Skip to main content
Skip table of contents

Release notes - Publisher

Latest release

Release date: 9 May 2024

Notable changes:
  • [CSP-4887] - Update to the menu navigation - Accounts now on the side.
  • [CSP-4912] - Update to the display of admin accounts ahead of some planned improvements


Previous releases

Release date: 9 April 2024

Notable changes:
  • [CSP-4993] - Enhanced reporting options now available to external apps (e.g. Shibboleth). See: Reporting


Release date: 14 February 2024

Notable changes:
  • [CSP-4884] - Performance enhancements for reporting
  • [CSP-4910] - Add feature toggle for longer entityID storage
  • [CSP-4896] - 3rd party library uplift


Release date: 29 January 2024

Notable changes:
  • [CSP-4650] - Additional validation on redirector domains


Release date: 22 January 2024

Notable changes:
  • [CSP-4405] - Metadata updates for external apps would sometimes not persist


Release date: 10 January 2024

Notable changes:
  • [CSP-4578] - Access to the SP dashboard now only requires the SP admin role
  • [CSP-4768] - Standardisation of country names in UI / downloaded statistics reports
  • [CSP-4805/4813] - Improve the display of Application and Connection status
  • [CSP-4848] - uplift dependencies 


Release date: 1 November 2023

Notable changes:
  • [CSP-4641] - uploading invalid metadata would log the wrong error  

Release date: 4 October 2023

New functionality:
  • New reporting options are now available to Keystone customers including usage statistics from other federations and 1:1 connections. See: Reporting 

Release date: 31 August 2023

Notable changes:
  • [CSP-4684] - It was possible to upload SP metadata with an empty ServiceDescription element 

Release date: 16 August 2023

Notable changes:
  • [WAYF-672] - Embedded Wayfinder was slow when local storage was unavailable
  • [CSP-4556] - Add a file-size check to the additional identity provider option
  • [CSP-4576] - The activity stream would show a rejected publication request immediately upon submission

Release date: 26 July 2023

Notable changes:
  • [CSP-4657] - the log a query button in the dashboard didn't work.

Release date: 13 July 2023

Notable changes:
  • [CSP-4602] - overlong entityIDs would stop the external app addition flow without an error message.

Release date: 29 June 2023

Notable changes:

Release date: 6 June 2023

Notable changes:
  • [CSP-4359] - Display entityID of external apps (e.g. Shibboleth) in the applications list.

Release date: 28 April 2023

Notable changes:
  • [CSP-4567] - Domain validation was not working on the linking tab for Keystone applications
  • [CSP-4550] - Fix SP dashbaord accessibility issues identified by Lighthouse snapshot reports
  • [CSP-4432] - Uplift version of Snakeyaml dependency and related technical improvements   

Release date: 12 April 2023

Notable changes:
  • [CSP-3811] - Keystone metadata now available via URL. See: Connections   

Release date: 4 April 2023

Notable changes:

  • [CSP-3865] - browser history didn't work as expected on the connections page
  • [CSP-4542] - updating a resource was causing it to be removed from the catalogue

Release date: 27 February 2023

Notable changes:
  • [CSP-3979] - Keystone apps' metadata now lists the OpenAthens service desk as the technical contact   
  • [CSP-4452] - Application restrictions added to the audit stream

Release date: 23 February 2023

Notable changes:
  • [CSP-4430] - Improvements to the required / optional attribute specification tab   
  • [CSP-4437] - Improvements to the subscription management specification tab

Release date: 2 February 2023

Notable changes:
  • [CSP-4381] - 1-2-1 connections to Azure failed at metadata validation   
  • [CSP-4362] - Size limits on images were not properly enforced
  • [CSP-4446] - App restrictions were not enforced as expected

Release date: 5 December 2022

Notable changes:
  • [CSP-3668] - Update the embedded Wayfinder script to work when referrer header was not sent   
  • [CSP-4356] - Client secret now obscured in the SP dashboard (extra step to show) 

