Release notes
BankID
Extended QR code support for BankID authentication and signing in HTTP and proxy APIs. Updated BankID logotypes and improved configuration for launching BankID on IOS devices.
Freja eID
Added Freja eID as an identification method to PhenixID verify user identity and introduced support for QR codes to FrejaEIDAuthRequestValve and FrejaEIDSignRequestValve.
SITHS eID
Added the possibility to use SITHS via the API for signing and extended authentication with QR code support.
Generic
SAML support has been extended with the possibility to use key rollover in Service Provider Authenticators as well as dynamically assigning Assertion Consumer Service URL.
Support for TLS versions prior to version 1.2 has been removed
New features and improvements
PHX-2988 - Added QR code support to BankID Proxy API (qrStartSecret, qrStartToken) in (phenix-api-bankid module)
PHX-2997 - Added QR code support to BankIDSignValve (qrStartSecret, qrStartToken)
PHX-2981 - Added QR code support to BankIDAuthenticateValve (qrStartSecret, qrStartToken)
PHX-3004 - BankID new logo
PHX-2984 - Added configuration option, useRedirectURL, to BankID authenticators (BankID, SAML2BankID) that can be used to disable unwanted redirection from the BankID app on IOS
PHX-2994 - Added Freja eID QR code support to FrejaEIDAuthRequestValve and FrejaEIDSignRequestValve
PHX-2998 - Added Freja eID as an identification method for PhenixID verify user identity
PHX-2964 - Added new valve SithsEidSignValve and extended SithsEidAuthenticateValve with QR code support (qrStartSecret, qrStartToken)
PHX-2948 - Added support for dynamically setting Assertion Consumer Service URL in the AuthNRequest for SAML Service Provider Authenticators (SAMLServiceProviderAuthn, SAMLSPBroker, OIDCToSAMLBroker)
PHX-3001 - Introduced support for key rollover for SAML Service Provider Authenticators
PHX-2925 - Added extraoptions.vmoptions for Linux installation to be able to keep custom Java options on upgrade
PHX-2961 - Fixed text "installera nyckel" to "installera profil" in Pocket pass Activation portal
PHX-2982 - Secured sensitive endpoints as default
PHX-2986 - Disabled support for TLS versions prior TLS 1.2
Bug fixes
PHX-2995 - Fixed PDF preview rendering issues while zooming and changing page
PHX-3000 - Updated expired PAS installer signing certificate
PHX-3003 - Resolved HSQLDB backup issues using default backup location
PHX-3007 - Mitigated cross-site scripting vulnerability
PHX-3008 - Fixed language cookie validity time