v1.8.0
Release Number: v1.8.0
Release Date: 19th May, 2026 Coming Soon!
Overview
eSignet v1.8.0 introduces significant infrastructure modernization and enhanced data privacy. This release upgrades the entire eSignet ecosystem from Java 11 to Java 21 , delivering improved performance, better resource management via virtual threads, and long-term support. Additionally, the implementation of RFC 7516 adds support for encrypted UserInfo responses, ensuring robust protection of sensitive user data in compliance with OIDC standards.
Major Highlights
1. Migration to Java 21
We have upgraded eSignet and its core modules from Java 11 to Java 21. This upgrade applies to the following repositories:
eSignet
eSignet-Signup
eSignet-mock-services
eSignet-Plugin
2. Encrypted UserInfo Support (RFC 7516)
To further secure PII (Personally Identifiable Information), eSignet now supports returning the UserInfo response as an encrypted JSON (JWE).
Enhanced Privacy: Ensures that user attributes are only readable by the intended client application.
Standard Compliance: Implements RFC 7516 (JSON Web Encryption), aligning eSignet with global security best practices for OpenID Connect (OIDC) providers.
Story Development
The following functional requirements and stories were completed in this release:
eSignet: Encrypt UserInfo Response Using JWE (RFC 7516)
eSignet - Signup - Enhancement of Dynamic Sign-Up Form to Support Additional Input Field Types & Upload Capabilities
eSignet-signup - Java 11 to Java 21 Migration
eSignet Plugins- Java 11 to Java 21 Migration
eSignet Service - Java 11 to Java 21 Migration
esignet-mock-service - Java 11 to Java 21 Migration
Bug Fixes
Several known issues from the previous release have been addressed to improve platform stability and performance. Please refer to the link here for the complete list of resolved issues.
eSignet Signup (Docker Compose) – Authorization/OAuth Details Fails with “Unable to Connect to Redis”
eSignet Signup – Client Creation Fails Due to DB Schema Mismatch (additional_config jsonb Error)
eSignet-Sunbird: DOB value is altered during challenge validation, preventing user login to KBI
In Ui schema when email is marked as optional field by default its taking as mandatory field
Known Issues
For a full list of identified issues currently being tracked, please refer to this link.
Hardcoded khm language during verify-challenge in reset-password (signup-ui).
eSignet & Plugin Pods Failing to Start – KER-KMA-001 PKCS11 Initialization Error (ProgressDeadlineExceeded)
eSignet Mock Services – Deployment Fails Due to Missing active_profile_env Property
eSignet-MOSIP & MOCK: User Login Fails When Global OpenID Profile is Set to FAPI 2.0 Due to Mandatory PKCE Requirement
Sunbird KBI Login – CAPTCHA Not Displayed and Login Fails with invalid_transaction Error
eSignet Signup – Registration Fails Even When UI Renders Correctly as Per Updated Schema
eSignet: JWE automation fails when client encryption public key is missing or invalid
Technical Release Details
Repositories Released
Compatible Modules
eSignet compatibility with MOSIP
eSignet compatibility with Sunbird
Sunbird
eSignet Signup compatibility with MOSIP
System Changes
Database (DB) Changes (Repowise)
Details regarding SQL upgrade and rollback scripts will be provided here.
eSignet
eSignet-mock-services
Configuration Changes (Repowise)
Details regarding new or modified properties will be provided here.
eSignet
New Properties:
mosip.esignet.public-key-hash.fields={ 'RSA': { 'n' }, 'EC': { 'x', 'y' } } ## which fields to hash for uniqueness
Updated Properties:
spring.redis.host → spring.data.redis.host
spring.redis.port → spring.data.redis.port
spring.redis.password → spring.data.redis.password
Documentation
API Documentation
eSignet API (v1.8.0)
Signup API (v1.4.0)
Integration Guides
End User Guides
QA Report
Last updated
Was this helpful?