...
- The option "Sign on SAML Response" was wrongly enabled by default for IIS applications, and caused some issuesthe issue "OWA Error - Invalid SAML Response: Signature wrapping attack, wrong URI...". It is now disabled by default (3823)
- The user agent filter in Logon policy doesn't work for WEB SSO (3789)
- SSO user interface customization did not work in some circumstances (3797)
- Creating authorization code in the admin console did not work (3805)
- in the SendOTP API, password is transmitted in clear text
- Deleted tokens were still listed in the service console (3827)
- After a user was access denied, switching to a different user was still access denied (3843)
- In the safe mode, all access control policies were still effective (3852)
...