Version 2.5.00

Version 2.5.00

Bug fixes

• App Crashes ios MAS SDK 2.3. [DE586232]
• Include a Privacy Manifest in MAS SDK. [DE602496]
• iOS Mobile SDK MASRequest fails when monitoring libraries are in the build. [DE562985]

New features

• Support for iOS 18. [F144209]
• SDK: iOS Privacy Manifest. [F146323]

Deprecated methods

• None

Version 2.4.00

Version 2.4.00

Bug fixes

• Fixed the exceptions noted during the encryption and decryption operations with the MAS SDK from the KeyUtilsSymetric file.
• A new pinning mode configuration is offered in which SDK allows requests if any one of the certificates provided in SDK security configuration is valid with respect to the server certificate chain.
• The MAS library crashed due to fast enumeration and an array being mutated during enumeration. Fixed the issue by switching to classic for loop, which avoids enumeration and mutation while in the loop.
• Fixed the crash issues and notified the customer not to use MASDevice resetLocally, which is intended to clear the login session.
• Resolved the issue of false positives arising from replay attacks through increasing the size of the iOS MAG SDK nonce.

New features

• Mobile SDK now supports Android version 14 and iOS version 17.
• Mobile SDK supports SSL Pinning Modes which begins SSLPinning when at least one of the certificates specified in the SDK Configuration is valid. For more information, see SSL Pinning and SSL Trusted Certificates.
• The Android Mobile SDK is validated against the new Firebase API. For more information on Firebase Cloud Messaging, see Enable Android Push Notification Service

Deprecated methods

• None

Version 2.3.00

Version 2.3.00

Bug fixes

• Resolved a security issue with MAG access tokens when they were passed as query parameters for social login.
• Resolved an external browser issue that prevented the DigiD app from completing the registration process.
• Fixed an issue with refresh token expiry time, which was causing the session to continue even though the access token was expired.
• Resolved certificate pinning issue while embedding SSL certificates inside the msso_config.json file on Android.
• Fixed a token revocation issue in which values are passed as query parameters when revoking the refresh_token.
• Fixed a validation issue where it would validate a public key hash as successful if it found one of the hashes rather than checking for all of them.
• Resolved an issue with Account Manager that prevented the creation of a new account or the deletion of an existing account.
• Resolved the issue with multiple AuthProvider calls initiation that occurred before and after device registration as well as before login.

New features

• Support for System Native Safari Browser for Browser Based Authentication (For cases where external app redirection requires cookie cache access).
• With OAuth 2.0 Token Revocation, clients can revoke access tokens or refresh tokens issued by authorization server at any time.
• Logging enhancements and support for "File Logging".
• Mobile SDK now supports Android version 13 and iOS version 16.
• Mobile SDK supports SSL Pinning Modes so that you no longer have to pin against only one certificate in the chain.
• Android requires host name validation to access end point. You can now choose to enable or disable hostname verification. Default : Enabled.
• The Android SDK now allows you to configure data storage in a more secure manner. For more information on additional dependencies for secure data storage.
• This release addressed all exception violations found in the SDK, such as illegal catches, empty catch blocks, unused variables, unnecessary object creation, and so on.
• The existing Sun Library is replaced with the Bouncycastle API.
• Nimbus Library is updated from 8.6 to 9.22 version.

Deprecated methods

• None

Version 2.2.10 Pre-release

Testing the 2.3.00 release

Version 2.2.00

Version 2.2.00

Bug fixes

• Resolved an issue where the refresh token becomes null when network is lost.
• Resolved SCIM calls visibility issue.
• Resolved an issue where iOS certificate renewal does not happen when renewal request is sent.
• Resolved an issue where the cache is cleared when using a third-party app for authentication.
• Resolved an issue where the user gets logged out if 500 error is returned from MAG Server during token refresh.
• RSA-PSS is now supported and TLS 1.3 is also supported in MAG SDK.
• Resolved an issue where MAS library fails to parse Ciphers if language is set to Turkish.
• Resolved an issue where the authorization calls are called twice after token refresh calls.
• Resolved an issue where multipart requests get corrupted and have two boundaries.

New features

• Support for Browser-based Authentication After Third-Party App Authentication.
• Support for ASWebAuthenticationSession for Authentication.
• Support for Disabling SSL Pinning.
• Support for RSA-PSS and TLS 1.3.
• Support for iOS 15.
• Support for Android 12.

Version 2.1.00

Version 2.1.00

Bug fixes

• Replaced UIWebView with WKWebView.
• Conflict with Dynatrace framework 'appendUTF8String' & 'appendBITString' api.

New features

• The Cancel Request API allows any data task or HTTP request to be cancelled.

Version 1.9.20

• Updates for iOS 13

Version 1.9.00

• iOS and Xamarin-iOS SDKs now support iOS version 12.
• Create Custom Device Attributes
• New Social Login Blueprint
• Improved iOS Device Registration
• RS256 Support
• JWT Access Token Support
• ProGuard Compatibility

Version 1.8.00

• Android P Support
• Secure Account Manager Storage for Android
• New Apple Face ID Setting for User Session Lock/Unlock (iOS, Xamarin-iOS, Cordova)
• Offline Logout (iOS, Android, Xamarin, Cordova)

Version 1.7.10

• New Cordova User Authentication Methods
• Support for JSON Array Object