13th January 2020
Version 1.1.0 of the SAML service is now available, and has been updated to include the following:
- FLOW-692: Previously, the SAML service did not perform a re-check of assertion values when the service authorization point was called for a second time (joining the flow for example). With this fix, the SAML service now performs a re-check of assertion values for the user, ensuring that user authorization is performed correctly. This fix also aligns the token validity window with the SAML assertion conditions NotBefore and NotOnOrAfter.
- FLOW-862: Assertions without expiration time configured are now by default only valid for a period of up to 14 minutes. This means that after 15 minutes a user running a flow protected by the SAML Service will be redirected to the Identity Provider (IdP) to obtain a new assertion if the IdP is sent an assertion without an expiration time (NotAfter condition).
- FLOW-863: The login URL is no longer populated when a SAML authenticated user tries to run a flow that is then restricted for them by user or group permissions configured within Boomi Flow itself.