> ## Documentation Index > Fetch the complete documentation index at: https://tyk.io/docs/llms.txt > Use this file to discover all available pages before exploring further. # Tyk Identity Broker Release Notes > Release notes documenting updates, enhancements, and changes for Tyk Identity Broker. ****Open Source** ([Mozilla Public License](https://github.com/TykTechnologies/tyk/blob/master/LICENSE.md))** **This page contains all release notes for Tyk Identity Broker displayed in reverse chronological order** ## Support Lifetime Only the most recent Tyk Identity Broker release is supported. We recommend staying current to minimise exposure to security vulnerabilities from third party dependencies. *** ## 1.7 Release Notes ### 1.7.3 Release Notes #### Release Date 23 June 2026 #### Release Highlights In this patch, we have fixed an issue where Tyk Identity Broker (TIB) did not honor the host application's configured log verbosity when embedded in Tyk Dashboard or Tyk Developer Portal. We have also resolved several CVEs to strengthen security. For a comprehensive list of changes, please refer to the detailed [changelog](/nightly/#Changelog-v1.7.3) below. #### Breaking Changes This release has no breaking changes. #### Dependencies ##### 3rd Party Dependencies & Tools | Third Party Dependency | Tested Versions | Compatible Versions | | :-------------------------------------------------------- | :-------------- | :------------------------ | | [GoLang](https://go.dev/dl/) | 1.25 | 1.25 | | [MongoDB](https://www.mongodb.com/try/download/community) | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | | [Redis](https://redis.io/download/) | 6.x - 7.0 | 6.x - 7.0 | Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release. #### Deprecations There are no deprecations in this release. #### Upgrade instructions For users currently on v1.7.2, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.7.2 and proceed directly to this latest patch release.
Go to the [Upgrading Tyk](/nightly/#upgrading-tyk) section for detailed upgrade Instructions. #### Downloads * [Docker image to pull](https://hub.docker.com/r/tykio/tyk-identity-broker/tags?name=1.7.3) ``` docker pull tykio/tyk-identity-broker:v1.7.3 ``` * source code tarball for oss projects - [TIB v1.7.3](https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.7.3) #### Changelog ##### Fixed When Embedded in Tyk Dashboard or Tyk Developer Portal, TIB now inherits the host application's configured application log verbosity. Previously, TIB emitted its log output at a fixed verbosity regardless of the Dashboard or Portal setting, so TIB messages could appear even when the Dashboard was configured to a less verbose level. ##### Security Fixes Addressed the following CVEs, providing increased protection against security vulnerabilities, including, but not limited to: * CVE-2026-39830 * CVE-2026-39831 * CVE-2026-39833 * CVE-2026-42508 * CVE-2026-46595 * CVE-2026-39821 * CVE-2026-39829 * CVE-2026-42504 * CVE-2026-39832 * CVE-2026-39834 * CVE-2026-46597 * CVE-2026-25680 * CVE-2026-25681 * CVE-2026-27136 * CVE-2026-39827 * CVE-2026-39828 * CVE-2026-39835 * CVE-2026-42502 * CVE-2026-42506 * CVE-2026-46598 * CVE-2026-42507 * CVE-2026-27145 * CVE-2026-39824 ### 1.7.2 Release Notes #### Release Date 19 May 2026 #### Release Highlights In this release, we have addressed CVEs to strengthen security. For a comprehensive list of changes, please refer to the detailed [changelog](/nightly/#Changelog-v1.7.2) below. #### Breaking Changes This release has no breaking changes. #### Dependencies ##### 3rd Party Dependencies & Tools | Third Party Dependency | Tested Versions | Compatible Versions | | :-------------------------------------------------------- | :-------------- | :------------------------ | | [GoLang](https://go.dev/dl/) | 1.25 | 1.25 | | [MongoDB](https://www.mongodb.com/try/download/community) | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | | [Redis](https://redis.io/download/) | 6.x - 7.0 | 6.x - 7.0 | Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release. #### Deprecations There are no deprecations in this release. #### Upgrade instructions For users currently on v1.7.1, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.7.1 and proceed directly to this latest patch release.
