP_URL with SMTP EHLO command (397544c)
• use OS hostname for SMTP EHLO message (47c39f6)

(2025-01-22)

Features

• display private IP ranges correctly in audit log (#139) (72923bb)

Bug Fixes

• add save changes dialog before sending test email (#165) (d02f475)
• ensure the downloaded GeoLite2 DB is not corrupted & prevent RW race condition (#138) (f7710f2)

(2025-01-20)

Features

• support wildcard callback URLs (8a1db0c)

Bug Fixes

• non LDAP users get created with a empty LDAP ID string (3f02d08)

(2025-01-19)

Bug Fixes

• disable account details inputs if user is imported from LDAP (a8b9d60)

(2025-01-19)

Features

• add LDAP sync (#106) (5101b14)
• allow sign in with email (#100) (06b90ed)
• automatically authorize client if signed in (d5dd118)

Bug Fixes

• always set secure on cookie (#130) (fda08ac)
• don't panic if LDAP sync fails on startup (e284e35)
• improve spacing of checkboxes on application configuration page (090eca2)
• search input not displayed if response hasn't any items (05a98eb)
• session duration ignored in cookie expiration (bc8f454)

(2025-01-13)

Bug Fixes

• audit log table overflow if row data is long (4d337a2)
• optional arguments not working with create-one-time-access-token.sh (8885571)
• remove restrictive validation for group names (be6e25a)

(2025-01-11)

Features

• add sorting for tables (fd69830)

Bug Fixes

• pkce state not correctly reflected in oidc client info (61d18a9)
• send test email to the user that has requested it (a649c4b)

(2025-01-03)

Features

• add PKCE for non public clients (adcf3dd)
• use same table component for OIDC client list as all other lists (2d31fc2)

(2025-01-01)

Features

• add warning if passkeys missing (2d0bd8d)

Bug Fixes

• allow first and last name of user to be between 1 and 50 characters (1ff20ca)
• hash in callback url is incorrectly appended (f6f2736)
• make user validation consistent between pages (333a1a1)
• passkey can't be added if PUBLIC_APP_URL includes a port (0729ce9)

(2024-12-17)

Features

• improve error state design for login page (0716c38)

Bug Fixes

• OIDC client logo gets removed if other properties get updated (789d939)

(2024-12-13)

Bug Fixes

• create-one-time-access-token.sh script not compatible with postgres (34e3519)
• wrong date time datatype used for read operations with Postgres (bad901e)

(2024-12-12)

Features

• add support for Postgres database provider (#79) (9d20a98)

(2024-11-29)

Features

• geolite: add Tailscale IP detection with CGNAT range check (#77) (edce3d3)

(2024-11-28)

Features

• add option to disable TLS for email sending (f9fa2c6)
• allow empty user and password in SMTP configuration (a9f4dad)

Bug Fixes

• email save toast shows two times (f2bfc73)

(2024-11-26)

⚠ BREAKING CHANGES

• add option to specify the Max Mind license key for the Geolite2 db

Features

• add option to specify the Max Mind license key for the Geolite2 db (fcf08a4)

Bug Fixes

• don't try to create a new user if the Docker user is not root (#71) (0e95e9c)

(2024-11-24)

Features

• add health check (058084e)
• improve error message for invalid callback url (f637a89)

(2024-11-21)

Features

• add option to skip TLS certificate check and ability to send test email (653d948)
• add PKCE support (3613ac2)

Bug Fixes

• mobile layout overflow on application configuration page (e784093)

(2024-11-11)

Features

• add audit log event for one time access token sign in (aca2240)

Bug Fixes

• overflow of pagination control on mobile (de45398)
• time displayed incorrectly in audit log (3d3fb4d)

(2024-11-01)

Features

• add list empty indicator (becfc00)

Bug Fixes

• errors in middleware do not abort the request (376d747)
• typo in Self-Account Editing description (5b9f4d7)

(2024-10-31)

Features

• add ability to define expiration of one time link (2ccabf8)

(2024-10-28)

Features

• add option to disable self-account editing (8304065)
• add validation to custom claim input (7bfc3f4)
• custom claims (#53) (c056089)

(2024-10-25)

Features

• add email_verified claim (5565f60)

Bug Fixes

• powered by link text color in light mode (18c5103)

(2024-10-23)

Features

• add script for creating one time access token (a1985ce)
• add version information to footer and update link if new update is available (70ad0b4)

Bug Fixes

• cache version information for 3 hours (29d632c)
• improve text for initial admin account setup (0a07344)
• increase callback url count (f3f0e1d)
• no DTO was returned from exchange one time access token endpoint (824c5cb)

(2024-10-18)

Features

• add environment variable to change the caddy port in Docker (ff06bf0)
• use improve table for users and audit logs (11ed661)

Bug Fixes

• allow copy to clipboard for client secret (29748cc)

(2024-10-11)

Bug Fixes

• add key id to JWK (282ff82)

(2024-10-04)

Features

• add location based on ip to the audit log (025378d)

(2024-10-03)

Bug Fixes

• initials don't get displayed if Gravatar avatar doesn't exist (e095628)

(2024-10-03)

⚠ BREAKING CHANGES

• add ability to set light and dark mode logo

Features

• add ability to set light and dark mode logo (be45eed)

(2024-10-02)

Features

• add copy to clipboard option for OIDC client information (f82020c)
• add gravatar profile picture integration (365734e)
• add user groups (24c948e)

Bug Fixes

• only return user groups if it is explicitly requested (a4a90a1)

(2024-09-26)

Bug Fixes

• add space to "Firstname" and "Lastname" label (#31) (d6a9bb4)
• port environment variables get ignored in caddyfile (3c67765)

(2024-09-19)

Bug Fixes

• updated application name doesn't apply to webauthn credential (924bb14)

(2024-09-16)

Features

• email: improve email templating (#27) (64cf562)

Bug Fixes

• debounce oidc client and user search (9c2848d)

(2024-09-09)

Features

• add audit log with email notification (#26) (9121239)

(2024-09-06)

Features

• add name claim to userinfo endpoint and id token (4e7574a)

Bug Fixes

• limit width of content on large screens (c6f83a5)
• show error message if error occurs while authorizing new client (8038a11)

(2024-09-03)

Features

• add setup details to oidc client details (fd21ce5)
• add support for more username formats (903b0b3)

Bug Fixes

• non pointer passed to create user (e7861df)
• oidc client logo not displayed on authorize page (28ed064)
• typo in hasLogo property of oidc dto (2b9413c)

(2024-08-24)

Bug Fixes

• empty lists don't get returned correctly from the api (97f7fc4)

(2024-08-23)

Features

• add support for multiple callback urls (8166e2e)

Bug Fixes

• db migration for multiple callback urls (552d7cc)

(2024-08-19)

Bug Fixes

• session duration can't be updated (4780548)

(2024-08-19)

Features

• add INTERNAL_BACKEND_URL env variable (0595d73)
• add user info endpoint to support more oidc clients (fdc1921)
• change default logo (9eec7a3)

(2024-08-13)

Bug Fixes

• add missing passkey flags to make icloud passkeys work (cc407e1)
• logo not white in dark mode (5749d05)

(2024-08-13)

Features

• add option to change session duration (475b932)

Bug Fixes

• a non admin user was able to make himself an admin (df0cd38)
• background image not loading (7b44189)
• background image on mobile (4a808c8)
• disable search engine indexing (8395492)

(2024-08-12)

Features

• add rounded corners to logo (bec908f)

Bug Fixes

• one time link not displayed correctly (486771f)

(2024-08-12)