Version 1.0.0
- Added CORS support
- Added custom first party endpoints support
- Added Credential Intelligence, including support for:
- Credential path matching via exact route or regular expression
- Extracting credentials from body, header, query-param, or via custom callback
- Single-step (v2) and multistep (
multistep_sso) hashing protocols - Reporting on login successful via status code, body regex, header, or via custom callback
- Sending additional S2S activity automatically, via API function call, or transfer via request headers
- Sending the raw username on the additional S2S activity if configured
- Added Account Defender, including support for:
- Reporting of the cross tab session cookie
- Extracting user ID and additional fields from cookie- or header-based JWT
- Changed where the Enforcer context is saved from the Enforcer to the Azure execution context
- Allows for initializing the Enforcer outside the HTTP trigger function
- Requires API changes in
postEnforcefunction, which must now receive the Azure context as a parameter