1.4.0 (Match 20 2023)
    - Added support for WebADM v2.3 (this version requires WebADM v2.3).
    - Password reset without link is not supported anymore.
      > Removed Require Link setting.
    - Added Require Certificate setting.

1.3.0 (January 19 2023)
    - Added compatibility with WebADM 2.2.
    - Removed FIDO U2F (deprecated in flavor of FIDO2).
    - Updated the application icons.
    - Expiration time for a registration request is now in hours.

1.2.10 (December 22 2022)
    - Added QRCode for mobile copy/paste with application passwords.
    - Removed the logo from the login page.
1.2.9 (November 1 2022)
    - Added automatic language switching based on LDAP user language.
1.2.8 (September 2 2022)
    - Added SQL audit log event types (requires WebADM >= 2.1.15).
1.2.7 (April 22 2022)
    - Fixed minor issues with voice biometrics registration.
    - Prevent self-renewal of WebADM Admin certificates.
1.2.6 (April 22 2022)
    - Added a settings to configure new certificate expiration time.
    - Added a settings to configure new certificate features (secure e-mail
      and Microsoft SmartCard login support).
1.2.5 (December 5 2021)
    - Added support for PKI login with external certificates (ex. eIDAS).
      > Requires WebADM version >= 2.1.0.
    - Exported WAPI methods allow certificate registration requests.
    - Added support for FIDO2 Web login with U2F-registered FIDO devices.
    - Fixed broken FIDO2 login with Apple Safari browser.
1.2.4 (July 5 2021)
    - Create a logfile event for every user operation.
1.2.3 (April 4 2021)
    - Added support for OTP Prefix registration links sent by OpenOTP when
      the OTP Prefix is missing.
1.2.2 (March 9 2021)
    - Added FIDO2 PIN / Biometric user verification policies.
    - Mobile Token display name is now reduced to the user display name.
    - Added OpenOTP mobile enrolment with Token duplicate checks.
    - Removed all TiQR functionalities.
      > Your application configuration may be incorrect after upgrade if you
        enabled any TiQR setting. In this case, just edit and re-apply the
        configuration under the 'Application' menu in WebADM.
    - Added compatifility with WebADM 2.0.11.
    - 'Require LDAP password' is disabled by default.

    - Added support for OpenOTP Voice Biometrics.
    - Added support for SpanKey with FIDO/U2F devices' registration.
    - Added support for OpenOTP Max Idle Time blocking settings.
    - Added comatibility with WebADM v2.0.0.

    - Added support for certificate (PKI) self-registration.
    - Added support for OpenOTP virtual attributes.
    - Added 'None' method not to send the one-time request via Mail or SMS.
    - Hardware Token registration requires the current OTP for validation.
    - This update is required for WebADM version >= 1.7.6.
    - Prevent key import not matching the configured key size for SpanKey.
    - Added support for SpanKey DSA with 2048 and 4096 bit keys.
    - Fixed several wrong file permissions.

    - Added support for Client policy -based access restrictions.
    - Added support for SpanKey count-limited keys.
    - Added SSH Public Key import with copy/paste for SpanKey registration.
    - Users cannot self-configure SSH key expiration or max use.
    - Fixed 'Close' buttons sometimes not closing/blanking correctly.
    - Added support for WebADM v1.7 (it does not work with previous versions).
    - Hide the OTP PIN prefix input.
    - Added German translations.

    - Added support for FIDO2 with TPM chips (ex. Apple MacBooks).
      > This option requires OpenOTP v1.4.2.
    - U2F / FIDO2 registration choice is now automatic (based on client policies).
    - Fixed Token registration when Soft Token expiration time is set to '0'.
    - OTP prefix change is now avaialbe when OTP prefix is enabled in client policies.
    - User is guided to the Token enrollment when only one Token can be registered.
    - Menu is greyed for all items which cannot be self-registered.
    - Auto logout when a focussed registration item has been chosen.
    - Added support for FIDO2 (CTAP and WebAuthn enrollemnts).
      > You need OpenOTP v1.5 with this version of the Self-Service.
    - Fixed Trusted U2F Devices feature not working on Chrome version >= 66.
    - Setting Allowed Self-Registration 'U2F' is replaced by 'FIDO'.
      > You may need to adjust and re-apply your configuration in WebADM!
    - Added the 'FIDO Device Management' setting section.

