Enhanced User Transparency, Consent Management and Offboarding in Inrupt’s Latest Releases

Today we announce the general availability of the version 2.5 release of Inrupt’s Enterprise Solid Server (ESS), a core component of our Enterprise Wallet Infrastructure. This release follows hot on the heels of v2.4 and introduces new features and APIs for companies building data platforms in the era of generative AI and Agentic Wallets™, where data access, control, and compliance are of paramount importance.

Improved Consent Management & Transparency for Deployment at Global Scale

ESS v2.4 provides notifications as an extension to the existing Access Request and Access Grant capabilities. This feature provides immediate notifications to subscribed services, via a webhook callback, whenever there is a modification made to an Access Request or Grant. ESS v2.5 extends these capabilities further, providing subscription-based notifications for all resources and containers. These capabilities can streamline the process of managing Access Requests and notifying end users that their action is required. It can also be used to ensure downstream services remain informed and compliant with regulations when an Access Grant expires or is revoked, or whenever data changes.

This capability strengthens our platform’s ability to provide transparency and control, and simplifies the process of propagating data access changes to downstream data consumers, enhancing the ability for an organization to remain compliant with policy and regulation. Documentation for the notification capabilities can be found here.

API Enhancements for Better Lifecycle Management 

Further extending our platform infrastructure capabilities, we have introduced additional APIs for managing the off-boarding of an end user, so that platform teams can automate the deletion of data from ESS. This simplifies the process of removing end user data from the system and can be incorporated into a broader business process.

These new admin APIs enable platform operators to submit purge requests as asynchronous tasks and monitor their progress through to completion. Within an organization, this capability allows platform operators to reliably de-provision resources of an end user. For example, it could be used when an end user’s subscription to a wallet service expires, or when an end user exercises their rights to have their data deleted in areas with robust privacy regulations such as the General Data Protection Regulation or the California Consumer Privacy Act.

Commitment to Security

Inrupt’s commitment to security remains steadfast. In addition to regular security updates delivered as patch releases, our ESS container images are now based on UBI 9, aligning with Red Hat’s supported and hardened base images. This change was backported to ESS v2.3.4, so it will not impact the migration of ESS deployments on the latest version of the 2.3 series.

When a user logs into a client, they are presented with an OpenID Consent screen that establishes the initial trust relationship between the user and the client. ESS v2.4 introduces a configuration to allow trusted clients to skip the display of the OpenID Consent screen. This may be useful in user experience flows to reduce cognitive load and streamline onboarding.

For a full list of ESS capabilities along with the new v2.4 and v2.5 functionality, visit the Inrupt documentation and release notes.