Milestones and Roadmap
v2.0​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Make cookies with SameSite=None secure by default or using the configuration flag (hydra#1844)
- client_id case sensitivity is not properly enforced when using MySQL (hydra#1644) - @Patrik
- Client allowed_cors_origins not working (hydra#1754)
- Consider customizing 'azp' and 'aud' claims in ID Tokens (hydra#2042)
- Do not return
emailinid_tokenbut instead inuserinfofor specific response types (hydra#2163) - @hackerman - SQL persister uses | to store scopes and audiences without any escaping (hydra#2859) - @Grant Zvolský
Feat​
New feature or request.
Issues​
- Refactor client CLI (hydra#2124) - @Patrik
- Rename DEPRECATED_HIERARCHICAL_SCOPE_STRATEGY (hydra#1760) - @hackerman
- issuer in discovery document contains trailing '/' (hydra#1482)
- Make cookies with SameSite=None secure by default or using the configuration flag (hydra#1844)
- Consider recreating Hydra V2 database model instead of migrations (hydra#2902) - @Grant Zvolský, @hackerman
- Rename SDK methods to follow our OpenAPI spec guide (hydra#2908)
- No longer allow users to set the client ID (hydra#2911)
- Move to go-jose key generation (hydra#1825)
- Auth session cannot be prolonged even if the user is active (hydra#1690)
- Token claims customization with Jsonnet (hydra#1748) - @hackerman
- Update clients from cli (hydra#2020)
- Refactor SQL Migration tests to match new system (hydra#2901) - @Grant Zvolský, @hackerman
next​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Space character in secret.system value (hydra#2609) - @Patrik, @Jakub BÅ‚aszczyk
Feat​
New feature or request.
Issues​
- Reuse Detection in Refresh Token Rotation (hydra#2022)
Rfc​
A request for comments to discuss and share ideas.
Issues​
- Multi-region deployment support (hydra#2018)
v1.10​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Slow consent revocation request (hydra#1997)
- Report expired JWT assertion token to client (hydra#2066)
- Client update changes it's PK to 0 (hydra#2148) - @Patrik
- CORS error with v1.9 on localhost (hydra#2165) - @hackerman
- Invalid json response with get login request (hydra#2515)
- Invalid TLS config after upgrading to 1.10.2 (hydra#2518)
Pull Requests​
- Deprecate client flags in introspect (hydra#2011) - @hackerman
- fix: bump ory/fosite to v0.34.1 to address CVEs (hydra#2090) - @hackerman
- ci: resolve ci release issues (hydra#2094) - @hackerman
- Prepare OpenID Connect Conformity test suite with new profiles and regression fixes (hydra#2170) - @hackerman
- test: resolve conformity test suite concurrency issues (hydra#2181) - @hackerman
- test: completely refactor consent tests and resolve logout issue (hydra#2227) - @hackerman
Feat​
New feature or request.
Issues​
- Publish a generated csharp SDK (hydra#2017)
Pull Requests​
- perf: add (client_id, subject) index to access and refresh tables to improve revocation performance (hydra#2001) - @hackerman
- Prepare OpenID Connect Conformity test suite with new profiles and regression fixes (hydra#2170) - @hackerman
Blocking​
Blocks milestones or other issues or pulls.
Issues​
- Client update changes it's PK to 0 (hydra#2148) - @Patrik
- CORS error with v1.9 on localhost (hydra#2165) - @hackerman
Pull Requests​
- Deprecate client flags in introspect (hydra#2011) - @hackerman
- ci: resolve ci release issues (hydra#2094) - @hackerman
v1.11​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Introspection Response:
access_tokenandrefresh_tokenare not validtoken_type(hydra#1762) - RSA key generation is slow on ARM (hydra#1989)
-
loginRequest.requested_access_token_audienceshould not benull(hydra#2039) - Redirect URI should be able to contain plus (+) character (hydra#2055)
- Docs: rendering issue (?) on reference REST API (hydra#2092) - @Vincent
- Jaeger being unavailable is a fatal error that stops service from starting (hydra#2642)
Feat​
New feature or request.
Issues​
- consent: Improve remember for consent (hydra#1006)
- [Feature] Enhance Security Middleware (hydra#1029)
- cmd: Add upsert command for client CLI (hydra#1086) - @hackerman
- oauth2: Make cleaning up refresh and authz codes possible (hydra#1130) - @hackerman
- consent: Allow removing tokens without revoking consent (hydra#1142) - @hackerman
- OAuth Client authentication creation CLI jwks client field not present (hydra#1404)
- Add oAuth2Client to logoutRequest similar to loginRequest. (hydra#1483)
- Add a way to filter/sort the list of clients (hydra#1485) - @hackerman
- Remove "not before" claim "nbf" from JWT access token (hydra#1542)
- No way to handle 409 GetLoginRequestConflict. (hydra#1569) - @Alano Terblanche
- Add endpoint to Admin API to revoke access tokens (hydra#1728)
- Migrate to gobuffalo/pop (hydra#1730) - @Patrik
- CLI Migration Down (hydra#1763)
- Split HTTPS handling for public/admin (hydra#1962)
- issueLogoutVerifier should allow POST requests as well (hydra#1993)
- Expired token is considered an error (hydra#2031)
- Automatically set GOMAXPROCS according to linux container cpu quota (hydra#2033)
- Find out if a login/consent challenge is still valid (hydra#2057)
- Prometheus endpoint should not require x-forwarded-proto header (hydra#2072)
Pull Requests​
- feat: OpenID Connect Dynamic Client Registration and OAuth2 Dynamic Client Registration Protocol (hydra#2909) - @hackerman
Rfc​
A request for comments to discuss and share ideas.
Issues​
- Split HTTPS handling for public/admin (hydra#1962)
v1.7.0​
This milestone does not have a description.
Feat​
New feature or request.
Issues​
- "debug" log level outputs multiline logs (hydra#1958)
v1.6.0​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Loopback interface redirection with arbitrary port (hydra#1732)
Feat​
New feature or request.
Issues​
- Use consistent field types for logging (hydra#1683)
v1.5.0​
This milestone does not have a description.
Bug​
Something is not working.
Issues​
- Invalid ttl.refresh_token -1 (no expiration) (hydra#1811) - @Patrik
- /userinfo endpoint misses www-authenticate header for 401 response (hydra#1827)
- Superfluous response.writeHeader (hydra#1842) - @hackerman
- config: scopes_supported doesn't have offline_access (hydra#1866)
Feat​
New feature or request.
Pull Requests​
- refactor: move migrations to gobuffalo/fizz (hydra#1775) - @hackerman, @Patrik