Product Newsletter June 2024

Maximilian Panne
Maximilian Panne

COO

In this newsletter, I want to share updates about our platform, and provide some tips on how you can simplify your identity infrastructure.

Feature highlights

In June, we shipped over 60 bug fixes, improvements, and new features. Most of those changes were released with ZITADEL v2.55.0, so make sure you are running the latest version.

New password expiry feature

ZITADEL has introduced a new password age policy feature, enabling organizations to require users to change their passwords regularly. This feature can be easily managed through the Console UI at both instance and organization levels. Users will be prompted to change their password in the Login UI if their current password exceeds the defined age limit. This enhancement strengthens ZITADEL's password management capabilities and provides organizations with greater control over their password lifecycle.

ZITADEL Console UI password expiry settings

Limit requested roles with new scope

A new scope was introduced to address the issue of excessive roles being returned in tokens (and as such increasing their size) for users belonging to multiple organizations. This new scope allows administrators and applications to specify which organizations' roles should be included in the token, thus streamlining access control for specific use cases. By using the new scope, either once or multiple times, only the roles of the specified organizations will be included in the token. It's important to note that this feature is not compatible with legacy mode for Introspection or Userinfo endpoints.

Reserved Scopes

More performance improvements

ZITADEL's performance continues to improve as the team works to identify and eliminate bottlenecks. Notably, import operations for large quantities of project grants will witness a substantial enhancement. Furthermore, a significant improvement has been made to OpenID Connect / OAuth 2.0 session checks, effectively addressing recent observations identified during load testing.

Sending test emails

The newly introduced feature has enhanced ZITADEL’s SMTP functionality by introducing a new testing step within the SMTP provider wizard. This allows administrators to verify their SMTP configuration before saving or updating it, preventing potential issues with email delivery. Additionally, the existing table of SMTP providers now includes a test option for existing configurations. This streamlined testing process ensures that email settings are correct from the outset, saving time and effort. This feature was contributed by the community - thank you for your efforts!

ZITADEL Console UI sending test email during configuration of SMTP

Changelog

ZITADEL achieves ISO 27001 certification, reinforcing commitment to security

In a significant milestone for ZITADEL's commitment to security and data protection, we have achieved ISO 27001 certification for our information security management system (ISMS). This internationally recognized standard validates our dedication to maintaining the highest levels of security for our customers' data.

To provide further transparency and information about our security practices, we have also updated our Trust Center. This resource offers comprehensive details on our security posture, policies, and certifications.

ZITADEL Achieves ISO 27001 Certification

21 more reasons to celebrate: Community contributions in June

  • Many Console UI improvements were contributed by doncicuto improving the user experience for administrators and users. Moreover doncicuto made it possible to send test mails for SMTP configurations and further improvements to mail providers.
  • JesperWe made it possible for Swedish speakers to use their beautiful native language
  • Schettn created a guide to integrate with the Pylon framework

Many thanks to the contributors this month for their efforts, helping to improve documentation, tests, and fixing bugs in our code: dkaminer, panapol-p, jvanderneutstulen, danielmoisa, Loddan, Yxnt, Cubox, danielloader, jfschubert

Thinking of contributing? Grab a ‘good first issue’ or start a discussion.

Contributing guide

Additional resources

Liked it? Share it!