Go to the [Upgrading Tyk](/nightly/#upgrading-tyk) section for detailed upgrade Instructions. #### Downloads * [Docker image to pull](https://hub.docker.com/r/tykio/tyk-identity-broker/tags?name=1.7.2) ``` docker pull tykio/tyk-identity-broker:v1.7.2 ``` * source code tarball for oss projects - [TIB v1.7.2](https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.7.2) #### Changelog ##### Security Fixes Addressed the following CVEs, providing increased protection against security vulnerabilities, including, but not limited to: * CVE-2026-33811 * CVE-2026-33814 * CVE-2026-39820 * CVE-2026-39836 * CVE-2026-42499 * CVE-2026-32952 * CVE-2026-39823 * CVE-2026-39826 * CVE-2026-39825 ### 1.7.1 Release Notes #### Release Date 20th April 2026 #### Release Highlights In this release, we have updated Tyk Identity Broker (TIB) to Golang 1.25 for enhanced security and performance. For a comprehensive list of changes, please refer to the detailed [changelog](/nightly/#Changelog-v1.7.1) below. #### Breaking Changes This release has no breaking changes. #### Dependencies ##### 3rd Party Dependencies & Tools | Third Party Dependency | Tested Versions | Compatible Versions | | :-------------------------------------------------------- | :-------------- | :------------------------ | | [GoLang](https://go.dev/dl/) | 1.25 | 1.25 | | [MongoDB](https://www.mongodb.com/try/download/community) | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | | [Redis](https://redis.io/download/) | 6.x - 7.0 | 6.x - 7.0 | Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release. #### Deprecations There are no deprecations in this release. #### Upgrade instructions For users currently on v1.7.0, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.7.0 and proceed directly to this latest patch release.
Go to the [Upgrading Tyk](/nightly/#upgrading-tyk) section for detailed upgrade Instructions. #### Downloads * [Docker image to pull](https://hub.docker.com/r/tykio/tyk-identity-broker/tags?name=1.7.1) ``` docker pull tykio/tyk-identity-broker:v1.7.1 ``` * source code tarball for oss projects - [TIB v1.7.1](https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.7.1) #### Changelog ##### Changed The Tyk Identity Broker (TIB) has been updated to Golang 1.25, improving security by staying up-to-date with Go versions. ##### Security Fixes Addressed the following CVEs, providing increased protection against security vulnerabilities, including, but not limited to: * CVE-2026-33186 * CVE-2026-33487 * CVE-2026-32285 * CVE-2025-22868 * CVE-2025-30204 * CVE-2024-45338 * CVE-2025-10543 * CVE-2025-22870 * CVE-2025-22872 * CVE-2025-27144 * CVE-2025-47911 * CVE-2025-58181 * CVE-2025-58190 * CVE-2026-34986 * CVE-2026-39883 * CVE-2026-39882 * CVE-2024-51744 * CVE-2025-29923 ### 1.7.0 Release Notes #### Release Date 28 March 2025 #### Release Highlights This release introduces enhancements to TIB, improving group-based permission mapping, adding support for proxy settings from environment variables, and allowing dynamic state values in the OAuth2 flow. For a comprehensive list of changes, please refer to the detailed [changelog](/nightly/#Changelog-v1.7.0) below. #### Breaking Changes This release has no breaking changes. #### Dependencies ##### 3rd Party Dependencies & Tools | Third Party Dependency | Tested Versions | Compatible Versions | Comments | | :-------------------------------------------------------- | :-------------- | :------------------------ | :-------------------------- | | [GoLang](https://go.dev/dl/) | 1.21 | 1.21 | All our binaries | | [MongoDB](https://www.mongodb.com/try/download/community) | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | Used by Tyk Identity Broker | | [Redis](https://redis.io/download/) | 6.x - 7.0 | 6.x - 7.0 | Used by Tyk Identity Broker | Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release. #### Deprecations There are no deprecations in this release. #### Upgrade instructions For users currently on v1.6.0, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.6.0 and proceed directly to this latest patch release.
