Changelog

ZITADEL
Back to all versions

4.5.0

2025-10-27
minor

Features 1

  • Japanese localization for login frontend app (#10811)
    Added support for the Japanese language in the login frontend application.
    login

Bug Fixes 11

  • Add CommonName to SAML SP certificate (#10700, #10700, #9048) high
    Added missing CommonName (CN) to SAML Service Provider certificate to ensure compatibility with SPs like Keycloak.
    auth
  • API: add missing InIDsFilter medium
    api
  • Assets API: add error handling for missing file paths (#10938) medium
    assets-api
  • Auth: allow LDAP sign-in with special characters (#10798, #10857) high
    Fixed LDAP sign-in failure for usernames containing special characters (e.g., äöüß).
    auth
  • Console: create login policy before adding a factor (#10202, #9047) high
    Fixed inability to add second MFA factor when passwordless login is enabled in login policy.
    console
  • Login v1: handle old sessions in logout (#10926) medium
    login
  • Login: add organization scoping to IDP auto-linking (#10931) high
    Added organization scoping to prevent incorrect auto-linking across organizations.
    login
  • Login: fallback for IDP login (#10876, #10671) high
    Fixed IDP login failure when IDP user already exists in ZITADEL.
    login
  • Login: provide postError redirect URL for IDP flows (#10883) high
    Fixed missing error page after IDP login errors.
    login
  • Login: send invite codes only for users with unverified email (#10943) medium
    Prevented unnecessary invite codes for users with already verified emails.
    login
  • OIDC: accept localhost redirect URIs without path nor port (#10836) high
    Fixed rejection of valid localhost redirect URIs lacking path or port.
    oidc

Deprecations 4

  • Deprecated settings v2beta endpoints (#10909, #10909)
    Deprecated v2beta endpoints for settings service.
    api
  • Deprecated v2beta endpoints of existing v2 services (#10841, #10841, #10772)
    Deprecated v2beta endpoints for services that already have stable v2 versions.
    api
  • Deprecated application service v2beta (promoted to GA) (#10846)
    Moved application service from v2beta to general availability and deprecated v2beta endpoints.
    api
  • Deprecated internal permission service v2beta (promoted to GA) (#10898)
    Moved internal permission service from v2beta to general availability and deprecated v2beta endpoints.
    api