Changelog
Introducing changeSignatureOrder mutation
Thursday, April 3, 2025New changeSignatureOrder mutation
We have introduced a new mutation that enables changing a signature order after creation. Initially it supports changing maxSignatories until the first signatory has signed. Please reach out if you have other needs for modifying signature orders post creation.
An example can be found in the Signatures documentation.
Stronger accessibility requirements for Swedish BankID
Wednesday, April 2, 2025From July 2025, stronger requirements regarding accessibility must be fulfilled to meet legal demands. Amongst other things, these will affect the two-device flow for BankID where the animated QR code is used.
Learn more about the new requirements
In order to comply with the new QR code UI requirements Criipto must make adjustments to our UI (HTML & CSS), so that users may click the QR code to view it in fullscreen.
This can cause breaking changes to customers who have custom CSS, so customers must explicitly enable the UI update. To comply with the new requirements, you must enable the UI update before July 2025.
You can opt-in to the UI update for the test environment, and even per application, before doing so in production.
To opt-in at a tenant environment level:
- Open dashboard
- Navigate to Styling screen
- Select 2025-04-01 in the "View version" dropdown
- Click save
To opt-in at an application level:
- Open dashboard
- Navigate to Applications screen
- Select the application you wish to upgrade
- Click the "UI" tab
- Disable "Use default" for the "View version" option
- Select "2025-01-04" in the "View version" dropdown
- Click save
Introducing Personalausweis and batch signatories
Thursday, February 20, 2025German Personalausweis
Authentication via Criipto Verify now supports the German national identity card Personalausweis. This means that you can now electronically authenticate users in Germany quickly and easily.
You can read more about the Personalausweis on the German government Personalausweis portal. If you are interested in testing it out for yourself, read our documentation on Personalausweis to get started.
Batch signatories for signatures
As a step towards enabling interacting with large batches of signature orders, we have introduced a feature for batching signatories across one of more signature orders. A batch signatory can then be used to invoke a single action and have it performed automatically across every signatory.
As batch signatories can be used to sign multiple, different signature orders at once, some requirements exist. A more detailed explanation, and interactive tour, can be found at the batch signatory guide page.
Signatory UI settings and webhook signing
Saturday, January 25, 2025Signatory UI settings
Historically signature UI settings for users have been configured globally on the signature order.
This had some drawbacks, as users might reside in different countries and prefer different languages.
It is now possible to also define UI settings on a per signatory basis, See example
Webhook signing
Until now, there was no way to validate the authenticity of a signature webhook at the time of the request.
We relied on the fact that webhooks contained no actual data, but only identifiers, allowing clients to query our API based on the data in the webhook. This ensured that only authenticated clients could access signature data.
However, it was brought to our attention that an attacker could use the webhook to increase the number of requests a well-behaving client would have to make to our API, potentially triggering rate limits.
To address this, we introduced the option to configure a webhook secret, which adds an HMAC-SHA256 signature to each signature webhook invocation.
You can read more about configuring and validating webhook secrets and also try it out in our webhook tester.
MitID Controlled Transfer
Friday, October 4, 2024Authentication via Criipto Verify now supports starting a session for MitID Controlled Transfer.
MitID Controlled Transfer lets you perform cross-broker SSO, that is, transfering an authenticated MitID user from one service provider to another, without requiring the other service provider to reauthenticate the user.
This is useful for cases where shared data services may require a valid MitID authentication to serve data for the user, but you do not wish to trigger authentication twice for the user.