0.14.3 (2023/12/05)
New and Improved
- Added the ability to enforce rate limits on the Controller API. This version
enables rate limits by default. For details on the default rate limits,
how to configure rate limits, and how to disable rate limiting see the
noted PR. (PR) - Add support for OIDC prompts. Using prompts, the Relying Party (RP) can
customize the authentication and authorization flow to suit their specific
needs and improve the user experience. [OIDC Authentication request]
(https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest) server.
(PR)
Bug Fixes
-
Update go-kms-wrapping/extras/kms dependency to allow external wrappers
without a key id to be used within a KMS config stanza. Note: this fix allows
GCP KMS keys to be again with Boundary, which had stopped working in v0.13.0.
(PR) -
Two Vault client settings were not being properly used when constructing a
Vault client. (PR)The
TLS Skip Verifysetting was only being set if aCA Certwas also
configured. This fix sets theTLS Skip Verifywhen configured regardless of
other settings.The
TLS Server Namesetting was never being set. Bad programmers. This fix
now sets it on the Vault client if the Vault Credential Store has been
configured to use a value for this setting.