Known issues
The following important issues remained open at the time of the latest release for each version.
Releases are cumulative, so if an issue in a previous version isn’t listed as fixed, it remains open in the latest version.
AM 8.1.x
AM 8.1.0
AME-33815 |
Persistent Cookie tree generates a new cookie with different setup on success |
AME-31157 |
OAuth 2.0 |
OPENAM-23778 |
AM issues unindexed search when |
OPENAM-23703 |
Custom and native claims in a refreshed, stateless access token don’t match the parent modified stateless access token |
OPENAM-23680 |
Server default settings may not be correctly updated on upgrade |
OPENAM-23607 |
Composite advice |
OPENAM-21682 |
OAuth 2.0: AM doesn’t redirect back to the client if consent is denied and no |
OPENAM-18544 |
AM access audit logging incorrectly reports a failure for responses that return an HTTP 302 redirect |
AM 8.0.x
AM 8.0.2
OPENAM-25535 |
FBC to FBC upgrade requires manual copy of |
OPENAM-25326 |
Successful login with unknown user causes error when account lockout enabled |
OPENAM-24327 |
Server name not set as cookie domain when cookie domain global setting is empty |
OPENAM-23940 |
Safari displays Server Error page using authentication tree with SAML2 Authentication node |
OPENAM-23680 |
Upgrades may overwrite changes to server default properties |
OPENAM-23573 |
Amster exports only specific UMA server settings, not the server defaults |
OPENAM-23565 |
Global services requests fail after Amster import |
OPENAM-21100 |
SAML 2.0 IDP SLO using HTTP redirect not working as expected on AM cluster |
OPENAM-20226 |
The Agent Admin privilege doesn’t allow creating/updating/reading of Agent profiles |
AM 8.0.0
AME-31109 |
Amster 8.0 import fails with |
OPENAM-25462 |
In Node Designer, the |
OPENAM-23960 |
Unable to build AM 8.0 or 8.0.1 due to |
OPENAM-23851 |
The + NOTE: This issue only affects self-managed Docker environments where you’re attempting to build your own AM image. |
OPENAM-23770 |
WebAuthn node flow causes exception instead of |
OPENAM-23763 |
Next button not enabled on Configuration Data Store Settings page of install wizard |
OPENAM-23717 |
Access token requests fail when default tree uses Set Persistent Cookie node |
OPENAM-23595 |
A |
OPENAM-23582 |
WebAuthn’s |
OPENAM-23322 |
Formatting errors in SAML metadata certificate export |
OPENAM-23155 |
Agent group inheritance settings are lost during Amster export/import |
OPENAM-17819 |
AM admin UI doesn’t show leading |
OPENAM-17818 |
Domain cookie with leading |
AM 7.5.x
AM 7.5.2
OPENAM-23998 |
RhinoJS Date() doesn’t calculate DaylightSavingTime correctly in a next-generation script |
OPENAM-23481 |
Token is allowed in raw JSON in introspect request |
OPENAM-23227 |
OIDC ID Token Validator node doesn’t work with proxy settings |
OPENAM-23035 |
AM should preserve |
OPENAM-22967 |
Config upgrader uses OS file encoding causing issues with special characters |
OPENAM-22952 |
SMSEntry class should throw exception to avoid NullPointerException |
OPENAM-22812 |
Create Object node logs failure at debug level instead of error/warning |
OPENAM-22777 |
Deploying AM 7.5.0 on Wildfly 26.x with JDK 17 fails |
OPENAM-22770 |
Configuring AES Key Wrap encryption for Tomcat doesn’t work |
OPENAM-22700 |
OAuth 2.0 introspect: Multi-audience token only checks against first value |
OPENAM-22670 |
DJLDAPv3Repo |
OPENAM-22663 |
WS-Federation SLO calls cleanup directive if issued |
OPENAM-22530 |
OAUTH_REQUEST_ATTRIBUTES cookie is set for HTTP GET |
OPENAM-22505 |
Scripted policy condition fails with "Exception from invocation expected to be handled by promise" |
OPENAM-22386 |
Next-generation |
OPENAM-22031 |
LDAP Decision node no longer displays locked account message but redirects to failed login |
OPENAM-19968 |
IdP-initiated SAML SLO doesn’t invalidate SP-side session using integrated mode |
AM 7.5.1
OPENAM-23045 |
Performance degradation and WS-Federation issues with Java 17 |
OPENAM-23022 |
Transaction condition for policy evaluation fails with JWT subject |
OPENAM-22927 |
WebAuthn Registration node should be able to use |
OPENAM-22616 |
Upgrade from AM 6.5.5 to 7.5 using external CTS fails with error "Message:Service does not exist: GoogleSecretManagerSecretStoreProvider" |
OPENAM-22457 |
Amster doesn’t delete all default scripts when using |
OPENAM-22406 |
Product ZIP file contains files prefixed with |
OPENAM-19453 |
CTS authentication sessions may cause tree to fail if AM server is not configured for sticky load balancing |
OPENAM-14790 |
OAuth 2.0 scope policy set fails with LDAP filter environment condition |
AM 7.5.0
OPENAM-22151 |
Expiration of cache held in StatelessJWTCache could cause Internal Server Error |
OPENAM-22067 |
Stateless Session denylist caching and bloomfilter layers removed on config change |
OPENAM-22031 |
LDAP Decision node change of behavior when user is locked from password change screen |
OPENAM-21820 |
Set policy result TTL to |
OPENAM-21819 |
Default value for LinkedIn configuration uses out of data scopes |
OPENAM-21683 |
AM lets you create anonymous user when it already exists |
OPENAM-15948 |
Update DS profiles to add VLV indexes for CTS use |