release 1.47 announcement (#2400)

* Added thank you to an issue reported by a community member.

* fixed typo

* add release announcement

* Corrected case of word

Co-authored-by: Mark Robustelli <[email protected]>

* updated wording around basic/advanced reg

also changed to 'releases' across entire post

* Corrected 'self-service'

* wordsmithing

* Correcting header titles for consistency

---------

Co-authored-by: Mark Robustelli <[email protected]>

site/_posts/2023-08-14-announcing-fusionauth-1-47.md

@@ -0,0 +1,89 @@
+---
+layout: blog-post
+title: Announcing FusionAuth 1.47
+description: This update includes performance improvements, the ability to include preferred languages on the basic registration form, and SAMLv2 assertion encryption.
+author: Dan Moore
+image: blogs/release-1-47/fusionauth-1-47.png
+category: announcement
+tags: release-announcement localization registration performance lambda connector http metrics saml
+excerpt_separator: "<!--more-->"
+---
+
+FusionAuth version 1.47 shipped in late July, 2023. This version includes performance improvements, the ability to collect preferred languages on basic registration forms, and SAMLv2 assertion encryption.
+
+<!--more-->
+
+The focus of these updates is performance. In fact, I hereby dub 1.47 the "Performance Panther" release.
+
+All in all there are 21 issues, enhancements, and bug fixes included in the 1.47.0 and 1.47.1 releases. As always, please see the [release notes](/docs/v1/tech/release-notes#version-1-47-1) for a full breakdown of the changes between 1.46.0 and 1.47.1, including any schema changes.
+
+## Performance Improvements
+
+{% include _image.liquid src="/assets/img/blogs/release-1-47/panther.png" alt="Performance panther is looking at you." class="img-fluid" figure=false %}
+
+There were a number of performance improvements in these releases, as the team focused on making FusionAuth even faster and more scalable. 
+
+Some improvements are only applicable for Enterprise clients. This included lowering the memory overhead when downloading and storing the IP location database. This IP data is used by [Advanced Threat Detection](/docs/v1/tech/advanced-threat-detection/).
+
+Other improvements apply to all FusionAuth users. These include:
+
+* Reworking the internal caching system, which improves performance when creating or deleting hundreds or thousands of applications, keys or other configuration. 
+* Capturing timing metrics around HTTP requests and Lambda and Connector invocations. These will be exposed in the [System Status API](https://fusionauth.io/docs/v1/tech/apis/system#retrieve-system-status) response.
+* Limiting the number of languages associated with a user. Sorry, you'll just have to make do with 20. In certain cases providing too many languages during registration caused performance impacts to the system.
+* Enabling JVM garbage collection logging. Reviewing garbage collection logs, while no fun, can help you understand how the JVM is impacting FusionAuth's abilities to authenticate your users.
+
+Happy tuning!
+
+## Preferred Languages On The Basic Registration Form
+
+FusionAuth has self-service registration. It comes in two flavors: 
+
+* [Basic registration](/docs/v1/tech/guides/basic-registration-forms), which is available with all plans, including the forever free Community plan.
+* [Advanced registration](/docs/v1/tech/guides/advanced-registration-forms), which requires a paid plan.
+
+In either case, when enabled, your users can self-register for your application by providing certain information.
+
+With basic, you are limited to a number of common registration fields, such as first name and last name. With 1.47, your users can now choose a preferred language when registering.
+
+To set it up, you'd enable it in the basic registration configuration.
+
+{% include _image.liquid src="/assets/img/blogs/release-1-47/preferred-languages-enable.png" alt="Enabling the preferred languages field." class="img-fluid" figure=false %}
+
+Then, the user will now see a dropdown when registering. This page [can be themed](/docs/v1/tech/themes/), of course.
+
+{% include _image.liquid src="/assets/img/blogs/release-1-47/preferred-languages-user.png" alt="The user's view of preferred languages." class="img-fluid" figure=false %}
+
+This feature is useful if your application supports multiple languages and you want to [send your welcome email](/docs/v1/tech/email-templates/templates-replacement-variables#setup-password) in the language your user prefers. Previous to 1.47, you had to use advanced registration forms to get this functionality.
+
+## SAMLv2 Assertion Encryption
+
+As of version 1.47, FusionAuth is compatible with a SAML v2 Service Provider (SP) that requires encrypted assertions. This functionality is only available when FusionAuth is acting as the SAMLv2 Identity Provider (IdP). You can enable and configure the behavior on the "SAML" tab of a given Application.
+
+Reasons why SAML assertion encryption might be useful:
+
+* The assertion contains sensitive personally identifiable information (PII).
+* The login occurs in a highly secure or regulated environment.
+* The assertion contains other sensitive data.
+* The SP requires it. :)
+
+Learn more about [configuring SAML assertion encryption](/docs/v1/tech/core-concepts/applications#assertion-encryption).
+
+## The Rest Of It
+
+As mentioned above, there were 21 issues, enhancements, and bug fixes included in these releases. A selection of the included changes not covered above includes:
+
+* Updating third party dependencies such as Jackson and the PostgreSQL client library.
+* New configuration to accept any named parameter as a login hint coming from the SAML v2 SP when FusionAuth is acting as the SAML v2 IdP. 
+* Upgrading to the latest version of our phone number validation library, which includes support and updates for a number of countries phone numbers.
+
+Read more about all the changes in the [release notes](/docs/v1/tech/release-notes#version-1-47-1).
+
+## Upgrade At Will
+
+The [release notes](/docs/v1/tech/release-notes#version-1-47-1) are a guide to the changes, fixes, and new features. Please read them carefully to see if any features you use have been modified or enhanced.
+
+If you'd like to upgrade your self-hosted FusionAuth instance, see our [upgrade guide](/docs/v1/tech/admin-guide/upgrade). 
+
+If you have a FusionAuth Cloud deployment, proceed to the "Hosting" tab on your [account dashboard](https://account.fusionauth.io/account/deployment/){:target="_blank"} and upgrade your instances. If you have any questions about the upgrade, [please open a support ticket](https://account.fusionauth.io/account/support/){:target="_blank"}.
+
+Or, if we've piqued your interest and you'd like to use FusionAuth, [check out your options](/pricing).

