News

April 12, 2024

Maintenance release – SWF 2.5.4

This new release includes defect fixes and addition of minor functions for the 2.5 release, and is recommended for all 2.5 installations.

New/improved features

Now possible for the administrator of the system to publish customer-defined information or news in the UI. This helps the administrator to spread important information such as planned downtime, new features or hints.

To forward information to the IdP, there is an option to set cookies at login, can be used for example to remember login option or source of user

Defect fixes

The 2.5.4 release includes important defect fixes for the 2.5 release, including

Retention time settings for an errand lifecycle, possible to disable PDF validation and GUI fixes

See full patch release information for 2.5.4 here:

 


Show more
March 20, 2024

New release: PAS 5.1.0

PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.1.0. The new release improves the stability, compatibility, and security of your solution, and is recommended for all installations.

 

 

HIGHLIGHTS

The 5.1.0 version introduces a new way of configurating Authenticators, exceptionally simplifying for administrators by giving more control of authentication flows. In addition to this, increased built in support for SAML and OIDC protocols and updated guides for configuration makes this 5.1.0 release something that will not just make PAS more secure but also reduce complexity.

Authenticators architecture

Clear separation of protocols versus authentication methods, new simplified configuration guides to support easier and faster configuration. Read more about how this will make the administrators life easier here.

OpenID Connect support

significantly more OIDC functionality now available “out-of-the-box” in code instead of via manual configuration. Also some new OIDC support not previously possible, e.g Hybrid Flow support. Link to documentation here.

SIGN transaction for BankID and Freja EID

Force a SIGN request to BankID or Freja eID with clear information to the user on the intention of signing

 

 

Read the full release notes for PAS 5.1.0 here:

 


Show more
February 22, 2024

New maintenance release: PIM 6.1.2

PhenixID are proud to announce the new release of PhenixID Identity Manager 6.1.2. The new release improves the stability, compatibility and security of your solution, and is recommended for all installations.
Maintence release

PIM 6.1.2. mainteance release resolves the following issues

PIM-1381 MULTILISTSTRINGCONTROL HANGS
PIM-1382 DEFAULT VALUE HIDDEN IS SENT TO AS EMPTY VALUE TO PIP
PIM-1388 CUSTOM CONTROL FAIL TO RETURN DISPLAY NAME WITH SPECIAL CHARACTERS
PIM-1393 NO SCROLLBAR IN MAIN MENU IF YOU COLLAPSE THE WIDTH
PIM-1395 MULTILISTSTRING IS NOT DISPLAYED INTERMITTENTLY
PIM-1401 MANAGER SEARCH ENGINE STOPS WORKING WHEN INCORRECT NAME/LETTERS IS TYPED AND SEARCHED
PIM-1411 FORMS PATH IS SET TO OTHER FORM

 

Read the full release notes for Identity Manager 6.1.2 here


Show more
February 22, 2024

New release: PhenixID Signing Workflow 2.5.0

 

PhenixID Signing Workflow 2.5.0 improves the stability, compatibility and security of your solution, and is recommended for all installations.
HIGHLIGHTS

 

The highlight for the 2.5.0 release includes the ability edit already created errand

Edit errand

Prior to this release, the only thing that was possible to update on an errand was the expiration time. If the wrong person was invited as a signer, or someone was missing, a soliciotor had to delete the old errand and create a new one. Signers who had already signed the document had to sign again. This release adds the possibility for the solicitor (via GUI or API) to edit an already existing errand

  • Signers that hasnt yet signed can be removed
  • New signers can be added
  • The descirption of the errand can be updated
  • The priority order for signers who hasnt yet been invited (in queue) can be changed

Reminding signers

In the configuration its possible that a emial reminder is sent prior to the errand expires. Now a solicitor can also trigger a reminder email to a signer that hasnt yet signed by clicking a button in the GUI

 

IMPROVED FUNCTIONS

  • SWF graphical issues (mobile responsiveness) has been resolved

 

BUG FIXES

IGA-467 Do not log out when changing language’
IGA-504 Runtime error when uploading first document

Read the full release notes for Signing Workflow 2.5.0 here


Show more
February 14, 2024

Maintenance release – PAS 5.0.1

This new release includes defect fixes and addition of minor functions for the 5.0 release, and is recommended for all 5.0 installations.
 

