v2.37.0

Release date: March 12, 2026

New features

Authentication Policy

A new authentication policy schema is now available for managing OAuth2-based authentication rules in your ledger. This schema allows you to define authentication providers with configurable settings for token issuance and proof impersonation.

The authentication schema is automatically created when you create a new ledger and can be used to define policies with the following structure:

{
  "handle": "auth-main",
  "schema": "authentication",
  "values": [
    {
      "schema": "oauth2",
      "signer": { "handle": "ledger-oauth" },
      "target": { "schema": "oauth-application" },
      "config": {
        "jwt.ttl": 3600,
        "proof.impersonator.handle": "system.auth"
      }
    }
  ]
}

Key features:

• OAuth2 support: Define authentication rules using OAuth2 schema
• Signer configuration: Specify which signer will issue authentication tokens
• Target filtering: Optionally restrict authentication to signers of a specific schema
• JWT TTL: Configure token time-to-live in seconds (e.g., 3600 for 1 hour)
• Proof impersonation: Set a proof impersonator handle for authentication operations

Example use cases:

• Define authentication policies for different types of applications (e.g., OAuth applications vs. service accounts)
• Configure multiple authentication providers with different TTL and security settings
• Implement fine-grained access control based on authentication rules

Improvements

Hash verification with Ledger SDK

• Added option to ensure that hash matches the computed hash of data when asserting proofs. This is optional and should be enabled at initialization:

  const sdk = new LedgerSdk({
    verifyHash: true
  })

or post initialization:

  sdk.setVerifyHash(true)