Version 1.55.0 Release Blog Post (#3430)

* Version 1.55.0 Release Blog Post * Shrink images * FusionAuth version 1.55.0 blog post (date change) * FusionAuth version 1.55.0 blog post (file name update) * Update astro/src/content/blog/announcing-fusionauth-1-55.mdx Co-authored-by: Dan Moore <[email protected]> * Update astro/src/content/blog/announcing-fusionauth-1-55.mdx Co-authored-by: Dan Moore <[email protected]> * Update astro/src/content/blog/announcing-fusionauth-1-55.mdx Co-authored-by: Dan Moore <[email protected]> * Update astro/src/content/blog/announcing-fusionauth-1-55.mdx Co-authored-by: Dan Moore <[email protected]> * 1.55 release blog post - removed API key hashing and updated date. * Update announcing-fusionauth-1-55.mdx --------- Co-authored-by: bradmccarty <[email protected]> Co-authored-by: Dan Moore <[email protected]>
FusionAuth · Dec 23, 2024 · a227e04 · a227e04
1 parent 60f7673
commit a227e04
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 0 deletions.
diff --git a/astro/public/img/blogs/release-1-55/fusionauth-1-55.png b/astro/public/img/blogs/release-1-55/fusionauth-1-55.png
diff --git a/astro/public/img/blogs/release-1-55/holiday-hippo.png b/astro/public/img/blogs/release-1-55/holiday-hippo.png
diff --git a/astro/src/content/blog/announcing-fusionauth-1-55.mdx b/astro/src/content/blog/announcing-fusionauth-1-55.mdx
@@ -0,0 +1,46 @@
+---
+publish_date: 2024-12-23
+title: Announcing FusionAuth Version 1.55.0 - The Holiday Hippo
+description: FusionAuth v1.55.0 "The Holiday Hippo" brings major updates including SAML encryption support, enhanced API key security with hashing and expiration, configurable lambda timeouts, and more. 
+authors: Brad McCarty
+image: /img/blogs/release-1-55/fusionauth-1-55.png
+categories: Product
+tags: SAML, API Security, Lambdas, Usage Stats
+excerpt_separator: "{/* more */}"
+---
+
+We recently released FusionAuth version 1.55.0. You'll probably remember that [1.54.0](/blog/announcing-fusionauth-1-54) came out only a few short weeks ago. At the time, we promised that we had a bigger release coming soon. Well, soon is now, so let's get into the details. 
+
+{/* more */}
+
+First thing's first, 1.55.0 is a pretty big release. It seemed only fitting to put it into your hands for the holidays. So we have dubbed this "The Holiday Hippo." Our hope is that, like Moo Deng, version 1.55.0 brings some unexpected joy to your life.
+
+![The Holiday Hippo](/img/blogs/release-1-55/holiday-hippo.png)
+
+## SAML Encryption
+
+Good news for you SAML enthusiasts. Version 1.55.0 supports decryption of SAML assertions when FusionAuth is the Service Provider (SP). This means FusionAuth can now handle encrypted messages from external IdPs, giving your users’ PII an extra layer of security. 
+
+This also means that FusionAuth plays nicely with a wider range of systems that insist on or prefer encrypted SAML assertions. Additional integration flexibility is always a good thing. 
+
+## API Security
+
+We've also taken the opportunity to beef up API key security with this release. As a reminder, API keys allow you to control FusionAuth via our APIs and SDKs, without using our admin UI. They already can be locked to a tenant or tightly scoped to a specific endpoint and HTTP method.
+
+In this release, we have an additional security improvement: 
+
+FusionAuth API keys can now have an expiration time. In the past, these keys were good forever. As of this release, you can set an API key to expire at any date or time in the future, on a per-API key basis. 
+
+In adding the expiration option, we had a decision to make about the default state. In order to make sure that it was compatible with existing automation (and frankly because we couldn't decide on a good alternative), the default behavior of API keys will still be to never expire. But now you have options!
+
+## Lambda Connect and Read Timeouts
+
+Lambdas in FusionAuth are JavaScript functions that you can use to augment or modify the behavior at runtime. This typically happens during a login flow. In fact, you might remember that we added lambda-based login control back in [version 1.53.0](/blog/announcing-fusionauth-1-53) to allow you to stop a login based on business logic. 
+
+Because lambda functions execute during the time-sensitive login process, we recommend that any HTTP requests you make return quickly. Because of this, it's valuable to be able to configure the connect and read timeouts in all lambda functions. This release adds that capability. Before both timeouts were hardcoded to 2 seconds, but now you control the timeout. Use this power wisely.
+
+## All the Rest
+
+We've also added support for passing parameters to a hosted back end page, a refresh token grace period, squashed a few annoying bugs, improved overall performance, and added the ability to send (or not) usage stats back to us. You can read the details, as always, in the [release notes](/docs/release-notes/#version-1-55-0).
+
+Thanks again for trusting FusionAuth. We look forward to bringing you even more auth in 2025.