Go to the [Upgrading Tyk](/nightly/#upgrading-tyk) section for detailed upgrade Instructions. #### Downloads * [Docker image to pull](https://hub.docker.com/r/tykio/tyk-identity-broker/tags?name=1.7.0) ``` docker pull tykio/tyk-identity-broker:v1.7.0 ``` * source code tarball for oss projects - [TIB v1.7.0](https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.7.0) #### Changelog ##### Added TIB now respects `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables when making outbound connections. This change ensures compatibility with air-gapped Kubernetes environments where external services can only be accessed via an HTTP proxy. The OAuth2 "state" field can now be dynamically set via the URL or form-encoded body. This improvement allows integration with external APIs that require custom state values, ensuring compliance with various regulatory and enterprise authentication requirements. Previously, TIB assigned a user to the last matched group when multiple groups were mapped, regardless of the identity provider (SAML, LDAP, OAuth, OIDC, etc.). The new functionality introduces support for multi-group mapping, allowing permissions to be merged. This update is backward compatible and ensures that multi-group rights (combined permissions) are only applied if the user does not have a `groupId` assigned via the Dashboard. ##### Security Fixes * [GHSA-v778-237x](https://github.com/advisories/GHSA-v778-237x-gjrc) *** ## 1.6 Release Notes ### 1.6.1 Release Notes #### Release Date 5 Nov 2024 #### Release Highlights ###### Enhanced Security with JWE Support for OIDC SSO This release introduces JSON Web Encryption (JWE) support for OpenID Connect (OIDC) Single Sign-On (SSO) in the Tyk Identity Broker (TIB). With this enhancement, organizations can achieve greater security for token handling during authentication flows. JWE token validation and processing are now seamlessly integrated, offering configurable private key support for decryption. #### Breaking Changes This release has no breaking changes. {/* ##### Changed error log messages Important for users who monitor Tyk components using the application logs (i.e. Tyk Gateway log, Tyk Dashboard log, etc.). We try to avoid making changes to our log messages, especially at error and critical levels. However, sometimes it's necessary. Please find the list of changes made to the application log in this release: */} {/* ##### Planned Breaking Changes */} #### Dependencies ##### 3rd Party Dependencies & Tools | Third Party Dependency | Tested Versions | Compatible Versions | Comments | | :-------------------------------------------------------- | :-------------- | :------------------------ | :-------------------------- | | [GoLang](https://go.dev/dl/) | 1.21 | 1.21 | All our binaries | | [MongoDB](https://www.mongodb.com/try/download/community) | 5.x, 6.x, 7.0 | 4.4.x, 5.x, 6.x and 7.0.x | Used by Tyk Identity Broker | | [Redis](https://redis.io/download/) | 6.x - 7.0 | 6.x - 7.0 | Used by Tyk Identity Broker | Given the time difference between your upgrade and the release of this version, we recommend customers verify the ongoing support of third-party dependencies they install, as their status may have changed since the release. #### Deprecations There are no deprecations in this release. {/* ###### Future deprecations */} #### Upgrade instructions For users currently on v1.6.0, we strongly recommend promptly upgrading to the latest release. If you are working with an older version (lower major), it is advisable to bypass version 1.6.0 and proceed directly to this latest patch release.
Go to the [Upgrading Tyk](/nightly/#upgrading-tyk) section for detailed upgrade Instructions. #### Downloads * [Docker image to pull](https://hub.docker.com/r/tykio/tyk-identity-broker/tags?name=1.6.1) ``` docker pull tykio/tyk-identity-broker:v1.6.1 ``` * source code tarball for oss projects - [TIB v1.6.1](https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.6.1) #### Changelog ##### Added This release adds support for JSON Web Encryption (JWE) in OIDC Single Sign-On (SSO) with TIB, providing enhanced security for token handling in authentication flows. This feature enables processing and validation of JWE tokens, with configuration options for setting the private key required for decryption. For more details, refer to the [OIDC SSO with JWE](/nightly/api-management/single-sign-on-social-idp#json-web-encryption-jwe) documentation. *** {/* The footer of the release notes page. It contains a further information section with details of how to upgrade Tyk, links to API documentation and FAQs. You can copy it from the previous release. */} ## Further Information ### Upgrading Tyk Please refer to the [upgrading Tyk](/nightly/developer-support/upgrading) page for further guidance on the upgrade strategy. ### FAQ Please visit our [Developer Support](/nightly/developer-support/community) page for further information relating to reporting bugs, upgrading Tyk, technical support and how to contribute.