[0.0.83] - Unreleased
---------------------
.. warning::
Manual migration required for LDAP backend: remove any existing ``oauthTrusted``
attributes from client entries.
Please follow the :ref:`ldap_schema_update` section.
Added
^^^^^
- OIDC originated connections display information about the client application on all
the authentication pages. :issue:`271`
- Account selection screen on login page. Previously logged-in users are displayed
as clickable cards with photos and names for quick re-authentication. :issue:`277`
- "Remember me" checkbox on login page. When checked (default), creates a 365-day
session and adds user to login history. When unchecked, session expires on
browser close and user is not saved to login history.
Changed
^^^^^^^
- Replace client ``trusted`` attribute with dynamic ``TRUSTED_DOMAINS`` configuration.
Clients are now automatically trusted based on their ``client_uri`` domain matching
patterns in the ``TRUSTED_DOMAINS`` setting. :issue:`290`
Fixed
^^^^^
- The SCIM endpoint correctly manages patching user passwords.
- Locale guessing prefer prefix matches. :issue:`128`
- Make the ``get`` command flags accept negative boolean. :issue:`266`
- The SQL backend can perform exact match searches on JSON list attributes. :issue:`278`
- Fix HTMX swapping for inline validation on email fields. :issue:`279`
- Fix Docker commands in the documentation. :issue:`283`
- Remove deprecated ``X-XSS-Protection`` header example in web server configurations. :issue:`293`