> ## Documentation Index
> Fetch the complete documentation index at: https://docs.strata.io/llms.txt
> Use this file to discover all available pages before exploring further.

# 2025

<Update label="December 19 2025" description="Organizations UI Polish">
  * Simplified Members list combining pending user invites and active members into one list
  * Fixed an issue where proxy outbound TLS CA file path was not being properly saved or deployed
</Update>

<Update label="December 16 2025" description="MCP Bridge Tool Namespacing">
  * When hosting multiple MCP Bridge apps in an AI Identity Gateway deployment, you can now assign unique namespaces to each app's tools
  * This prevents tool name conflicts across multiple MCP servers
</Update>

<Update label="December 8 2025" description="Per-Host TLS with SNI">
  * Introducing Server Name Indication (SNI) TLS configuration
  * Configure TLS settings for individual host domains in addition to the global TLS settings
</Update>

<Update label="December 2 2025" description="Token Lifecycle Control">
  * Enhanced Token Lifecycle Control for AI Agent Operations
  * Fine-grained control over token issuance and lifecycle for AI agent operations including:
    * Delegation
    * Refresh token lifetime
    * Access token lifetime
</Update>

<Update label="November 25 2025" description="MCP Bridge Enhancements">
  * Enhancements to Rego and OpenAPI spec views and drag-n-drop
  * MCP Bridge Provider now supports environment variables in URLs
  * Bug fixes for SAML and OIDC authentication policies
</Update>

<Update label="November 24 2025" description="MCP Bridge Drag N Drop">
  * Drag N Drop OpenAPI specs and Rego policy definitions when defining a MCP Bridge app
  * SAML Apps unauthorized page field no longer requires a full URL
</Update>

<Update label="November 20 2025" description="MCP Bridge OpenAPI Editing">
  * When defining the tools you want to expose in your MCP, you can now directly edit OpenAPI Spec as YAML or JSON format
  * Note: supports v3.0 (v3.1 or higher not supported)
</Update>

<Update label="November 17 2025" description="AI Identity Gateway: MCP Bridge">
  * The AI Identity Gateway: MCP Bridge is now available
  * Enables teams to let AI agents interact with internal or external APIs safely, with identity, authorization, and policy enforcement
</Update>

<Update label="November 12 2025" description="LDAP Provider Fix">
  * Resolved an issue where the disable hashing option was not propagated in a deployment
</Update>

<Update label="November 7 2025" description="Shared Redis Cache">
  * You can now disable the feature-specific prefix typically prepended to cache keys, enabling shared Redis cache for external data integration
  * Requires Orchestrator v2025.11.1 or higher
</Update>

<Update label="October 15 2025" description="LDAP Provider GA">
  * The LDAP provider and related LDAP service extensions are now generally available in the UI
  * You no longer need to contact support to enable it
</Update>

<Update label="October 10 2025" description="Invitation Fix">
  * Resolved an issue that prevented users from being able to accept account invitations
</Update>

<Update label="October 8 2025" description="Sign Up Fix">
  * Resolved an issue that prevented new users from being able to sign up
</Update>

<Update label="October 3 2025" description="Continuity Strategy Fix">
  * Fixed config generation when multiple Continuity Strategies in a single deployment
</Update>

<Update label="October 3 2025" description="TLS Configuration Flexibility">
  * Improved how TLS certificates and TLS policies (e.g., min TLS version, enabled ciphers) are configured
  * More flexibility and better security controls
</Update>

<Update label="October 2 2025" description="Dashboard Search">
  * You can sort and name search for applications, identity fabric, and user flows from the dashboard
  * Resolved issues in Identity Service Health Monitoring not generating correct config
</Update>

<Update label="September 22 2025" description="Proxy User Flow Editor">
  * The proxy user flow editor now lets you attach a user flow to a deployment
  * New list of deployments view
</Update>

<Update label="September 18 2025" description="Proxy User Flow Fix">
  * Resolved an issue where proxy user flows failed with service extensions with null metadata
</Update>

<Update label="September 17 2025" description="Proxy App User Flow Editor">
  * New UI for the proxy application user flow editor with show view and edit slide out window
</Update>

<Update label="September 3 2025" description="Applications List">
  * Adopted new list experience for applications including:
    * Search by name
    * Create new
    * View the associated user flow
</Update>

<Update label="August 21 2025" description="PKCE Toggle Fix">
  * Fixed PKCE toggle in OIDC Identity Fabric
  * When creating an OIDC based identity fabric, PKCE is enabled by default and the toggle now correctly shows enabled state
</Update>

<Update label="August 21 2025" description="SE Delete Warning">
  * Improved warning experience when trying to delete a service extension that is in use
</Update>

<Update label="August 20 2025" description="OIDC CORS">
  * Added CORS configuration to OIDC applications
</Update>

