v1.6.1

Release Number: v1.6.1

Release Date: Coming Soon

Overview

We’re excited to announce the upcoming release of eSignet v1.6.1, a major update packed with new features, improved configurability, and enhanced security. This version brings greater flexibility for Relying Parties (RPs) to customize login experiences, a revamped UI, and significant improvements to deployment processes.

Major Highlights

New Features

• Customizable Login Types Configure login ID types (Email, Phone, VID, etc.) as per relying party (RP) needs. Comes with a revamped, more intuitive UI.

• Added Client Configuration Enhanced client management endpoint with additional options for better customization and control of eSignet's behavior.

• Purpose-Based UI UI dynamically adapts titles and tile subtitles based on the context and purpose of the service, providing a more relevant user experience.

Enhancements

• Captcha Validation for OTP Binding Captcha support added to the send-binding-otp process to enhance security during VC binding.

• JTI Mandatory in Client Assertion JTI is now a required parameter in the client assertion JWT in token endpoint for improved security.

  ⚠️ Breaking Change: Existing relying parties (RPs) must include the jti claim to share consented claims successfully.

• Unique nonce for each transaction: nonce query parameter in the authorize url should be unique for each transaction, if duplicate nonce is found “invalid_request“ error is thrown.

• Updated Vulnerable Libraries Security has been bolstered by updating dependencies and patching known vulnerabilities.

• Improved Deployment Scripts Upgraded installation scripts provide a smoother experience for new deployments of eSignet.

Features Released

Security Enhancements

Library Upgrades for Vulnerability Fixes:

Dependencies in eSignet service have been upgraded to fix known vulnerabilities.

Bug Fixes

Several known issues from the previous release have been addressed to improve platform stability and performance.

Please refer to the link here for the complete list of resolved issues.

Key Known Issues

Please refer to link here for the full list of known issues.

Repositories Released

Compatibility Matrix

eSignet with MOSIP compatibility matrix

eSignet with Sunbird compatibility matrix

Signup with MOSIP compatibility matrix

Config Changes

eSignet

1. Added the following configurations to provide a structured and flexible approach to supporting multiple login ID types:

mosip.esignet.ui.config.login-id.options=

mosip.esignet.ui.config.login-id.options=

Allows customization for each ID type, including options such as:

• Prefixes (e.g., country codes for mobile numbers)

• Associated icons for improved UI experience

• Validation rules, such as regular expressions or length constraints

1. Property to configure additional config schema

mosip.esignet.additional-config.schema.url

Please refer here for details.

eSignet Mock Services

1. Property to configure the url to fetch the schema of additional config

mosip.mock.ui-spec.schema.url

Please refer here for details.

Database Changes

eSignet

1. New column: additional_config of type jsonb added to the client_detail table for storing flexible JSON configuration data.

2. Increased length of name column in the client_detail table to 600 characters to support longer client names.

Please refer here for details.

eSignet Mock Services

1. Modified the identity_json column in the client_detail table to use VARCHAR without a length limit, allowing for variable-length string data of unlimited size.

Please refer here for details.

Documentation

API Documentation

• eSignet API (v1.6.1)

• Signup API (v1.2.0)

Integration Guides

• eSignet Integration Guide

• Signup Integration Guide

End User Guides

• eSignet End User Guide

• Signup End User Guide

QA Report