Back to all versions
4.16.0
2025-05-22 minor
Features 2
- Allow managing invite code in secret generators (#12109)Instance admins can now manage the expiry and character sets of invite codes via the Admin API.Admin API
- FIPS 140-3 compliant build and runtime checks (#12233)Added FIPS 140-3 compliant build and runtime checks, including a separate build matrix for certified images.Security/Build
Bug Fixes 8
- Redirect to loginname instead of empty accounts page when organization scope filters all sessions (#12346, #11914)The Login V2 flow now correctly filters sessions by organization scope; if no eligible sessions exist, it redirects straight to the login name screen instead of an empty account selection.Login V2
- Increase performance of ListUser by login name (ignore case) (#12350)Optimized the ListUser query by login name to perform case-insensitive searches more efficiently.Core Architecture
- Allow custom protocols for native apps in login flow again (#12332)Restored support for custom protocol schemes (e.g., myapp://) for native apps by bypassing CSP prefetch restrictions.Login V2
- Prevent IDP auto-creation failure when name fields are missing (#11070)Prevents IDP auto-creation failures when profile fields are missing required data by redirecting to the registration completion step.Login V2
- Prevent double triggering of verification emails (#11995)Moved verification email triggering to server-side POST handlers to prevent race conditions that caused duplicate emails.Email Service
- Migrate Tailwind opacity utilities and fix checkbox contrast color (#12360)Updated Tailwind opacity utilities and fixed checkbox contrast by using CSS variables.UX/UI