<Update label="August 20 2025" description="Multiple Redirect URLs">
  * You can now enter multiple login and logout redirect URLs for Microsoft Entra ID OIDC and other OIDC identity fabric services
  * Updated look and feel of the Identity Fabric page
</Update>

<Update label="August 13 2025" description="Azure Gov Cloud Storage">
  * Deployments now support Azure Government Cloud blob storage
  * Requires Orchestrator version v2025.08.2 or higher
</Update>

<Update label="August 7 2025" description="LDAP Custom Login Flows">
  * In the LDAP authentication fabric settings you can now customize login flows by uploading custom HTML pages and localizations
</Update>

<Update label="July 25 2025" description="Identity Fabric Search">
  * You can now perform a name search from the Identity Fabric list and on creation
</Update>

<Update label="July 15 2025" description="Orchestrator Host TLS">
  * From the Deployment Manager you can now configure TLS settings for inbound connections on the orchestrator host
  * Requires manual orchestrator restart
</Update>

<Update label="July 9 2025" description="Metadata Deploy Fix">
  * Resolved an issue where metadata value edits were not deploying
</Update>

<Update label="July 3 2025" description="Log Filtering">
  * You can now add filters to suppress log messages from Observability Settings
  * Each filter defines a function that tests potential log output
</Update>

<Update label="June 26 2025" description="OIDC Redirect Fallback">
  * In an OIDC app type definition you can now define a redirect URL fallback when an app's authorization request does not include a redirect\_uri parameter
  * Improved user flow list view with search and filtering
</Update>

<Update label="June 23 2025" description="SAML Key File Paths">
  * You can now set a file path on host to the SAML Private Key and SAML Public Key (Certificate)
  * Requires Orchestrator version 2025.06.4 or higher
</Update>

<Update label="June 18 2025" description="Account Switching Fix">
  * Resolved an issue preventing users from switching accounts
</Update>

<Update label="June 16 2025" description="Orchestrator Telemetry Update">
  * Updated the system to use the latest Orchestrator Telemetry configuration
</Update>

<Update label="June 12 2025" description="Deployments GA">
  * The new Deployments capability is now available in all accounts
  * Includes:
    * Deployments Workflow
    * Deployment Manager
    * Configuration Preview
</Update>

<Update label="June 6 2025" description="Application Dependencies">
  * Attribute Provider definition in a user flow has been expanded and renamed to Dependencies
  * You can now attach identity providers, service extensions, and attribute providers to a user flow
</Update>

<Update label="June 4 2025" description="SAML Multiple Entity IDs">
  * You can now define multiple Entity IDs when defining a SAML application
</Update>

<Update label="June 2 2025" description="OIDC Public Clients">
  * In an OIDC app you can now mark an app as a public client
  * Public clients, such as SPAs, do not require a client secret
  * Requires Orchestrator release v2025.05.2 or higher
</Update>

<Update label="May 28 2025" description="Deployment Manager">
  * View the latest Orchestrator Release Version number, date, and go directly to the release notes
  * Orchestrator Version Inspection to check compatibility
</Update>

<Update label="May 23 2025" description="SE Metadata Workflows">
  * Added support for editing metadata values for service extension points in Proxy User Flows
</Update>

<Update label="May 16 2025" description="SAML Unauthorized URL">
  * You can now define an app specific unauthorized (403) URL for SAML apps
  * Requires Orchestrator Release v0.113.0
</Update>

<Update label="May 13 2025" description="Deployments Preview">
  * Publish Preview actions are now on each app in SAML and OIDC user flows
  * SAML apps can define default and multiple Assertion Consumer Service (ACS) URLs
</Update>

<Update label="May 7 2025" description="OIDC Allowed Audiences">
  * OIDC Apps now support allowedAudiences
  * Bug fixes for user flow metadata and SE function names
</Update>

<Update label="May 2 2025" description="Maverics Platform Release">
  * New Deployments Workflow, Deployment Manager, Configuration Preview, and Enhanced SAML App Configuration
  * Gradually rolling out to existing accounts
</Update>

<Update label="April 30 2025" description="Improved Deployments UI">
  * Improved text formatting and layout of the deployment manager
  * Resolved issues where a user could not accept an invitation to another account
</Update>

<Update label="January 31 2025" description="DPoP and App Migrations">
  * When defining an OIDC app you can now require demonstrating proof of possession (DPoP)
  * App Centric Migrations to prepare for future UI updates
</Update>

<Update label="January 15 2025" description="Passwordless Improvements">
  * New users can sign in with a passkey as an alternative to the HYPR app
</Update>

<Update label="January 9 2025" description="Apps Restricted to One User Flow">
  * Each application is now restricted to one user flow to simplify application deployments
</Update>