Bug fixes

The 5.0.1 release includes important bug fixes for the 5.0 release, including

MSSQL using integrated authentication, ACS-URL validation, security vulnerabilities mitigation and TLS version for MiuLookupValveApp.

 

New/updated features

The 5.0.1 version does only contain defect fixes

See full patch release information for 5.0.1 here:

 


Show more
February 14, 2024

Maintenance release – PAS 4.7.3

This new release includes defect fixes and addition of minor functtions for the 4.7 release, and is recommended for all 4.7 installations.
 

Bug fixes

The 4.7.3 release includes important bug fixes for the 4.7 release, including SAML2SithsEid, SAML ACS-URL validation and DSS-signing.
See full maintenance release information for 4.7.3 release here:

 


Show more
December 22, 2023

New release: PhenixID Authentication Services (PAS) 5.0

PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.0. The new release improves the stability, compatibility, and security of your solution, and is recommended for all installations.

 

HIGHLIGHTS

 
Finally the PAS 5.0 version see the light of day! This version is a major technical upgrade, compared to 4.7 and earlier versions. It brings significantly better security level as well as futureproofing and enabling of further enhancements. There are no significant changes in terms of functionality or usability in this initial 5.0 version.

 

Increased security

PAS 5.0 includes a significant reduction of software security vulnerabilities in third party librariues used. The build and testing of PAS software has been enhanced by a mandatory vulnerability (OWASP) check, meaning that the software build process will catch known vulnerabilities – in each recurring and scheduled build.

 

Upcoming features

As PAS 4.7 branch is moved to maintenance mode, new and enhanced features will be developed and released on this new 5.0 branch. This strategic move ensures that new features are built on a more modern platform.

 

Inclusion of additional modules and valves in the product

Prior the 5.0 release, some specific modules and valves were treated as standalone entities necessitating separate installation procedures. By consolidating these components into the core product, you benefit from a more cohesive and streamlined life cycle management process, guaranteeing the availability of the latest and most secure versions – thereby fortifying the overall integrity and security of the system

Known limitations

Initially we recommend this version for those using internal HSQLDB database or MSSQL only

 

Read the full release notes for Authentication Services here:

 


Show more
December 20, 2023

New release: PhenixID Signing Workflow 2.4.0

 

PhenixID Signing Workflow 2.4.0 improves the stability, compatibility and security of your solution, and is recommended for all installations.
HIGHLIGHTS

 

The highlights for the 2.4 release includes the ability invite external signers using email address as well as the possibility for the solicitor to validate current signatures wihtou downloading the document

Invite signers using email

Prior to this release, it was possible to invite signers from the organizations AD or to add them based on personal number. In some scenarios this could not be enough

  • Asking for, or storing, personal numbers can be sensitive. Organizations could for example have policies saying its not allowed
  • Sometimes the exact signer isnt known, for example in the case where someone at a subcontractor firm should sign

The 2.4 version allows the solicitor to invite a signer using only email address. Important to know is that anyone with access to the mail could open the mail and sign it, so it is important that the solicitor at completion verifies that the signee is expected.

Validation of signatures

PhenixID Authentication Service has a function to validate the authenticity and integrity of a signed document. Added in 2.4 release is the possibility to trigger such a validity check directly from SWF GUI.