site/docs/v1/tech/release-notes.adoc

@@ -83,7 +83,7 @@ include::docs/v1/tech/__database-migration-warning.adoc[]
 
 === Security
 * A race condition exists when using a refresh token with a one-time-use policy where the same token value could successfully be used twice to obtain a new access token. In practice this would be very difficult to replicate outside of a scripted example.
-** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/1840[GitHub Issue #1840]
+** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/1840[GitHub Issue #1840] Thanks to https://github.com/avitsrimer[@avitsrimer] for reporting the issue!
 * Use a CSRF token with all federated login requests. This change will add additional protection when using a federated login to ensure the the login is completed from the same browser that started the login workflow. This mitigates an attack vector that can be used in phishing attacks where a victim could be convinced to click on a link that would cause the user to unknowingly complete a login.
 ** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/2238[GitHub Issue #2238]
 
@@ -148,7 +148,7 @@ If you will be affected by this change, please review the following details and
 ** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/2355[GitHub Issue #2355]
 * Defend against corporate link "checkers" such as Outlook Safe Links and Google Workspace during the Change Password email workflow. This fix resolves a specific symptom that may occur when a link sent to a user during a change password workflow and the user has multi-factor authentication enabled. The symptom the end user may encounter is that multiple codes may be sent to the user during this workflow. When the two-factor method is email, multiple emails may be received, and when two-factor method is SMS, multiple SMS messages may be received. The cause of this symptom is that the link is being inspected by an intermediate party prior to the user's browser loading the link which functionally means the request is made more than once.
 ** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/2360[GitHub Issue #2360]
-* Improve locale validation, and restrict the number of preferred language per user to 20. This should not have any practical impact on users of FusionAuth, but it will better protect FusionAuth from storing erroneous values for the user's preferred languages. If you have users that speak more than 20 languages, you will need to ask them to pick their top 20 favorites. 😎
+* Improve locale validation, and restrict the number of preferred languages per user to 20. This should not have any practical impact on users of FusionAuth, but it will better protect FusionAuth from storing erroneous values for the user's preferred languages. If you have users that speak more than 20 languages, you will need to ask them to pick their top 20 favorites. 😎
 ** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/2363[GitHub Issue #2363]
 * Improve username validation. This length limitation was already enforced by the schema, but the error message was not developer friendly. This change will add a proper validation error in the API response.
 ** Resolves https://github.com/FusionAuth/fusionauth-issues/issues/2368[GitHub Issue #2368]