Release date: 22 November 2022

Notable changes:
  • [CSP-4379] - External applications without a service title in the linking syntax would fail to publish  
  • [CSP-4216] - URLs on the mapping rules page could throw errors 


[CSP-4419] - resolving unexpected high CPU load on the publisher dashboard

Release date: 8 November 2022

Notable changes:
  • [CSP-4207] - Uploading metadata for an external application would not honour the <md:Organization> block 

Release date: 15 August 2022

Notable changes:

Release date: 2 August 2022

Notable changes:
  • [CSP-4126] - When adding privacy policies, the UI now default to English instead of Arabic in the language selector 

Release date: 11 April 2022

Notable changes:
  • [CSP-4002/8] - Pre-live resources now appear in a test federation

Release date: 10 August 2021

Notable changes:
  • [CSP-3982] - SIgnatureMethod and DigestMethod now included in Keystone metadata
  • [CSP-4026] - Keystone now automatically handles pairwise IDs when sent

Release date: 1 June 2021

Notable changes:

Release date: 9 February 2021

New functionality:
  • [ACT-91,93,94,153] - You can now add support contacts and specify details about how subscribers can ask for SAML access to be enabled   See: Edit an application 

Release date: 17 December 2020

New functionality:
  • [ACT-65] - Attribute Consuming Services and privacy policies can now be included in metadata for both Keystone and external applications to help libraries configure release policies without having to contact your support team. See: Edit an application 
Notable bug fixes:
  • [CSP-3932] - Escape key did not work in pop-up modals after clicking inside modal
  • [CSP-3945] - Restricting access based on user roles in the Dashboard could break some OIDC applications

Release date: 7 October 2020

Notable bug fixes and changes:
  • [CSP-1748] - Logo validation was reporting the wrong size
  • [CSP-3170] - User restrictions extended to OIDC apps 

Release date: 19 July 2020

Notable bug fixes and changes:
  • An initial (beta) release of the reporting function is now available - see: Reporting

Release date: 24 June 2020

Notable bug fixes and changes:
  • [WAYF-393] - entity categories can now be set to appear in metadata via the connections tab (Keystone apps)
  • [CSP-3850] - fixed broken documentation link 
  • [CSP-3903] - where multiple applications share a connection, you can now choose which provides details to the metadata. See Using a connection for multiple OIDC applications
  • [CSP-3801] - improvements to how changes to links are audited 

Release date: 28 May 2020

Notable bug fixes and changes:

1 April 2020

Minor changes and bugfixes (publisher dashboard)
  • [CSP-3782] - Improvements to certificate display

10 January 2020

Minor changes and bugfixes (publisher dashboard)
  • [CSP-3792] - updated validation on the embedded Wayfinder domain field to accept the new, longer, top level domains such as .network

18 December 2019

Minor changes and bugfixes (publisher dashboard)
  • [CSP-2181] - The ACS index value from external apps' metadata was not honoured
  • [CSP-3680] - Error handling within modals could lead to changes being committed by the cancel button

16 December 2019

Minor changes and bugfixes (Wayfinder)
  • [WAYF-220] - Hidden organisations made visible by debug mode are now marked as such
  • [WAYF-256] - Searches including certain non-latin characters could cause an error
  • [WAYF-258] - Searched containing too many characters could cause an error
  • [WAYF-351] - Searching via email address was not working for some SP entities

25 September 2019

Minor changes (Wayfinder)
  • [WAYF-179] - The order of remembered organisations could be inconsistent in certain circumstances
  • [WAYF-250] - The embeddable version of Wayfinder did not display long organisation names well

7 August 2019

Minor changes
  • [CSP-3542] - The accounts menu item and the signout button have moved: dashboard accounts are now accessed via the cog, and sign out is via the user's name. Both in the top right. 

