GDPR (EU) requires consent renewal every 12 months. Some national data protection guidelines even recommend more frequent renewal, such as every 6 months. We the renewal periods configurable where the administrator can manually add a number of months (maximum 12) to define the renewal period. Key Benefits:
|
Release Notes
RFC 7591 enables OAuth 2.0 clients to register dynamically with the portal’s Authorization Server, removing the need for manual client setup. It defines how Liferay can securely accept client metadata, endpoints, and credentials on-the-fly. This allows Liferay apps, modules, or external services to integrate seamlessly and scale efficiently. By automating client onboarding, it strengthens Liferay’s identity and access management capabilities.
Key Benefits:
Eliminates manual configuration by allowing apps and external services to self-register securely with the Authorization Server.
Speeds up integrations and scaling by automating client onboarding while improving IAM consistency and security.
RFC 8414 provides the manual and error-prone process of configuring clients to talk to authorization servers by standardizing the way for the Authorization Server to publish its configuration automatically. The specific URLs (endpoints) and capabilities can be managed through the UI.
Key Benefits:
Eliminates the need to hardcode specific URLs, preventing configuration errors and allowing the server endpoints changes to be adapted instantly.
Provides a standard location for clients to find the server's public keys, enabling the server to rotate security keys automatically without breaking your application or requiring a software update.
The feature is now fully released.