Partner Management System Revamp 1.3.0-beta.2
Release Name: Partner Management System Revamp 1.3.0-beta.2
Release Number: v1.3.0-beta.2
Release Date: 29th August, 2025
Overview
We are excited to announce the release of PMS Revamp v1.3.0-beta.2, featuring a Java 21 upgrade and the implementation of FTM Chip Certificate, SBI and API Key Notifications in the Partner Management System (PMS) which enables proactive monitoring and timely alerts for expiring partner specific items- FTM Chip Certificates, SBI and API Keys through both PMS Portal and email, helping partners and partner admins take necessary action in advance. Additionally, we have enforced audit logs for these notifications.
Key Features
I. FTM Chip Certificate, SBI and API Key Notifications
a) Notification Channels:
PMS Portal: In-application alerts via the notification bell icon.
Email: Sent to the registered email address of the user.
b) Recipients and Scope:
FTM Chip Provider
Alerts for FTM Chip certificates uploaded by them.
Device Provider
Alerts for SBIs added by them.
Authentication Partner
Alerts for API Keys generated by them.
Partner Admin
Weekly summary of FTM Chip certificates, SBIs and API Keys created by various partners that are expiring in the next 7 days.
c) Notification Schedule: For individual partner specific items (FTM Chip Certificate/ SBI/ API Key):
30 days before expiry
15 days before expiry
Daily reminders from 10 days prior until expiry date
d) Weekly Summary Notifications (Partner Admins only):
Sent every 7 days
Lists all FTM Chip certificates, SBIs and API Keys expiring within the next 7 days
e) Language Handling:
Based on the user's registration language
PMS Portal
Based on the language selected at login, overriding registration preferences
f) Notification Retention Policy:
Notifications are retained for 60 days on the PMS portal.
Notifications older than 60 days are automatically deleted.
II. Audit Logs for FTM Chip certificates, SBIs and API Keys Expiry Notifications
Audit logging has been implemented for all partner specific expiry notifications (FTM Chip certificates, SBIs and API Keys and Weekly Summary) sent via PMS portal and email. Success and failure events are now recorded with unique event IDs in the audit.app_audit_log table, enhancing traceability and monitoring.
III. Additional Enhancements
Auto deactivation of API Key after its expiry
Auto deactivation of SBI after its expiry
API Key expiration duration is configurable- Newly generated API Keys are automatically set to 100 years of expiration duration by default but the duration can also be configured via config file.
Create utility to encrypt existing data in database
Approve/ reject option is provided in individual pages wherever approval of partner admin is required in addition to already existing option provided in tabular views.
Only reject option is provided to partner admins for devices that are orphaned without an SBI
Browser Support
Complete support on Chrome, Firefox, Edge and Safari ensures a seamless user experience across all these popular browsers.
Language Support
The system offers multilingual support, with resource bundles available in three languages: English, Arabic, and French. Additional languages can be easily integrated by following the guidelines provided in the 'New Language Support' documentation.
Compatibility
Responsive UI design for laptop/desktop views, optimized for standard browser sizes (laptop/desktop/tablet/larger screens).
For a comprehensive and detailed description of all the features, refer to Feature Documentation.
User Stories
FTM Chip Certificate Expiration (Partner Type: FTM Chip Provider)
Notification displayed on notification panel in PMS portal
SBI Expiration(Partner Type: Device Provider)
Notification displayed on notification panel in PMS portal
API Key Expiration(Partner Type: Authentication Partner)
Notification displayed on notification panel in PMS portal
Weekly Summary of FTM Chip Certificate, SBI and API Key
Notification displayed on notification panel in PMS portal
SBI - Device (Partner Admin)
Only reject option is provided to partner admins for those device records which are orphaned without an SBI
Approve/ Reject option provided to Partner Admin in individual view pages
Approve/ Reject option is provided for Partner Admin in all individual view pages wherever admin approval/ rejection is applicable
Display API Key expiration date in PMS UI
Display API Key expiration date in individual view and tabular view of API Keys details within 'Authentication Services'
List of all user stories pertaining to this release are available here.
Known Issues
Length validation of OIDC Client name is not functioning as expected for lengthy names within the given range. This has a dependency with eSignet, where the column size needs to be increased.Its suggested that meaningful and reasonable length be utilised for OIDC Client name.
An incorrect error message is displayed when the OIDC client name exceeds the maximum allowed limit of 36 characters.
Unable to select policy group in tablet and mac devices.This issue is found when more than 3000 Policy Groups are getting loaded into the Dropdown for selection. As a workaround, suggested to keep the create policy groups less than 3000.
Error message is displayed when same Make and Model is entered for two different SBI versions.
Able to Approve the Expired SBI which is in pending for approval status
(IDA Issue) Authentication is still Active from IDA even after deactivating the API key from the Partner Portal in PMS
(Platform Issue) Even after being deactivated by the Partner Admin, the Partner can still access and use previously created OIDC client, API key and trust Validation continues to work for the given partner.
Still able to approve/reject the policy even after respective authentication partner is deactivated.
On deactivating an API key from one browser , the status still remains 'Activated' on viewing the same API Key details in another browser.This is occurring due to caching. Hence user is expected to reload the tabular page of API Keys to see the latest status in View API Key screen.
Partner domain dropdown items (AUTH/ DEVICE/ FTM) are in English and do not support multi-language.
The partner is still able to access the PMS portal even after the MOSIP-signed certificate has expired. Also Partner is able to create Policies, OIDC Client and API Key.
Face attribute not present in develop and release-1.3.x(1.3 beta) branches
Exclude Default Partner–Created API Keys SBI, MISP License Keys from Auto Deactivation
For more details on all the the open issues, please refer here.
Repositories Released
partner-management-services
partner-management-portal
mosip-data
Compatible Modules
The following table outlines the tested and certified compatibility of PMS 1.3.0-beta.2 with other backward compatible modules.
Note: We require KeyManager v1.3.0-beta.3 to ensure that notifications are generated for Root and Intermediate Certificate expiries, as the updated version includes the new endpoint used for this functionality. However, if deployed with an earlier KeyManager version, all other features will continue to work—except the Root and Intermediate Certificate expiry notifications.
Documentation
Last updated
Was this helpful?