10 July 2019

Significant changes
  • [CSP-3592] - Certificate thumbprints are now also available as a SHA-256 hash
  • [CSP-3594] - Added a preset rule to output targeted ID in the format idpEntityId!spEntityId!targetedId to ease migration to Keystone from older technologies

1 July 2019

Significant changes

14 March 2019

Significant changes

28 June 2018

Updates to support the certificate store change happening on 21 September

Java2.1.2Maven: Change version number in POM and build

Apache: atacama-platform


sudo yum update openathens-sp

sudo service httpd restart

.NetNo change requiredUses windows certificate store

Publisher dashboard1.0.5
Released on21 September 2017
Significant changes
Publisher dashboard1.0.4
Released on22 June 2017
Significant changes
  • [CSP-1241] - SAML discovery service support has been added for OASP.
Publisher dashboard1.0.3
Released on28 March 2017
Significant changes
  • [CSP-775] - Healthcheck request was causing a nullpointer error
  • [CSP-776] - Unavailable IdP entities could cause the Additional IdP page to hang
  • [CSP-805] - Updated syntax check on the redirector's tokenised access URLs to not require http(s):// at the start.
  • [CSP-881] - Improved certificate checking to eliminate false positives from the error display
  • [CSP-878] - Saving updated redirector syntax could fail
  • [CSP-957] - Include the service desk's test domain in the OpenAthens SP config until it is made live
  • [CSP-970] - Provide audit information per application / connection
Publisher dashboard1.0
Released on22 November 2016
Major new features
FeatureAvailable toNotes
New publisher dashboardAll SPsDocumentation: Publisher dashboard reference guide
Rewritten SP documentationAll SPsRationalised and simplified to work alongside the new publisher dashboard
Simplified OASP configuration including automatic configuration of OpenAthens federationOpenAthens SP users
Simplified OpenAthens federation configurationAll SPs
Faster updates to OpenAthens federation metadataAll federation usersRrather than waiting up to 24 hours, updates are now live within 15 minutes
Old federation dashboard no longer availableNo one
Old SP dashboard no longer availableNo one
OASP2.1.1 Java
Released on19 July 2016

New Features

  • OASP-235 - Cached metadata is no longer shared between web applications on the same server. Each web application now has its own metadata cache.
Issues Resolved
  • OASP-20 / OASP-48 - Java OASP no longer requires the variant and version to be specified when updating.
  • OASP-65 - Query strings now supported on Java OASP.

Known Issues

With the introduction of support for query strings (OASP-65) the memory footprint increases if multiple web applications are present on the same server. It is recommended that customers who support this configuration confirm that the server has adequate resources available.


Java upgrading from 2.0 to 2.1.x


Released on20 January 2015
  • SP Dashboard

  • New Features

  • Control permissions for managing configurations

It is now possible for an administrator to control which other users in an organisation can edit or update a configuration. 

  • Support for multiple administrators from a single organisation

Administrators can now create additional users in their organisation, provided they are one level below the domain administrator

  • New advance options added to make SAML profiles configurable

There are now additional configuration options for SAML profiles, including ability to set SAML versions. Any new configurations that are created will not support SAML 1 & 2 Artifact by default.

  • OpenAthens federation added to list of available federations

Minor change to add the OpenAthens federation to the drop down list of federations when managing configurations

  • Status changes of configurations now dynamically updated

The status of a configuration (Published / Unpublished) is now updated dynamically when the status is changed, removing the need to manually refresh the page

  • Single Sign On from SP Dashboard to the OpenAthens Admin Area

When signed in to the SP dashboard, it is now possible to access the OpenAthens Admin Area (For example to change account details) without signing in again

Relevant help pages: Familiarisation with the OpenAthens SP dashboard, and Creating a configuration with the OpenAthens SP dashboard

  • Issues Resolved

  • Federation URLs corrected
    Updated the preconfigured list of federation URLs to correct outdated information
  • Fixed an issue with autocomplete when configuring a default IdP

  • Software

  • New features

Removal of KeyAuthority

The UK access management federation updated their support for the PKI trust mechanism in June 2014.  Apache and .Net versions of OpenAthens SP V2.0 required the <KeyDescriptor> to be available.  As a result customers using these versions could not use the latest UKfed metadata.  OpenAthens SP V2.1 has been updated to address this issue and customers using the .Net and Apache versions no longer need to use the fall back metadata once upgraded


