Changelog

The below table summarizes changes in this release of the OIDC Provider since its predecessor release(s):

Note that the URL for the authorize endpoint has changed since the predecessor release. Merchants must use the new URL for this endpoint for the improved cookie handling (issue no 2 below) to have effect. See also the section on BaseURLs for the recommended practise on how to determine the correct baseurl for the endpoints of the REST API

No	Changes in 2018-05-16 Moscow (OIDC) since 2018-04-13 Monaco (OIDC)
1	Fraud Data Service has been added as a new Value Added Service. The Fraud Data service is currently available in preview status and is restricted to support for the netcentric BankID Identity Provider.
2	Improved cookie handling in situations where cookies cannot be set as normal. This improvement fixes a specific problem with Safari in iframe mode and concerns both the OIDC platform as such and the xID Identity Provider in particular. Affected users will now see a cookie activation dialogue.
3	Improved response time for the xID Identity Provider by not loading all front-end components in situations where no xID dialogue is required.
4	New version of the JS Connector including two changes: (i) removed experimental support for `token_endpoint` and `userinfo_endpoint` and (ii) made the `oauth_url` parameter optional`.`
5	The former claim `preferred_username` has been removed from the ID Token. A new claim `tid` (transaction ID) has been added to the ID Token.
6	Several minor bug fixes for the BankID Identity Provider, the xID Identity Provider and the T INFO Service