TideCloak 0.11.2 / 0.11.7

This release primary focus is to streamline the Developer Experience, while applying fixes, performance enhancements and introduction of few features.

Highlights:

Streamline DX
Auto create nextJS template
Fabric network resiliance upgrade

TideCloak 0.11.7 changes

Downloadable client adapter for non-IGA realms

With the introduction of Keycloak-IGA (TideCloak without connectivity to Tide Cybersecurity Fabric), the permutation of using IGA and Tide-IDP introduced interesting combination: Tide-IdP/IGA, Tide-IdP only, IGA only (and, of course, Keycloak native no-Tide-IdP, no-IGA). The client adapter, therefore, was enhanced to support those different permutation while keeping the Developer Experience (DX) as seamless as possible. The client downloadable adapter in this release includes Tide's JWK (Tide's Vendor Verifiable Key in the standard JWK format) only if the following conditions are met: IGA is enabled, Tide-IdP is enabled, Tide-IdP is licensed (active). The inclusion of the Tide JWK instructs the SDK to force validating all authorizations with Tide's Ineffable key. Where these conditions aren't met, Tide's JWK won't be included, therefore the SDK will fallback to use either local keys set up on that TideCloak's realm.

Tide-specific roles naming enhancement

Tide's JIT Ineffable actions, such as encryption, decryption and model signing (by the web user), require well-known roles set in the Doken (Tide Delegated Token). Until this release, the role names were hardcoded. This release introduces regex-based naming that allows broader flexibility by the Vendor operating TideCloak. Tide roles are now defined as _tide_[name].<role> where _tide_ is a static prefix, [name] can be any combination of letters, hyphens and underscores (or nothing) and .<role> denotes the specific Ineffable action specified. Examples: _tide_user-files.selfEncrypt will allow users to encrypt information pertaining themselves.

SDK 0.11.2 changes

This release includes a variety of enhancements across all of TideCloak's Node SDK libraries:

Generic Javascript SDK (`@tidecloak/js`)

IAMService.init also accepts redirectUri in the config file in addition to the default option of a JSON object. This is a less-secure option (subject to the compromise of the URI destination) that's easier for testing and Codespaces/DevContainer environments.
Now exports RequestEnclave and ApprovalEnclave.
Added support for encrypting and decrypting byte arrays on tidecloak-js (previously only supported serialized strings).

ReactJS SDK (`@tidecloak/react`)

Accepts redirectUri in the config file when using <TideCloakContextProvider>. A less-secure option for testing and dynamic environments.
Now exports RequestEnclave and ApprovalEnclave.
README.md file optimized for consumption by AI tools.

Next.JS SDK (`@tidecloak/nextjs`)

Accepts redirectUri in the config file when using <TideCloakProvider>. A less-secure option for testing and dynamic environments.
Now exports RequestEnclave and ApprovalEnclave.

NextJS auto-creation (`@tidecloak/create-nextjs`)

This package implements a NextJS template that is integrated with Tide and includes TideCloak initialization. This example will create a NextJS base app from the template and will automatically initialize TideCloak to support it:

npm init @tidecloak/nextjs@latest my-app

More details here: https://www.npmjs.com/package/@tidecloak/create-nextjs

Cybersecurity Fabric 0.11.2 changes

Fabric infinite scalability support

Changes in the network database now remove the limitation of number of ORK nodes and allow the expansion of Tide Fabric to infinite nodes, potentially.

Fabric shared ledger fix

The Fabric's decentralized database service underlying 3rd party module, DotMim.Sync, was upgraded from version update 1.2.0 to 1.3.0 which includes some bug fixes and performance enhancement. In addition, the decentralized-synced database now includes more robust concurrency support features.

Browser's extreme privacy-settings support

Some web browsers, like Brave and Firefox, for example, have privacy settings set to the maximum, preventing access to 3rd party cookies, etc. For seamless user experience, Tide's Secure Web Enclave uses that support for 3rd party cookies to cater for advanced capabilities, such as end-to-end-encryption on the user device. When those settings apply, Tide user experience falls back to requesting the user to sign-in again to perform the requested action (i.e. encryption).

Tide SDK

Previously introduced Tide SDK (codename "Heimdall") from version 0.10.2 is now available as an NPM package. More info here: https://www.npmjs.com/package/heimdall-tide

TideCloak 0.11.7 changes​

Downloadable client adapter for non-IGA realms​

Tide-specific roles naming enhancement​

SDK 0.11.2 changes​

Generic Javascript SDK (@tidecloak/js)​

ReactJS SDK (@tidecloak/react)​

Next.JS SDK (@tidecloak/nextjs)​

NextJS auto-creation (@tidecloak/create-nextjs)​

Cybersecurity Fabric 0.11.2 changes​

Fabric infinite scalability support​

Fabric shared ledger fix​

Browser's extreme privacy-settings support​

Tide SDK​