Upgrade from previous version

Current version is 2.0 - 3.0.

Even though PhenixID server is fully compliant with previous versions there are differences. Upgrades should not be done without contacting PhenixID.

When contacting PhenixID please add information about current usage of PhenixID server. This will help in assessing the work upgrading the system.

The current version is pre 4.2

Be sure to look through the previous manuals for details.

The current version is 4.2

The installer will guide through the update. Be sure to backup the existing installation before starting the upgrade.

Step by step document for upgrade can be found here:

New version of Hazelcast

New version of Hazelcast is being introduced, with new cluster.xml. This  file needs to be replaced manually in the folder /classes after the  upgrade. Rename earlier cluster.xml and then change cluster_template.xml  to cluster.xml

If cluster is configured, the configuration in the network section must be moved from the earlier cluster.xml to the new one.


Starting with version 5.0, no customizations should be done in the mods directory - for customizations that previously was done in the mods directory, they should now be placed in the same relative path in the modsoverlay directory.

The system will overlay the content of the modules inside modsoverlay on top of the modules inside mods. If a file exist with the same relative path in both mods and modsoverlay, the file in modsoverlay will be used used.


  • Original file path: mods\com.phenixidentity~phenix-prism-enroll-pki\templates\main.hbs
  • This file should not be modified, however a modified copy can be placed at:
  • Customization file path: modsoverlay\com.phenixidentity~phenix-prism-enroll-pki\templates\main.hbs

In some scenarios, a full copy of a module was done in order to make certain modifications apply only to a specific scenario, for example for One Touch deployment. This should not be done anymore, instead it's now possible to create a new module inside the modsoverlay directory that inherits an existing module, only applying the files in the new module on top of the base module. What module to inherit is controlled using the file mod.json, and the property "inherits".


  • Original module name: com.phenixidentity~phenix-prism-enroll-pki
  • Original module path: mods\com.phenixidentity~phenix-prism-enroll-pki
  • Create new directory: modsoverlay\com.phenixidentity~phenix-prism-enroll-pki~my-custom-copy
  • Create new file: modsoverlay\com.phenixidentity~phenix-prism-enroll-pki~my-custom-copy\mod.json with the content:
  "inherits": "com.phenixidentity~phenix-prism-enroll-pki"
  • Make the customizations in: modsoverlay\com.phenixidentity~phenix-prism-enroll-pki~my-custom-copy


There has been changes to the "front end files" such as css, js and templates. If you see strange behavior with the web apps or authentication pages, please clear the browser cache.

From version 2.6 there has been a change to the template file used by One Touch.
The server will now look for this file in the folder /resources and the name of the default template file has changed from onetouch_template_json.template to ot_auth_template.json.
If there are One Touch scenarios configured in earlier versions, please go into the Configuration Manager, locate your scenario(s) for One Touch and click on the tab "Advanced".
Edit the name of the template file according to your environment.

If One Touch tokens have been enrolled in version 2.7 and before, you might see this error on startup.


External Database (Microsoft SQL Server)

The timestamp precision has been increased from milliseconds to nanoseconds. This means that the columns in the external databases need to be altered to datetime2 (previously, it was datetime which isn't compatible with PAS 5.0+)

Run the following SQL to update the datetime columns:

DROP INDEX IF EXISTS event_date ON event;
ALTER TABLE event ALTER COLUMN date datetime2;
CREATE INDEX event_date ON event (date);

DROP INDEX IF EXISTS tokens_expires ON tokens;
ALTER TABLE tokens ALTER COLUMN expires datetime2;
CREATE INDEX tokens_expires ON tokens (expires);

DROP INDEX IF EXISTS lockouts_userid ON lockouts;
ALTER TABLE lockouts ALTER COLUMN created datetime2;
ALTER TABLE lockouts ALTER COLUMN modified datetime2;
CREATE INDEX lockouts_userid ON lockouts (userid);

DROP INDEX IF EXISTS devices_used ON devices;
DROP INDEX IF EXISTS devices_created ON devices;
ALTER TABLE devices ALTER COLUMN created datetime2;
ALTER TABLE devices ALTER COLUMN used datetime2;
CREATE INDEX devices_used ON devices (used);
CREATE INDEX devices_created ON devices (created);

DROP INDEX IF EXISTS assignments_expires ON assignments;
ALTER TABLE assignments ALTER COLUMN expires datetime2;
ALTER TABLE assignments ALTER COLUMN modified datetime2;
ALTER TABLE assignments ALTER COLUMN created datetime2;
CREATE INDEX assignments_expires ON assignments (expires);
Click to copy

BankID v6.0

In version 4.7 it is possible to upgrade to v6.0 by adding the attribute "version" : "v6.0" to your configuration and removing the use of personalNumber to trigger authentication from your environment. 


No extensions written for versions prior to 5.0 are compatible with 5.0+. Many old extensions have been ported to 5.0, and has been included into the base installation