Now supporting DIGGs "Deployment profile for the Swedish eID Framework" specification. Updates include the option for the administrator to decide on more strict validation of incoming SAML requests as well as supporting more attributes.
Static QR code for BankID authentication is replaced with an animated version for increased security
Password Selfservice and MyApps UI updated to comply with WCAG (Web Content Accessibility Guidelines) 2.1. This makes content more accessible to a wider range of people with disabilities, including accommodations for blindness and low vision.
LDAPSearchValve allows for configuration of more than one search base.
No selection of authentication method necessary if only one option is available.
Added support for property expansion to pnr and user_visible_data parameters.
Possible to configure userVisibleData for BankID identification just as with signing.
- Unable to replace SAML-metadata on file
- Can't choose last line in MyApps on iOS
- Cookie for phenixidlangauge rejected
- Values for "ot_push_title" and "ot_push_message" set in GUI, is not written to configuration
- Invalid pdf/a-1a font in dss signing
- Log level set to Debug as default
- Aborting eidas-authn returns to white page
It is now possible to configure the target property name to something else than the default value id_token.
PAS - acting as a service provider - can now be configured to redirect a user to a predefined cancelUrl when a user aborts, for example, an eIDAS login. Applies to SAMLSPBroker, SAMLServiceProviderAuthN and OIDCToSAMLBroker.
SAMLSPBroker now supports configuration of AttributeConsumingServices, allowing you to list different services that use the broker and which attributes they are interested in receiving in a SAML Assertion. SAML requests made by the broker towards an IdP will then forward the AttributeConsumingServiceIndex used by the requesting SP such that each service receives the correct attributes.