Release notes

BankID

Extended QR code support for BankID authentication and signing in HTTP and proxy APIs. Updated BankID logotypes and improved configuration for launching BankID on IOS devices.

Freja eID

Added Freja eID as an identification method to PhenixID verify user identity and introduced support for QR codes to FrejaEIDAuthRequestValve and FrejaEIDSignRequestValve.

SITHS eID

Added the possibility to use SITHS via the API for signing and extended authentication with QR code support.

Generic

SAML support has been extended with the possibility to use key rollover in Service Provider Authenticators as well as dynamically assigning Assertion Consumer Service URL.

Support for TLS versions prior to version 1.2 has been removed

New features and improvements

PHX-2988 - Added QR code support to BankID Proxy API (qrStartSecret, qrStartToken) in (phenix-api-bankid module)

PHX-2997 - Added QR code support to BankIDSignValve (qrStartSecret, qrStartToken)

PHX-2981 - Added QR code support to BankIDAuthenticateValve (qrStartSecret, qrStartToken)

PHX-3004 - BankID new logo

PHX-2984 - Added configuration option, useRedirectURL, to BankID authenticators (BankID, SAML2BankID) that can be used to disable unwanted redirection from the BankID app on IOS

PHX-2994 - Added Freja eID QR code support to FrejaEIDAuthRequestValve and FrejaEIDSignRequestValve

PHX-2998 - Added Freja eID as an identification method for PhenixID verify user identity

PHX-2964 - Added new valve SithsEidSignValve and extended SithsEidAuthenticateValve with QR code support (qrStartSecret, qrStartToken)

PHX-2948 - Added support for dynamically setting Assertion Consumer Service URL in the AuthNRequest for SAML Service Provider Authenticators (SAMLServiceProviderAuthn, SAMLSPBroker, OIDCToSAMLBroker)

PHX-3001 - Introduced support for key rollover for SAML Service Provider Authenticators 

PHX-2925 - Added extraoptions.vmoptions for Linux installation to be able to keep custom Java options on upgrade

PHX-2961 - Fixed text "installera nyckel" to "installera profil" in Pocket pass Activation portal

PHX-2982 - Secured sensitive endpoints as default

PHX-2986 - Disabled support for TLS versions prior TLS 1.2

Bug fixes

PHX-2995 - Fixed PDF preview rendering issues while zooming and changing page

PHX-3000 - Updated expired PAS installer signing certificate

PHX-3003 - Resolved HSQLDB backup issues using default backup location

PHX-3007 - Mitigated cross-site scripting vulnerability

PHX-3008 - Fixed language cookie validity time