Support Lifetime
Our minor releases are supported until our next minor comes out.1.7 Release Notes
1.7.0 Release Notes
Release Date 28 March 2025
Release Highlights
This release introduces enhancements to TIB, improving group-based permission mapping, adding support for proxy settings from environment variables, and allowing dynamic state values in the OAuth2 flow. For a comprehensive list of changes, please refer to the detailed changelog below.Breaking Changes
This release has no breaking changes.Dependencies
3rd Party Dependencies & Tools
| Third Party Dependency | Tested Versions | Compatible Versions | Comments |
|---|---|---|---|
| GoLang | 1.21 | 1.21 | All our binaries |
| MongoDB | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | Used by Tyk Identity Broker |
| Redis | 6.x - 7.0 | 6.x - 7.0 | Used by Tyk Identity Broker |
Deprecations
There are no deprecations in this release.Upgrade instructions
For users currently on v1.6.0, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.6.0 and proceed directly to this latest patch release.Go to the Upgrading Tyk section for detailed upgrade Instructions.
Downloads
- Docker image to pull
- source code tarball for oss projects - TIB v1.7.0
Changelog
Added
Load Proxy Settings from Environment Variables
TIB now respectsHTTP_PROXY,HTTPS_PROXY, andNO_PROXYenvironment variables when making outbound connections. This change ensures compatibility with air-gapped Kubernetes environments where external services can only be accessed via an HTTP proxy.Dynamic State Query Support in OAuth2 Flow
The OAuth2 “state” field can now be dynamically set via the URL or form-encoded body. This improvement allows integration with external APIs that require custom state values, ensuring compliance with various regulatory and enterprise authentication requirements.Improved Multi-Group Permission Mapping for Identity Providers
Previously, TIB assigned a user to the last matched group when multiple groups were mapped, regardless of the identity provider (SAML, LDAP, OAuth, OIDC, etc.). The new functionality introduces support for multi-group mapping, allowing permissions to be merged. This update is backward compatible and ensures that multi-group rights (combined permissions) are only applied if the user does not have agroupIdassigned via the Dashboard.
Security Fixes
1.6 Release Notes
1.6.1 Release Notes
Release Date 5 Nov 2024
Release Highlights
Enhanced Security with JWE Support for OIDC SSO
This release introduces JSON Web Encryption (JWE) support for OpenID Connect (OIDC) Single Sign-On (SSO) in the Tyk Identity Broker (TIB). With this enhancement, organizations can achieve greater security for token handling during authentication flows. JWE token validation and processing are now seamlessly integrated, offering configurable private key support for decryption.Breaking Changes
This release has no breaking changes.Dependencies
3rd Party Dependencies & Tools
| Third Party Dependency | Tested Versions | Compatible Versions | Comments |
|---|---|---|---|
| GoLang | 1.21 | 1.21 | All our binaries |
| MongoDB | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | Used by Tyk Identity Broker |
| Redis | 6.x - 7.0 | 6.x - 7.0 | Used by Tyk Identity Broker |
Deprecations
There are no deprecations in this release.Upgrade instructions
For users currently on v1.6.0, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.6.0 and proceed directly to this latest patch release.Go to the Upgrading Tyk section for detailed upgrade Instructions.
Downloads
- Docker image to pull
- source code tarball for oss projects - TIB v1.6.1