You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Documentation
[High assurance] Added section on the fundamentals of high assurance scenarios (step-up authentication, advanced protection, and LoA)
Relying Party
[API] Expanded /attestation/result API to indicate if new registration was low or high assurance
[API] Expanded /assertion/result API to indicate if session was authenticated with low or high assurance credential
[API] API methods added to support advanced protection
[Database] New field added to indicate if a credential is low or high assurance
[Java app] Relying party no longer deletes a registration from the database, instead opting to utilize a status flag to indicate deletion
[Java app] Relying party allows for a user to declare advanced protection for their account
[Java app] Now allows for the creation of an allow list
[Deployment] Deployment moved to the deploy folder, scripts and env variables simplified
Identity Provider
[Keycloak] New SPI created to support high assurance bank example
Deployment
[Docker] Docker files moved to the deploy folder
[ENV] Environment variables consolidated to single file, with multiple templates
High assurance example
[Web] New react app added to simulate an online banking service. This is used to demonstrate UX best practices, step up authentication, advanced protection, and level of assurance
[Mobile] New iOS application added to support high assurance examples including reg/auth and step-up authentication
[Bank API] New Java app added to simulate an online banking service. This is used to by the bank client to demonstrate step up authentication based on low and high assurance policies