    - Fixed SelReg requests for group not founding the right matching domain list.
    - Fixed OpenOTP login login test starting 2 auth requests with Internet Explorer.
    - The SelfReg request Manager method returns the registration URL instead of
      a TRUE boolean on success.
    - Added support for client side enrollemnt with OpenOTP v1.3.11-1.
    - Removed SMSHub custom URL, username and password settings (not needed anymore).
    - Removed SMS SenderNumber and email SenderAddress settings.
      > The SMS sender number is now configurable in SMShub only.
      > The email sender address is configured via the 'org_from' in webadm.conf.
    - Bug fixes with the Link Mode when configured in the user settings.
    - Fixed incomplete token names with QRCode enrollments.
    - Added support for WebADM v1.6 (this version does not run on previous WebADM).
    - Added support for access restrictions based on a client policies.
    - Added SpanKey enrolment setting 'Allowed SSH Key Types' to limit the type of
      SSH keys to be self-enrolled.
    - Removed OpenOTP Application Passwords without expiration (OpenOTP v1.3.7).
    - Fixed non working per-user and group policies for AllowRegister,
      AllowTokenTypes and DefaultTokenType.
    - Fixed registration email not beeing sent from the Manager method.
    - Added an optional 'expires' parameter to the manager method.
    - Added support for OTP List registration.
    - Updated OpenOTP Token logo.

    - Removed SMSC configurations (SMSHub is now required for SMS features).
    - Fixed an issue with Yubikey registration with YubiCloud.
    - Added support for newer RCDevs software Token.
    - New RCDevs Token logo image.
    - Added multilingual support (French translation for now and more to come).
    - Better support for PKI user authentication via WAProxies.
    - Removed SMSCount and MailCount user statistics (for OpenOTP v1.3.3-2).
    - Added support for upcoming U2F on Firefox and Orpera browsers.
      > You need OpenOTP v1.3.2 with this version of SelfReg.
    - Added support for the new OpenOTP Push Login methods.
    - Added a new enrolment workflow with RCDevs Software Authenticator.
    - Google Authenticator Token icon is replaced by RCDevs Authenticator.
    - Added an option to download both the PEM and PPK SpanKey private keys
      bundled in a ZIP file.

     - Added support for RCDevs SpanKey Server.

