== RH-SSO 7.2 The following changes have occurred from RH-SSO 7.1 to RH-SSO 7.2. === New Password Hashing algorithms We have added two new password hashing algorithms (pbkdf2-sha256 and pbkdf2-sha512). New realms will use the pbkdf2-sha256 hashing algorithm with 27500 hashing iterations. Since pbkdf2-sha256 is slightly faster than pbkdf2 the iterations was increased to 27500 from 20000. Existing realms are upgraded if the password policy contains the default value for the hashing algorithm (not specified) and iteration (20000). If you have changed the hashing iterations, you need to manually change to pbkdf2-sha256 if you'd like to use the more secure hashing algorithm. === ID Token requires scope=openid In RH-SSO 7.0, the ID Token was returned regardless if `scope=openid` query parameter was present or not in authorization request. This is incorrect according to the OpenID Connect specification. In RH-SSO 7.1, we added this query parameter to adapters, but left the old behavior to accommodate migration. In RH-SSO 7.2, this behavior has changed and the `scope=openid` query parameter is now required to mark the request as an OpenID Connect request. If this query parameter is omitted the ID Token will not be generated. === Microsoft SQL Server requires extra dependency Microsoft JDBC Driver 6.0 requires additional dependency added to the JDBC driver module. If you observe an `NoClassDefFoundError` error when using Microsoft SQL Server please add the following dependency to your JDBC driver `module.xml` file: [source,xml] ---- ----