Security by Sweden

  • PAS 5.0

    PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.0. The new release improves the stability, compatibility, and security of your solution, and is recommended for all installations.

    Read full release notes

    HIGHLIGHTS
     
    Finally the PAS 5.0 version see the light of day! This version is a major technical upgrade, compared to 4.7 and earlier versions. It brings significantly better security level as well as futureproofing and enabling of further enhancements. There are no significant changes in terms of functionality or usability in this initial 5.0 version.

     

    Increased security

    PAS 5.0 includes a significant reduction of software security vulnerabilities in third party librariues used. The build and testing of PAS software has been enhanced by a mandatory vulnerability (OWASP) check, meaning that the software build process will catch known vulnerabilities – in each recurring and scheduled build.

     

    Upcoming features

    As PAS 4.7 branch is moved to maintenance mode, new and enhanced features will be developed and released on this new 5.0 branch. This strategic move ensures that new features are built on a more modern platform.

     

    Inclusion of additional modules and valves in the product

    Prior the 5.0 release, some specific modules and valves were treated as standalone entities necessitating separate installation procedures. By consolidating these components into the core product, you benefit from a more cohesive and streamlined life cycle management process, guaranteeing the availability of the latest and most secure versions – thereby fortifying the overall integrity and security of the system

    Known limitations

    Initially we recommend this version for those using internal HSQLDB database or MSSQL only

      Read the full release notes for Authentication Services here:

      Read full release

    • PAS 6.0

      PAS 6.0

      Fast, transparent and ready for the future

      We’re proud to announce the release of PAS 6.0, a major step forward for performance, monitoring, user experience, and security. This release is packed with valuable upgrades designed to help you run smarter, gain deeper insight, and deliver a better experience for both administrators and users.

      Key highlights

      • Upgraded to Java 21for performance, security and long-term maintainability
      • Brand new audit log systemwith detailed traceability and SIEM integration
      • New metrics and dashboards for real-time operational insight
      • Modern OneTouch enrollment portal — WCAG-compliant and mobile-first
      • New internal application guides with simplified setup and better flexibility
      • Improved logout flows and SP/RP configuration — more secure, less complex

      Reminder: As always, please read the upgrade notes before updating your environment.

      Java 21 — Power and performance

      PAS now runs on Java 21, the latest Long-Term Support (LTS) version. This upgrade brings:

      • Up to 40% fasterserver startup and API response times
      • Better security and dependency management
      • A future-proof foundation for continued innovation

      Full Visibility with New Audit Logs

      Our new audit log system provides significantly richer and more consistent data, enabling:

      • Integration with SIEM platforms for centralized security visibility
      • Proactive monitoring to detect issues before users are impacted
      • Detailed traceability to investigate events when something goes wrong

      Read the deep-dive: Audit logs / Event logs in PAS 6.0

      New Metrics & Dashboards — Ready Out of the Box

      PAS 6.0 expands our monitoring capabilities with:

      • New metrics for authentication flows, pipe execution, license status, and more
      • Pre-built dashboardsto visualize recommended metrics instantly
      • Faster root cause analysis and operational insights without extra setup

      Read more: Recommended metrics and visualization

      OneTouch Enrollment — Now Accessible for All

      With the upcoming launch of OneTouch 2, we’re also releasing a new WCAG-compliant enrollment portal with:

      • A cleaner, more accessible user interface
      • Compatibility with both OneTouch 1 and 2
      • A more flexible enrollment experience across all devices

      Read more: OneTouch Enrollment

      Smarter Admin Experience

      New Internal Application Guides

      When creating new guide scenarios, the UI now leverages the modern authenticator architecture (introduced in PAS 5.1), offering:

      • More flexibility in selecting authenticators
      • Streamlined setup for internal apps like SelfService or Enrollment

      Improved Logout & Federation Configuration

      We’ve made logout handling more robust and SP/RP setup more straightforward:

      • Automatic logout from external IdPs (via SPBroker / RPBroker)
      • Auto-management of SLO/ACS/Redirect URIs
      • Full Single Logout (SLO) supportand bug fixes in federation flows

      Read more: SPBroker article

      Fixes & Smaller Improvements

      From improved container logging to new preset MFA sequences, PAS 6.0 includes many under-the-hood improvements. A few highlights:

      • JSON-based logs with MDC fields for containers
      • New method for end user IP resolution
      • New metrics for license expiration and pipe congestion
      • OTTokenVerifierValve now compatible with OneTouch 2

      See the full changelog in our Release Notes

      Ready to Upgrade?

      PAS 6.0 is built to help you grow with confidence — more insight, better performance, and a smoother user experience. Make sure to review the upgrade instructions, and don’t hesitate to reach out if you need guidance.
    © 2025 PhenixID AB. All Rights Reserved.