Version 5.20.0

November 07, 2023

What's new

• Updated consents API family type with the new endpoint: "{consentId}/extends" found in v2.2
• Added new API Family Type: payments-recurring-consents and payments-pix-recurring-payments
• Platform changes:
• API Version field is now a dropdown list
• Updated the behaviour of the "?" button: Clicking it now opens a new tab by default.
• Added side-scrolling to Organisation Certificates and Software Statement Certificates table
• Updated tooltip information for API Certification URI in the UI
• Available Authorisation Server and Software Statement Certifications now can be configured in Reference Data
• Bug fixes:
• Fixed issue where trying to reset a password twice generated an error message
• Fixed issue where clicking on the "view" icon would open the table in Reference Data > Authorisation Domain Roles
• Fixed issue where selecting "New Domain Claim" before data loaded would sometimes cause data to not appear in the modal
• Resolved UI bug for organisations with over 50 domain users in a single role
• Resolved a UI inconsistency where the left menu title failed to refresh correctly after deleting Authorisation Servers
• Fixed UI issue in the Certificates View where sorting by date wasn't taking into account the whole date
• Resolved UI bug to correctly separate Roles with identical names under distinct Authority Claims.

Version 5.17.0

August 22, 2023

What's new

• FIDO2 Certifications are now available for Authorisation Server Certifications
• New API family type "Enrolments" is now available in the Directory
• Created a new "Origin URI" field on the Software Statement and SSA
• Updated API family type’s “Variable Income" (broker note ID endpoint list)
• Platform Improvements:
• Improved icons for all actions
• Added SS and Org. Certificates “Show Active Only” default filter
• AS Server Certifications Dates are now shown in one field
• Fixed issue where T&C version was not properly showing
• Removed unused Resource Server Transport certificate option
• Fixed issue where users couldn't be added to the same "System" and different "Contact Roles"
• OpenID Provider (Login) codebase has been upgraded

Version 5.13.0

July 20, 2023

What's new

• Role Audit: History of role updates will be displayed in the UI to organisation admins and super users. This is available in Authority Domain Role Claims -> Role Change History
• Participants UI: We've released a user interface for the participants endpoint. This will allow users to quickly verify information that is available on the endpoint in a friendlier way. It can be accessed in "web.directory.openbankingbrasil.org.br/participants" or "web.sandbox.directory.openbankingbrasil.org.br/participants"
• Added phase 4b APIs
• UI / UX changes:
• Toggle actions will now only display the available action, reducing confusion

Version 5.7.0

May 31, 2023

What's new

• Open Data Automatic Recertification Implementation: Endpoints will be tested on a specific frequency and API Certification Status field will be updated. Test will now also send the organization_id value.
• Added new Software Statement API Webhook field.
• Added new CAs: Serasa SSL EV V4 and CertiSign SSL EV G4
• Updated role permissions: Admins can add or re-add roles but can't remove and FORTEC providers can't add other roles.
• Super Users will now have the capability to reissue completed Terms and Conditions.
• UI / UX changes:
• Added Created dates for Authorisation Servers and Software Statements
• Added Deactivated dates for organisation and software statement certificates. These will only appear for certificates deactivated after the release.
• Added "new" label to recently added (3 days) certificates.
• Improved display for Authorisation Server "Supports" columns and warning message.
• Added a sign-posting tooltip icon to guide users when creating a new API Discovery Endpoint

Version 5.4.1

April 24, 2023

What's new

• Enabled phase 4 Open Data APIs on Production
• Backend improvement was conducted and general UI navigation will be faster
• Environment Super Users will now be listed in the reference data (only available to other Super Users)
• For Super Users, process of unlocking a Software Statement is now easier: Instead of the button being inside “Software Statement Detail”, it’s on the Actions column

Version 5.0.0

March 30, 2023

What's new

• Improved API registration for phase 2 / 3 APIs. Endpoints are now automatically generated after base URI and version is added
• Added two new public endpoints:
• data.directory.openbankingbrasil.org.br/roots_directory.jwks
• data.directory.openbankingbrasil.org.br/roots.jwks
• Open Finance Sandbox support added for new root / intermediate CA
• Small UI improvements