Streamlined metadata management

OpenAthens SP will only load IdP entities when consuming the metadata to decrease loading times

Unified the namespace for scoped and non-scoped attributes to provide consistency across SAML 1.1 and SAML 2.0

For SAML 1 the scoped attribute that was in the namespace:


will now be in the namespace



Option to use memcached for improved management of memory and caching

The option to use memcached is now available in the advance settings of the SP dashboard.  This provides more efficient performance by storing metadata in memory

Centos 7 as an approved platform


Support for product installations from MAVEN

OpenAthens SP is now available as a MAVEN dependency to make upgrading and installing easier from within a Java project


  • Issues resolved

Downgraded libmemcache to the distro version to avoid conflicts with other packages

Installation of OpenAthens SP on Apache was showing conflicts with the version provided in version2.0.  These conflicts have been resolved by reverting to the distro version

OASP2.0.2 Apache
Released on20 August 2013

The specific issues fixed in this maintenance release are all related to the Apache version:

  • atacama-platform-2.0.2-19387.i386.rpm
  • Updated the sql modules (FreeTDS and MySQL).
  • Code changes made so that any values in the non-default group will be treated as input arguments. This is an intermediate fix to allow better control of input arguments. The underlying issue relates to the third party libraries for Free-TDS and MSSQL not working well together.
  • mod_openathens-2.2.2-19387.i386.rpm

Changes made to SELinux policies to:

  • Allow Httpd to access the '*.so' files in the modules directory.  This was previously being done incorrectly in the Atacama-platform rpm.
  • Allow the runtime to connect to the MSSQL and MYSQL daemon ports (1433 and 3006 respectively).

OASP2.0.2 Java
Released on4 September 2012

The specific issues fixed in this maintenance release are all related to the Java version:

  • Fixed bug so that content type header (text/html) is correctly added to the builtin pages (e.g /oa/debug, /oa/logout).
  • Allowed the behavior of the authReceiverURL dataSource to be
    controlled via the web.xml. See Controlling the Assertion Consumer Service URLs for further details.

OASP2.0.1 Java
Released on5 August 2011

The specific issues fixed in this maintenance release are all related to the Java version:

  • Fixed bug in signature checking logic when processing SAML2 responses
  • Changed session management behavior.
    Previously if a user logged in via Identity Provider X and then via Identity Provider Y without logging out, the session would contained a merged view of
    the attributes obtained from both Identity Providers.
    This has been changed so that attributes obtained from Identity Provider X will be purged, before attributes from Identity Provider Y are added.

Released on12 January 2011

OpenAthens SP 2.0 introduces a number of features designed to make the installation, configuration and management of the software easier, more flexible and more intuitive.

  • What's new in OpenAthens SP 2.0?




Management Dashboard

Create new configurations for multiple different websites. Update contact details for your organisation.

Web-based interface for the creation and management of configurations. This allows the configurations for all your sites to be managed and stored in one place. It enables easy migration between versions of OpenAthens SP and your website.

Federation wizards

Add support for new federations via the configuration site.

When creating a new configuration a wizard will step you through the process of adding support for multiple identity federations. It is possible to add additional federations later with a few clicks in the dashboard.

Updated Apache module

The Apache module (mod_openathens) has been renamed and updated.

It brings more flexibility and support for the latest versions of Apache. It is the same full-featured, robust platform that is used for OpenAthens LA.

Software repositories

A yum software repository for RedHat/CentOS Linux.

When using the Apache module on RedHat/CentOS 5.x Linux servers, the yum software repository bring simple installation and ensures that software is kept up-to-date. New versions of OpenAthens SP can be installed or upgraded using the same process.

Java modules

Improved integration with Java environments.

Improved Servlet filter and integration with Java application servers. Improved support for various popular Java servers, including Glassfish.

.NET framework

An all-new .NET framework for integration on Windows platforms running .NET.

Easy integration with .NET applications via a native .NET API and HTTPModule. This brings deep integration with the .NET platform, making it simple to add support for your existing and new .NET applications.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.