     - Uses the new WAPI framework from WebADM v1.5.0.
     - Added product categorization for WebADM v1.4.5.
     - Complete facelift with new design and login workflows.
     - Added an OTP validation with HOTP and TOTP QRCode registration.
     - Added brute-force attack protection with source IP address blacklisting.
     - Remove resynchronization for Yubikeys which is not necessary.
     - Removed the ability for end-users to self-send enrolment requests.
     - Many general user experience enhancements.
     - Users can optionally set friendly names or short descriptions for U2F devices.
     - U2F uses embedded javascript and does not require the Google Chrome extension.
     - Sending requests through the Manager method is audited in the Manager SQL log.
     - Added support for WebADM user_level configurations in webadm.conf.
     - Changed the Yubikey registration image to include Yubikey Nano.
     - This version is designed for WebADM v1.4 and is not compatbile with v1.3.
     - Added support for WebADM 1.4 admin roles for admin pages and manager methods.
     - The 'Allow Unused Tokens Only' setting is removed and enabled by default.
     - Added support for the %USERID% variable in user message templates.
     - Added support for OATH tokens supporting MD5 algorithm (ex. RedHat FreeOTP).
     - Added support for Plivo online SMS service (http://www.plivo.com).
     - Support form and Token download URLs are hidden if not configured.
     - Added support for OpenOTP v1.2 and FIDO U2F device management.
     - Send Registration links can be send to group members (via group actions).
     - Changed Allowed Token Types and Default Token Type settings to be more specific.
       > You need to re-configure these settings if they were enabled.
     - User IDs are replaced by common names (LDAP CN value) in user messages.
     - Simplified the OTP and TiQR authentication test.
     - OTP inputs do not display the OTP password (required for protecting OTP PIN).
     - Added support for TiQR 1.0.7-2 with re-designed TiQR+LDAP workflow.
     - Added support for TiQR v1.1 and RSA cryptography.
     - Added support for OpenOTP 1.1.5 and Application Passwords.
     - Item to be enroled can be selected be an administrator or a Manager API call.
     - Added a PKI login feature which bypasses OTP and TiQR authentication.
     - With OTP PROXY mode, OTP Type is changed to TOKEN after Token enrolment.
     - Application does not need SMSHub anymore to send SMS registration links.
       > You need to reconfigure the SMSC connection for SMS enrolment.
     - Added support for several Tokens enrolment with Google Authenticator.
     - Added issue URI parameter for Google Authenticator.
     - Added compatibility with WebADM per-application session timeouts
     - Added Yubikey registration with WebADM Inventory (simply by pressing the Yubikey).
     - Added support for YubiCloud-based Yubikey enrolment.
     - Added a setting to prevent a user from enroling Tokens already used by another user.
     - The Default Token Type HARDWARE is replaced by HARDWARE-OATH and HARDWARE-YUBIKEY.
       If you had configured HARDWARE, please change to one of the options after upgrade.
     - Added actions to de-activate and re-activate registered Tokens.
     - Added support for OpenOTP Software Token Expiration and auto re-enrolement process.
     - Added support for OpenOTP/TiQR LoginEnabled configuration.
     - New aplication architecture designed for WebADM v1.2.6.
     - Registration links can be sent via SMS when SMSHub Server is installed.
     - Added simple Hardware Token registration with serial numbers. This registration
       mode is highly recommended when dealing with large amounts of Hardware Tokens.
     - Added support for expired LDAP passwords.
     - Changed OTP and TiQR texts to be more user-friendly.
     - OpenOTP and TiQR settings are disabled when application is not present.
     - Email and SMS are sent to all user address and mobile numbers.
     - Added support for WebApp authentication requiring user certificates.
     - Multiple minor other enhancements.

     - Added support for OTP Prefix (PIN) management with OpenOTP v1.1.1.
     - All PIN code values are displayed as bullets.
     - Adapated HTML for WebADM 1.2.5-1 rendering.
     - Input length validations for new password, OTP prefix and PIN code.
     - Added support for OpenOTP v1.1 with multi Token and new Fallback methods.
     - Added the possibility to un-register a Token.
     - The Allow Register setting can restrict self-registration to specific Tokens.
     - Added an option to limit the self-registration to one application only.
     - Added support for users with multiple mobile numbers or email addresses.
     - Added a 'Default Token Type' setting to set the default token type in the token
       registration form.
     - Fixed a problem when working in inline mode.
     - Fixed a problem with the mOTP PIN reset.

     - Updated for WebADM 1.2.
     - Added support for WebADM 1.2.x Manager interface.
     - Default domain supported.
     - Added a script (bin/register) to send self-registration requests in bulk.
     - Added a setting to configure the registration mail subject.
     - Display enhancements.
     - Added "Allowed Token Types" setting allowing to restrict the types of
       Tokens which can be registered.
     - Uses the WebADM-1.1.3 mail sending system for registration requests.
     - Simplified user interface.
     - Compliance with TiQR Server 1.0.1.

     - Added support for TiQR Service.
     - Many enhancements.
     - Update required with WebADM-1.1.1.
     - Added RADIUS Proxy OTP Type support.
     - Added SHA256 and SHA512 key registration support for TOTP/OCRA Tokens.
     - Added support for OpenOTP 1.0.11-1.
     - Added a setting to set OpenOTP logintest URL if not local.

     - Added OATH OCRA support.
     - SelfReg now displays Token infos like in SelfDesk.
     - SelfReg now allows Token download, resync and test like in SelfDesk.
     - Fixed button display with Google Chrome.

     - Added user-initated self-registration.

     - Added Google Authenticator support with QRCode registration.
     - OpenOTP Token register enhancements.
     - Added QR Barcode-based Token key registration.
     - Added default email expiration time setting.
     - Uses the new WebADM UI framework.

     Initial SelfReg release.
     Requires WebADM >= 1.0.5.