Release notes

Dependency updates

Underlying dependencies have been updated.  Local customizations may be affected.

Updated guide for Pocket Pass activation app

Protect the activation with a SAML Identity Provider.

Keystore expiration notification

Notify admins automatically when keystores (certificates) are about to expire.

BankID cancel

Support for cancelling a bankid transaction.

SMTP TLS settings

TLS settings for SMTP can now be defined globally.

Define custom truststore

Define a custom truststore for custom trusts to make it consistent when upgrading the product.

SITHS eID - default trusted issuers

The production CA DNs have been added to the configuration param rfc2253Issuers on SITHS eID authenticators and valves.

Advanced view clearification

When using the Advanced view of Configuration Manager, the current section that is edited is displayed in the title.

Bug fixes

- Database issues on very large OneTouch assignments

- OpenIDConnect discovery data x5t value faulty


- Fido2Authenticator with pipe

- Freja eID app switching when not using a web browser

- SAMLWindowsSSO session handling

SAML Single Logout

Full SAML Single Logout support, both as IdP and SP.

GUI and documentation for KeystoreExtractor valve

- Updated Configuration Manager GUI to handle the valve.

- Updated documentation for the valve.

Added hook to post OneTouch enrollment

Added possibility to add pipe to be executed when a OneTouch enrollment has been carried out.

Updated OpenID Connect documentation

Documentation was added / altered :

- Changes to configuration manager GUI

- UserInfo pipe

SAMLNias authenticator update

Session attributes added in connecting pipe was previously overwritten.

Graphical improvements when signing PDF

The signing end user interface has been updated to prevent multiple clicks etc.

Handle signing SAML authnReq without binding property

PAS, as SAML Identity Provider, is now able to handle signed authentication requests without binding property set.

Updated Freja eID valves documentation

Documentation was updated to correlate to latest version of the valves.

New valve for HTTP file upload

Valve to upload of files to external services using form-data (multipart). Primary usage is to send signed pdf to SWF. Please view the valve documentation for details.

Encryption scheme compliancy

Certificate with PBES2 encryption scheme can now be handled.

New valve for revoking certificate on Nexus Certificate Manager

A new valve, NexusCMRevokeCertificate, has been added. This is useful in one touch enrollment scenarios where PAS is connected to the external PKI from Nexus. Please view the valve documentation for details.