 

IMPROVED FUNCTIONS

  • SWF SW shown for solicitors and administrators

 

BUG FIXES

IGA-470 Emails not sent when errand has expired
IGA-499 Tag values not reset after order created
IGA-500 Failed to decode downloaded font error

Read the full release notes for Signing Workflow 2.4.0 here


Show more
December 1, 2023

Maintenance release – PhenixID Authentication Services (PAS) 4.7.2

This new release includes defect fixes and addition of minor functtions for the 4.7 release, and is recommended for all 4.7 installations.
 

Bug fixes

The 4.7.2 release includes important bug fixes for the 4.7 release, including

App switching on iOS17 for BankID, Freja eID and SITHs, making sure the user doesnt manually have to switch back to the correect browser. Security vulnerabilities mitigated. Problems with internal federations at restart. SAML updates including support to handle large requests, handling missing scope and AuthnContectClassRef

 

New/updated features

More attributes available from Freja eID including documentType, documentSerialNumber and photo. Possiblity to force PipeAuthenticator to always be triggered

See full patch release information for 4.7.2 here:

 


Show more
October 18, 2023

Maintenance release – PhenixID Authentication Services (PAS) 4.7.1

This new release includes defect fixes and addition of minor functtions for the 4.7 release, and is recommended for all 4.7 installations.
 

Bug fixes

 

The 4.7.1 release includes the following fixes

  • PHX-2963 resp_attributes type 6 (Service-Type) value returned incorrectly

    Service-Type attribute in RADIUS always returned the wrong value.
    Now updated and the Service-Type attribute can now be set using PropertyAddValve

  • PHX-3030 Wrong language is show in PSS if brower is set to Swedish

    If Chromium based browser have Swedish as default language, the Password Selfservice service would show a mix of English and Swedish

  • PHX-3068 Signing, OCSP/CRL: Incorrect validation

    Validation of OSCP/CRL tokens failes since wrong value is compared

  • PHX-3110 BankID – 400 response when signing gives Java error

    BankIDSignValve and BankIDCollectValve woudl generate a java error if BankID returns a 400 response.
    The solution also includes an update where the errorcode of the 400 response is forwarded to the application

  • PHX-3122 IOS redirect to native browser when using non native browser

    Independent of which browser is used when initiating a BankID authentication, iOS devices will redirected back to default web browser

  • PHX-3170 Add loginhint to OIDC to auth-request

    Support for “login_hint” in OIDC auth-request is missing

  • PHX-3188 Clear “SAMLSignApproved” with the rest of the SAML attributes on a new SAMLRequest

    Attribute SAMLSignApproved is not cleared

  • PHX-3189 validateSchema for SAML SignMessage causes freeze/crash in some environments

    validateSchema function in SAMLAuthRequestDecoder freezes/chrashes, preventing SignMessage to be parsed

 

New/updated features

 

  • PHX-3021 Add support for basic authorization in bankid proxy module

    Support basic authorization header in BankID proxy/api

  • PHX-3102 SithsEidCollectAuthenticationStatusValve that returns Inera response intact as json

    Return the intact Inera response as json

  • PHX-3108 BankID 6.0 Phoneauth via proxy/api

    Phoneauth endpoint according to BankID 6.0 added in BankID proxy/api

  • PHX-3112 OpenID Connect Session Management 1.0

    Support for OpenID Connect Session management 1.0 implemented

  • PHX-3126 Add BankIDPhoneSignValve

    Add BankIDPhoneSignValve according to BankID 6.0

  • PHX-3127 Make it possible to expand requirement from request in BankIDAuthenticateValve and BankIDSignValve

    Add the possibility to add requirements in a request when using HTTP API with BankID valves

  • PHX-3171 BankID 6.0 Phonesign via proxy/api

    Add Phonesign endpoint according to BankID 6.0 to BankID proxy/api

  • PHX-3187 Make AssertionConsumer strict scoped attribute validation option

    Let the administrator decide by config if AssertionConsumer should use strict scoped valdiation or not

See patch release information for 4.7.1 and read the full release notes for PhenixID Authentication Services 4.7 here:

 


Show more
Load more news