Orchestrator Release Notes
2022.10.6
Release date: 10 August 2023
-
Important: The fix only applies to this version. For previous versions, you need to add the following section to the web.config file:
We have fixed an issue that prevented Swagger authentication if Orchestrator and Identity Server were deployed as Azure app services with different URLs.
<rewrite> <outboundRules> <rule name="CSP"> <match serverVariable="RESPONSE_Content-Security-Policy" pattern=".*" /> <action type="Rewrite" value="default-src 'self' https://<YOURIDENTITYURL>;connect-src 'self' https://<YOURIDENTITYURL>;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self'" /> </rule> </outboundRules> </rewrite>
<rewrite> <outboundRules> <rule name="CSP"> <match serverVariable="RESPONSE_Content-Security-Policy" pattern=".*" /> <action type="Rewrite" value="default-src 'self' https://<YOURIDENTITYURL>;connect-src 'self' https://<YOURIDENTITYURL>;script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self'" /> </rule> </outboundRules> </rewrite>
-
When you deleted a user from the host tenant, then created another user with the same username and e-mail address as the one that you had deleted, you could no longer log in to the any non-host tenant. This occurred due to a missing rule around provisioning a new user once another user with the same information was deleted. This issue is now fixed.
-
When you tried to filter by host identity on the Logs page, the names in the list kept repeating once you scrolled past the 10th item. Filtering now works as expected.
-
This release brings security updates and patches to address Common Vulnerabilities and Exposures (CVEs).
We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.
You can download the latest product version from the Customer Portal.