Kanidm

This is the ninth alpha series release of the Kanidm Identity Management
project. Alpha releases are to help get feedback and ideas from the community
on how we can continue to make this project better for a future supported release.

The project is shaping up very nicely, and a beta will be coming soon!

Release Highlights

* Inclusion of a Python3 API library
* Improve orca usability
* Improved content security hashes of js/wasm elements
* Performance improvements in builds
* Windows development and service support
* WebUI polish and improvements
* Consent is remembered in oauth2 improving access flows
* Replication changelog foundations
* Compression middleware for static assests to reduce load times
* User on boarding now possible with self service credential reset
* TOTP and Webauthn/Passkey support in self service credential reset
* CTAP2+ support in Webauthn via CLI
* Radius supports EAP TLS identities in addition to EAP PEAP

This is the eighth alpha series release of the Kanidm Identity Management
project. Alpha releases are to help get feedback and ideas from the community
on how we can continue to make this project better for a future supported release.

Release Highlights

* Foundations for cryptographic trusted device authentication
* Foundations for new user onboarding and credential reset
* Improve acis for administration of radius secrets
* Simplify initial server setup related to domain naming
* Improve authentication performance during high load
* Developer documentation improvements
* Resolve issues with client tool outputs not being displayed
* Show more errors on api failures
* Extend the features of account person set
* Link pam with pkg-config allowing more portable builds
* Allow self-service email addresses to be delegated
* Highlight that the WebUI is in alpha to prevent confusion
* Remove sync only client paths

What's Changed
* Added `num-enum` support for runtime enums by QnnOkabayashi in https://github.com/kanidm/kanidm/pull/585
* 509 scope mapping by Firstyear in https://github.com/kanidm/kanidm/pull/586
* Small fixes by Firstyear in https://github.com/kanidm/kanidm/pull/589
* Update outputs for "group" commands by yaleman in https://github.com/kanidm/kanidm/pull/591
* Integrated `compiled-uuid` into `kanidmd/src/lib/constants/uuids.rs` by QnnOkabayashi in https://github.com/kanidm/kanidm/pull/593
* updates pam module in docs by yaleman in https://github.com/kanidm/kanidm/pull/596
* Adding some extra fields to logging on-request by yaleman in https://github.com/kanidm/kanidm/pull/595
* changing errors to errors by yaleman in https://github.com/kanidm/kanidm/pull/599
* Fix state parameter to be string by Firstyear in https://github.com/kanidm/kanidm/pull/602
* Setup for testing webauthn subdomain support by Firstyear in https://github.com/kanidm/kanidm/pull/598
* updating docs because I wasn't the only one confused 😄 by yaleman in https://github.com/kanidm/kanidm/pull/606
* 20211010 rfc7662 token introspect by Firstyear in https://github.com/kanidm/kanidm/pull/607
* 278 603 OIDC implementation by Firstyear in https://github.com/kanidm/kanidm/pull/608
* Make sure that effective domain actually is descendant of rp_id by erictapen in https://github.com/kanidm/kanidm/pull/618
* Improve book and errors related to domain name and origin mismatch by Firstyear in https://github.com/kanidm/kanidm/pull/617
* add logging for oauth2 errors by yaleman in https://github.com/kanidm/kanidm/pull/620
* adding notes about OIDCRemoteUserClaim to the oauth2 book chapter by yaleman in https://github.com/kanidm/kanidm/pull/621
* Check before rename for 622 by yaleman in https://github.com/kanidm/kanidm/pull/624
* Add rinstall file by Firstyear in https://github.com/kanidm/kanidm/pull/625
* 256 business attributs by Firstyear in https://github.com/kanidm/kanidm/pull/626
* 20211216 tracing cleanup by Firstyear in https://github.com/kanidm/kanidm/pull/627
* Temp use env filter by Firstyear in https://github.com/kanidm/kanidm/pull/628
* Finalise email changes by Firstyear in https://github.com/kanidm/kanidm/pull/629
* Improve autofocus to oauth2 by Firstyear in https://github.com/kanidm/kanidm/pull/630
* Pre-release update and cleanup by Firstyear in https://github.com/kanidm/kanidm/pull/631

New Contributors
* erictapen made their first contribution in https://github.com/kanidm/kanidm/pull/618

**Full Changelog**: https://github.com/kanidm/kanidm/compare/v1.1.0-alpha.6...v1.1.0-alpha.7

This is the sixth alpha series release of the Kanidm Identity Management
project. Alpha releases are to help get feedback and ideas from the community
on how we can continue to make this project better for a future supported release.

It's also a special release as Kanidm has just turned 3 years old! Thank you all
for helping to bring the project this far! 🎉 🦀

Release Highlights

* Support backup codes as MFA in case of lost TOTP/Webauthn
* Dynamic menus on CLI for usernames when multiple sessions exist
* Dynamic menus on CLI for auth factors when choices exist
* Better handle missing resources for web ui elements at server startup
* Add WAL checkpointing to improve disk usage
* Oauth2 user interface flows for simple authorisation scenarioes
* Improve entry memory usage based on valueset rewrite
* Allow online backups to be scheduled and taken
* Reliability improvements for unixd components with missing sockets
* Error message improvements for humans
* Improve client address logging for auditing
* Add strict HTTP resource headers for incoming/outgoing requests
* Replace rustls with openssl for HTTPS endpoint
* Remove auditscope in favour of the new tracing logging subsystem
* Reduce server memory usage with entry tracking improvements
* Improvements to performance with high cache sizes
* Session tokens persist over a session restart