New release with powerful new features

We are excited to announce the release of PAS 5.1.3, packed with major updates and enhancements. Since launching our new authentication architecture in PAS 5.1.0 earlier this year, we’ve been hard at work to deliver a more streamlined and user-friendly experience, while maintaining the highest levels of security and flexibility for organisations. PAS 5.1.3 introduces several improvements, and here are the top five standout features:

---

 

A brand-new web frontend for authentication

 

In PAS 5.1.3, we’ve redesigned the web frontend for the authentication module. The new interface increases user experience by adding support for custom themes, languages and error handling, all while being fully WCAG-compliant. Out-of-the-box authentication flows linked to the back-end authenticators simplifies for the administrator when setting up the available authentication options for the end user. 

We’ve also added features like dynamic option selection and customisable form designs make it simple to create tailored, complex user experiences.

 

Operations monitoring for enhanced control

With PAS 5.1.3, we’ve added operations monitoring, a long-requested feature. Now, you can monitor the health of your PAS deployments via Prometheus or Elasticsearch, tracking key metrics such as SAML metadata, certificate expiration, and response times. This allows you to proactively resolve issues before they impact your system’s performance.

 

Containerised delivery for seamless deployment

We’ve introduced containerised delivery, making PAS available as a Docker image. This provides more flexibility in deployment, particularly for DevOps teams. You can now mount configurations as read-only, inject resource files, and use environment variables to streamline your setup. This makes it easier to pre-configure PAS while maintaining security by swapping out sensitive files and variables as needed.

 

Simplified Multi-Factor Authentication (MFA) setups

We’ve made the MFA setup even easier in PAS 5.1.3 with new guide scenarios. These allow you to quickly configure primary authenticators with pre-configured MFA options such as SMS OTP, Mail OTP, or OneTouch. Our user-friendly interfaces include features like OTP resending and dynamic option selection, offering a smoother experience for both admins and users.

 

FIDO2 passkeys for usernameless authentication

One of the key security updates in PAS 5.1.3 is the introduction of FIDO2 passkeys, enabling usernameless authentication. This feature allows users to authenticate without entering a username, enhancing both security and user experience. Please note that this feature may require a database update, so be sure to review the upgrade notes before implementing.

 

---

With these new features, we continue to provide organisations with the best tools to secure and simplify identity and access management. PAS 5.1.3 also includes numerous other improvements, bug fixes, and vulnerability mitigations that make it a must-have for any enterprise focused on secure and efficient authentication.

• Release notes

Minor

---

Introducing PAS 5.1.2: Key updates to boost your digital security

We are excited to announce the release of PAS 5.1.2, which brings a range of enhancements designed to improve your security and integration capabilities. This update focuses on expanding support for Microsoft Entra ID’s new External Authentication Methods (EAM), introducing risk indication features for BankID integrations, and simplifying migrations from old authenticators to our new protocol-agnostic system.

Among the highlights, PAS 5.1.2 includes new SAML Assertion Profiles, improvements in PDF signing options, and several bug fixes to enhance overall stability and security. Important note: if you are using an external database for event logging with BankID, make sure to update your database schema to include the new riskLevel parameter for full compatibility.

This release is designed to help your organisation stay secure, efficient, and ahead in the ever-evolving landscape of digital authentication. To learn more about all the new features and technical details, check out the full release notes.

Stay secure with PAS 5.1.2!

• Release notes

Minor

---

This release brings a host of significant improvements, focusing on security, performance, and functionality. Key highlights include enhanced QR code synchronization, critical security updates, and improved SAML support. These changes reflect our ongoing commitment to providing a secure, efficient, and user-friendly platform.

Highlights:

1. Improved QR Code Synchronization (PHX-3475): We have completely revamped the QR code sync implementation, allowing for flexible polling intervals. This ensures that BankID QR codes remain in sync, providing a seamless authentication process.
2. Security Enhancements (PHX-3481, PHX-3674): We have addressesd and mitigated several security vulnerabilities (CVE-2020-23064, CVE-2020-11022, CVE-2020-11023, CVE-2019-11358, CVE-2021-23337, CVE-2020-28500, CVE-2024-34342 and CVE-2024-4367). These updates significantly bolster the security of our platform, ensuring a safer environment for our users.
3. Enhanced SAML Support (PHX-3494, PHX-3495, PHX-3496, PHX-3497): We have resolved several issues related to SAML bindings and signatures. Our SAML Service Provider (SP) and Identity Provider (IdP) can now handle inbound Redirect-binding for deflated requests, verify detached signatures, and ensure valid signatures on SAMLResponses. These enhancements improve the reliability and security of our SAML integrations.

 

For a detailed list of all changes and improvements, please read more on our release notes page.

Read full release notes

Maint

---

PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.1.1. This new release includes defect fixes and addition of minor functions for the 5.1 release, and is recommended for all 5.1 installations.

Read full release notes

---

Maint

---