June 2024

This document provides information about Ascertia ADSS Server. Browse through the following topics to find out about new features, product enhancements, improvement, known issues, and limitations for this release.


For information related to tested 3rd party components such as operating systems, database servers, and Hardware Security Modules, please review Ascertia Platform Support, this can be found here: https://www.ascertia.com/product-documentation/platform-support/


Ascertia ADSS Server has successfully completed Common Criteria certification at the EAL4+ Assurance Level. For details, visit https://www.commoncriteriaportal.org/products/index.cfm, under Key Management Systems.


Product Enhancements

  • OAuth2/Authorize CSC API enhanced in Unity Service (ADSS-22241)

There is an authorization prompt shown to user on calling CSC API OAuth2/Authorize with “scope=service” in ADSS unity service. This seems unnecessary and may annoying users. Now in this enhancement, it is skipped and unity service directly delegate to external IdP.


  • API Updated and backward compatibility in RAS Service (ADSS-21702)

Case Number - ENH240401496

The (List Registered Devices) API has been enhanced to support user access tokens and the URI has been updated to remove the user-id query parameter.

A new property has been introduced ‘MOBILE_API_AUTHENTICATION’ when its value is TRUE the ADSS Server RAS Service will provide backwards compatibility.


  • Credential Authorize API enhanced in Unity Service (ADSS-22262)

The Credential Authorize API (credentials/authorize) in Unity Service now incorporates out-of-band functionality similar to the oauth2/authorize API, aimed at reducing the need for multiple user authorization calls.


Security Improvements

  • Updated JDK Version

The JDK version has been updated from 17.0.9 to 17.0.11.


  • Apache Tomcat version upgrade

Apache Tomcat has been upgraded to version from 9.0.85 to 9.0.89.