This release introduces expanded scope and certificate management capabilities, and enhanced audit and history comparison views. It also delivers improvements to search flexibility, responsive filter layouts, and form validation, alongside fixes addressing wizard flow accuracy, permission consistency, UI rendering, and data integrity across listings and configuration workflows.
A new audit history view for Applications allows users to compare changes between selected versions. When comparing non-sequential versions, an alert informs users that intermediate changes may not be reflected in the diff. Tabs for upcoming features such as certificates, flags, and roles are visible but marked as coming soon with informational tooltips.
A new 'Show active servers only' toggle is available on the authorisation servers list page, consistent with the equivalent filter on the applications page. Users can quickly focus on active servers without manually scanning inactive entries.
The audit interface now includes a primary switcher that allows users to navigate between resources and their associated audit items. This makes it easier to move between related audit records without leaving the current view.
This release introduces new server role management, improved onboarding validation flows, and expanded audit access capabilities. It also delivers a range of usability and interface improvements including responsive search, scroll-to-error behaviour, and updated design components, alongside fixes addressing search feedback, metadata schema handling, and permission consistency.
The current directory version is now displayed in the UI via the profile menu. Clicking "Versions" opens a modal showing the active release version, with direct links to the Release Notes and API Documentation for quick reference.
Authorisation Servers now include a dedicated Roles tab, mirroring the existing Application Roles experience. The tab displays relevant information about associated domains, roles, and authorities, and allows administrators to add and manage server roles directly from the server detail view.
The onboarding verification flow has been updated to separate email and phone OTP validation into distinct steps and screens. Email is now validated first, followed by phone where applicable. If phone OTP is not configured in the environment, it is no longer required during registration and is not shown in the UI. Validation messaging dynamically reflects which channels were used.
A new `directory:software:audit` scope has been introduced to support automated retrieval of audit logs via client credentials, without relying on a human user account. Organisation Administrators can now use an Application with a role containing this scope to query the `GET /audit` endpoint and access audit log data from other participants in the ecosystem.
This release introduces improvements to application management, federation visibility, API family configuration, and mobile usability. It also includes multiple fixes addressing validation issues, endpoint generation behaviour, and user interface consistency across the Directory.
The Application Details page has been redesigned to present information in a clearer and more structured layout. Key information such as flags and core application details is now displayed prominently at the top of the page, while detailed sections are collapsed by default to improve readability and navigation.
A new guided wizard simplifies the process of creating Identity Providers. The wizard provides clearer visual feedback during configuration and consolidates the creation of an IDP and its version into a single flow, making the setup process more intuitive.
Applications that participate in a federation now display clear visual indicators within the UI. A Federated tag is shown on the application page, and a collapsible section provides visibility into the federation hierarchy, including the current entity, parent entity, and trust anchor.
Additional helpers and contextual guidance have been introduced when configuring API Families, helping users better understand certification types and configuration requirements during creation.
The sidebar behaviour on mobile devices has been redesigned to better match expected interaction patterns. The sidebar now opens as a partial overlay instead of a full-screen panel, allowing users to maintain context with the underlying page while navigating.
Certain configuration forms now support prepopulated values, reducing manual input and improving consistency when creating new resources.
Endpoint generation logic has been improved when creating API resources through the wizard. The system now correctly generates endpoint patterns based on the actual API version and properly handles version numbers and dot notation within endpoint paths.
This release introduces new ecosystem configuration capabilities, clearer metadata visibility, and usability improvements across the Directory UI, alongside multiple fixes improving stability, validation, and administration workflows.
API Families can now be configured through Reference Data to control which API families are available in the ecosystem. This allows ecosystem operators to centrally manage supported API families and provides participants with a clear, authoritative view of available APIs.
Certificates now support a Description field to help identify their purpose. The Description can be provided during certificate creation and updated later, improving clarity for participants managing certificates across multiple environments.
A redesigned Authorisation Server details page introduces a clearer, more structured layout. Key information such as flags and core server details is easier to identify, with sections grouped and collapsed by default to improve readability.
Federation details now display all relevant federation endpoints instead of only the Fetch endpoint. This improves transparency when configuring, validating, and troubleshooting Federation integrations.
Authorities now clearly indicate which Organisation they belong to when viewed under Reference Data. When applicable, an Organisation tag links directly to the associated Organisation. Legacy Authorities include an explanation clarifying that they were created under the previous model and are retained for reference and migration purposes.
The UI now clearly explains the difference between Federation roles and Directory roles, including how metadata behaves differently between them. This reduces confusion when role metadata does not propagate for Federation roles.
Several Directory pages now use a unified layout with improved spacing, pagination, and visual consistency, including Organisations, Authorisation Mapping, Domain Users, Terms & Conditions, and Audit History. Navigation clarity and overall readability have been improved across these areas.
The legacy "New Organisation" button has been removed, and the guided Organisation creation wizard is now the standard way to create Organisations.
Action labels across the Directory have been standardised to Enable / Disable to improve clarity and consistency when managing resources.
Data Administrator users can now manage the "Participant Terms & Conditions Signing required?" setting when editing Organisations. See Terms & Conditions for more details.
Logo uploads now display an image preview before saving. Drag-and-drop uploads are consistently supported across Organisations, Servers, and Applications.