Release notes
Support for DIGG "Deployement profile for Swedish eID framework
Now supporting DIGGs "Deployment profile for the Swedish eID Framework" specification. Updates include the option for the administrator to decide on more strict validation of incoming SAML requests as well as supporting more attributes.
Animated QR code for Bank-ID
Static QR code for BankID authentication is replaced with an animated version for increased security
WCAG updates to Password Selfservice and MyApps
Password Selfservice and MyApps UI updated to comply with WCAG (Web Content Accessibility Guidelines) 2.1. This makes content more accessible to a wider range of people with disabilities, including accommodations for blindness and low vision.
LDAPSearchValve multiple search bases
LDAPSearchValve allows for configuration of more than one search base.
FrejaID authenticator
No selection of authentication method necessary if only one option is available.
NIASSignValve item property expansion
Added support for property expansion to pnr and user_visible_data parameters.
BankID authentication "avsiktstext"
Possible to configure userVisibleData for BankID identification just as with signing.
Bug fixes
- Unable to replace SAML-metadata on file
- Can't choose last line in MyApps on iOS
- Cookie for phenixidlangauge rejected
- Values for "ot_push_title" and "ot_push_message" set in GUI, is not written to configuration
- Invalid pdf/a-1a font in dss signing
- Log level set to Debug as default
- Aborting eidas-authn returns to white page
GenerateJWTTokenValve target property
It is now possible to configure the target property name to something else than the default value id_token.
eIDAS cancel authentication
PAS - acting as a service provider - can now be configured to redirect a user to a predefined cancelUrl when a user aborts, for example, an eIDAS login. Applies to SAMLSPBroker, SAMLServiceProviderAuthN and OIDCToSAMLBroker.
AttributeConsumingServices support for SAMLSPBroker
SAMLSPBroker now supports configuration of AttributeConsumingServices, allowing you to list different services that use the broker and which attributes they are interested in receiving in a SAML Assertion. SAML requests made by the broker towards an IdP will then forward the AttributeConsumingServiceIndex used by the requesting SP such that each service receives the correct attributes.