Webiny Docs home page
For the full list of changes, check out the Webiny 5.41.4external link release on GitHub.

Security
anchor

Cognito Federation: Fixed Handling of Identity's Groups and Teams Properties (#4418external link)
anchor

When using Cognito Federationexternal link, via the getIdentity callback, developers have the ability to customize the identity object.

This is useful when you need to add additional properties to the identity object, such as groups or teams, which can then be used for authorization purposes.

But, there was an issue with how the identity’s groups and teams-related properties were handled. Previously, only the group property was handled. Now, all of the following properties are handled:

  • group
  • groups
  • team
  • teams

This change ensures that the identity object is correctly processed, and that the groups and teams properties are correctly loaded and used for authorization purposes.

Fixed Loading of Teams When Using 3rd Party IdPs (#4419external link)(#4420external link)
anchor

When using 3rd party IdPs, such as Okta or Cognito Federationexternal link, and using the getIdentity callback to customize the identity object, assigning teams to the identity object was not working correctly.

More specifically, resolving security roles from teams that were created via the Admin app was not working as expected. On the other hand, teams that were define programmatically were working as expected.

This issue has been fixed, and now, when using the getIdentity callback, teams are correctly loaded and assigned to the identity object.