Release date: 2026-01-30
Main new features
Smart ID Blueprints
Smart ID Identity Manager now comes with new workflows: the Smart ID Blueprints. They simplify Smart ID Identity Manager configuration by providing a ready-to-use default setup. For more information see Smart ID Blueprints overview and Release notes Smart ID Blueprints 1.0.
FIDO support: enrollment on behalf of another user with Smart ID Digital Access
FIDO2 security keys are a great improvement to provide a secure and phishing-resistant authentication method. On the downside, the registration of a FIDO2-credential requires manual intervention and the presence of the future holder of the credential. The standard workflow requires a user to first authenticate with the service that they want to register the token for and then enroll the token itself. This leaves the user with two authentication methods, one of which is potentially a username/password-authentication.
A more enterprise suitable approach is to allow operators to register the tokens on behalf of the user and then distribute the tokens to the user. This requires the Identity Provider (IdP) to allow creation and registration of a FIDO key through an API. In IDM 5.1 we introduced enrollment on behalf of another user with MS Entra. With this version, we support the same workflow with Smart ID Digital Access.
Correlation ID for Hermod
Smart ID Identity Manager is at the heart of the Smart ID suite where different components are packaged together. In order to trace actions through logs of the different components, a correlation ID that is passed between components was made available with IDM 5.2. With this release, the correlation ID is used with calls to Hermod. With Hermod 4.5.1, the correlation ID logging is supported as well to complete the cycle.
Resizing Images in Identity Manager Operator
Physical card production often involves printing a photo of the cardholder on the card. When photos are uploaded it is often helpful to edit the area used and to fix the ratio. This is now not only possible with Smart ID Self-Service but also with Identity Manager Operator.
Detailed description of features
Features
|
Jira ticket number |
Description |
|---|---|
|
CRED-11894 |
It is now possible to upload a license to the Identity Manager Tenant via REST endpoint. See Smart ID Identity Manager - Deployment REST APIs for more information. The role for license upload is no longer defined in the system properties, but as a permission to a user instead. See Upgrade Smart ID Identity Manager from 5.2.0 to 5.3.0 for details. |
|
CRED-16550 |
In Identity Manager Operator, it is now possible to resize and image, with and without keeping a certain resize ratio. For details about the configuration, see Set up binary data template in Identity Manager. |
|
CRED-17811 |
When using the "Execute Search" Service task, it is now possible to define the fields that should be added to the process map. See Process - Standard service tasks in Identity Manager for more information. |
|
CRED-18659 |
Correlation-ID logging is now available with Hermod calls. See the log4j2.xml file for patterns. This requires Hermod 4.5.1 or later versions. |
|
CRED-19609 |
Enrollment of FIDO credentials on behalf of another user is now possible with Nexus Digital Access. See Fido credential provisioning with Digital Access and Credentials - Standard service tasks in Identity Manager for more information. |
|
CRED-19949 |
Upgraded Idopte Server Side Middleware. |
|
CRED-20529 |
When using the "Execute Search" Service task, it is now possible to add the results directly to the process map, not just the Descriptor list. See Process - Standard service tasks in Identity Manager for more information. |
|
CRED-20587 |
For the public DATA REST API, it is now possible to get a token for authentication. See Identity Manager Public Data REST API for details. |
|
CRED-21632 |
Updated the MS SQL JDBC driver. See Upgrade Smart ID Identity Manager from 5.2.0 to 5.3.0 for details. |
|
CRED-21658 |
CM SDK has been upgraded to support non-standard unique identifier encoding with Identity Manager. |
|
CRED-21684 |
The pattern to log correlation IDs is now available in the log4j2.xml file delivered with Smart ID. |
|
CRED-21902 |
In Identity Manager Operator, there was a link shown in the footer to enable a UI help functionality. This link is now hidden by default. It can be re-enabled via system properties in Identity Manager Operator ("Show Help"). |
|
CRED-21932 |
It is now possible to create and delete tenants from the Identity Manager tenant via REST endpoint. See Smart ID Identity Manager - Deployment REST APIs for more information. |
Corrected bugs
|
Jira ticket number |
Description |
|---|---|
|
CRED-13495 |
There was an issue where the standard service task "Load values of SystemProperties into process map" did not handle binary properties correctly. This has been fixed. |
|
CRED-20126 |
In Smart ID Self-Service, searches were executed immediately when the form was opened. This could lead to errors about too many search results before a filter could be set. Now, when a search button is configured with filters, the search will be executed by clicking the search button. If filters are hidden, the search will be executed automatically. |
|
CRED-21763 |
There was an issue where the configuration of “zipUnpacker.maxCompressionRatio” was not respected in all places. This has been fixed. |
|
CRED-22014 |
There was a problem with the service task "Remove Entity from data map" in combination with the BPMN editor in Identity Manager Admin. This has been fixed. |
|
CRED-22015 |
There was an issue where the tenant logo was not loaded when having multiple tenants. This has been fixed. |