TungWU

Separate CORS origins config

5

Currently we need to configure the following redirect uris when using capacitor app, or there will be CORS error: - https://localhost - capacitor://localhost We should consider always allow these origins...

[Force Change Password] Support marking password as expired using admin api

1

- [ ] Create a mutation to set `expire_after` of a password authenticator

[Force Change Password] Support marking password as expired on import

1

- [ ] Add migration to add a column `expire_after: timestamp without time zone nullable` to authenticator - [ ] Support one more field `expire_after` in import user api under...

SAML: Add idp signing configs

1

requires https://github.com/authgear/authgear-server/pull/4565 ref DEV-1719

Specify SAML

9

ref DEV-1682

Implement search with postgresql

1

ref #3395 I will open another pr to create a script to reindex user in a given app id

[App2App] Scopes should be validated according to client type

1

Assume AppA is authenticated, and AppB is not authenticated. Currently, when appB tries to authenticated with app2app by AppA, the scopes of AppA's session will be inherited to appB's session....

Remove usage of 100vh

2

Discovered in https://github.com/authgear/authgear-server/issues/3445 Currently, when opening auth ui in ios, there are multiple vertical scrolling elements, therefore fixed / sticky doesn't work as expected. Check how to reduce scrolling element...

ref: https://oursky.slack.com/archives/C05H3RD7VST/p1695106092811849?thread_ts=1695045686.002119&cid=C05H3RD7VST

The "Send Via Phone" button in forgot password page does not propagate ui_locales query

1

Therefore the locale will change when you press "Send Via Phone".