Airlock IAM 8.1

Highlights and important changes

Advanced OpenID Connect Scopes and Claims Handling

Scopes are used in OIDC to authorize access to personal information such as name or email address. Sometimes you want to handle scopes differently per application (RP) in the Authorization Server (AS) and issue different user attributes (claims) depending on the scopes. Thanks to this improvement, it is no longer necessary in these cases to configure a separate Authorization Server for each of the different requirements. Those who do not need this additional flexibility do not have to do anything: The existing configuration options remain unchanged.

FIDO Self-Services

Airlock IAM has supported FIDO tokens and passkeys for authentication since version 7.4. Version 8.1 gives end users even more control over these security keys: They can now view and delete their FIDO Tokens or link additional tokens to their accounts via the self-service feature. This not only makes users happy but also significantly reduces the effort on the part of the hotline or helpdesk.

Cloud-Native Operating Environments and Active-Active Setups

We go one step further when it comes to horizontal scaling or operating in a cloud environment (e.g. Kubernetes, OpenShift): The session state of the most important IAM components can now be offloaded to a Redis database. This makes it possible to run Active-Active installations. This facilitates the uninterrupted operation of Airlock IAM. The externalization to a Redis cache works for selected IAM functions for now and will be further expanded in the coming IAM versions.

Experiment with Self-Sovereign Identities

Decentralized identities (or Self-Sovereign Identities, SSI) are the next evolutionary step in identity management and form the technical basis for the national identities of Switzerland (E-ID) and Europe (EUDI). Airlock IAM 8.1 contains experimental SSI functions that can be used with the Swiss national E-ID sandbox. This allows basic use cases such as issuing and verifying digital IDs but also advanced SSI functions such as self-registration and authentication to be implemented. Airlock IAM thus bridges the gap between existing applications and the new SSI world. We are looking forward to your feedback!

Minor updates include:

  • Airlock 2FA device first-time-use condition
  • XML File importer error handling
  • User-lifecycle events
  • Self-Reg: Auth method migration
  • Init next Auth flow from public self service

Airlock IAM 8.1 is a minor release

Airlock IAM 8.1 is available on Docker Hub and Airlock Techzone. Updating to this minor release does not require any manual adjustments, which means your existing configuration can be migrated and activated without any problems.

Airlock IAM 8.0 will be supported until 01/2025. If you are still using IAM 7.6 or older, we recommend that you plan to upgrade to IAM 8.1 as soon as possible. Note that with the migration from 7.x to 8.x, the old JSP login app must be replaced.

Release videos

In our release-videos you will learn all the important details about Airlock IAM 8.1

Release video English: 

Release-video German: 

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge