Appearance
ProAuth 2.1.3
This release marks a significant milestone in the 2.1.x series, introducing advanced Token Exchange patterns and comprehensive OpenTelemetry (OTEL) integration for enterprise-grade observability.
ACTION REQUIRED
Observability Helm Configuration The observability configuration block in the Helm chart has been refactored. If you utilize Zipkin, OTLP, or custom logging levels, you must update your values.yaml:
- Zipkin:
zipkin->zipkinExporter - OTLP:
otlp->otlpExporter - Logging:
logs->logLevels
Features
Core Core
- Advanced Token Exchange: Introduced support for the RFC 8693 Token Exchange pattern. This allows for sophisticated "On-Behalf-Of" scenarios (User token from App A to App B) and external service principal federation. This is critical for microservices architectures where identity propagation is required across multiple service hops (#2828).
- Proactive Documentation: The technical documentation has been completely overhauled and redeployed as a static web application at docs.proauth.net, providing a faster, searchable, and more intuitive experience for developers and system integrators (#2792).
- Initialization & Validation:
- Resolved a
TokenIDwarning in the database initializer job, ensuring cleaner deployment logs (#2752). - Fixed a validation error in the user store that prevents record updates when an initial password has not been set (#2835).
- Resolved a
Infrastructure Infrastructure
- OpenTelemetry (OTEL) Integration: Enhanced the monitoring suite with native OTEL support. This allows ProAuth to export distributed traces and metrics to any compliant vendor (e.g., Azure Monitor, Jaeger, Honeycomb) using the standard OTLP protocol (#2797).
Security Security
- Dependency Hardening: Removed all dependencies on the Bouncy Castle cryptographic library. License management is now handled via a high-performance custom implementation, reducing the overall attack surface and binary footprint (#2832).
AdminApp AdminApp
- Stability & Performance: Fixed a token parsing error in the AdminApp's session handler that occasionally triggered unnecessary re-authentications, resulting in a smoother administrative experience (#2837).