Version 4.6.0

February 27, 2023

What's new

• Added new domain users
• Metrics Control Platform - Primary / Secondary PCM Contact (PPCMC)
• Production Validation Tool - Primary / Secondary FVP Contact (PFVPC)
• Cleaned up organization tags, available ones are now: “Instituicao Bancaria”, “Instituicao de Pagamento”, “Cooperativa de Credito Singular, Central e Confederacao”,“Corretora e Distribuidora de Titulos e Valores Mobiliarios”,“Outra Instituicao de Credito”,“ITP Habilitada”.
• Separated certificate upload options for Sandbox and Production, removing “brcac” and “brseal” from Production – leaving just Production certificates.
• Fixed issue where some API discovery endpoints weren’t being correctly registered in the UI.

• Added “copy” button on Access Code message for T&Cs.
• Fixed a bug where deleted T&Cs couldn’t be reissued.
• Added “initiated date” column in the organisation T&C history.

Version 4.0.0

January 09, 2023

What's new

• CertiSign’s SSL EV3 is now accepted on both the Keystores and Directory Gateway
• Added “x5dn” field on the Directory JWKS
• Implemented read-access policy for Organisation Admins / Domain Users to enable suppliers access to this information via APIs
• Improved UI of the API resources page, improving load time and usability
• Authorisation Server’s List columns of “Supports DCR”, “Supports CIBA” now are properly updated when a server certification is added. Also created a new “Supports Redirect” column

• Tooltips now disappear after 4 seconds
• Improved “Sorting” on organisation views

Version 3.14.0

November 22, 2022

What's new

• Added warning labels to Authorisation Servers list whose Security Certifications are missing
• New optional fields in Authorisation Servers: Deprecated Date, Retirement Date and SupersededByAuthorisationServerID
• If a Software Statement is Locked, the UI will now display the Software Statement Assertion when accessing the page
• Fixed Tags issue not appearing in “Participants” API
• Added additional countries into SMS field option when creating a new account
• Created public “unauthorised” page that is displayed when a user ends session while in the account registration process

• Added filter toggle to display and hide organisation level certificates while navigating software statement certificates
• When creating a new Software Statement, correctly display as “required” the field for RedirectURIs
• Added “click to copy” button for certificate generation commands
• Added option to download BRCAC_2022 automatic generated configuration for Windows & Linux

Version 3.6.0

September 29, 2022

What's new

• Software Statement webhook field is now available. Institutions can register a webhook notification field to receive updates
• Tag called “Habilitado Iniciacao Pagamento” can be added to organisations by SuperUsers
• OrganisationName field is returned to user information API response_body
• Non-ASCII characters are no longer allowed on the field “Name” and “City” while creating new Organisations
• Discontinue the old U.I. All requests to the old U.I (ui.directory) will be redirected to the main one.

• New menu experience when entering the directory for the first time: organisation options menu doesn’t directly appear
• Active items are now shown first in specific list views such as Organisation Adminstrators, Authorisation Servers and Software Statements
• Screens will no longer exit when clicking outside of the view area, reducing issues of exiting without saving
• New Organisation Domain User: Contact Role field text improved for clarity (i.e PTC to Primary Technical Contact)
• “Hide inactive organisations” filter added to organisation list
• Added “Issued Date” field to certificates list table
• Added menu information tooltips to the organisation menu that will be displayed when hovering
• Organisation Details date field format display changed to a more user-friendly pattern

• Fixed Software Statement Wizard that added wrong Org UID when using the automatic certificate configuration to generate BRCACs
• Configured Authorisation Server’s well-known field to be non-mandatory unless specific API resources that require it are added.

Version 3.5.1

September 09, 2022

What's new

• Sandbox - We are addressing a reported issue preventing the new BRCAC_2022 certificate profile being recognised as a valid certificate for token authentication.

Version 3.5.0

August 31, 2022

What's new

• Sandbox - New BRCAC_2022 certificate can now be used to access the Directory APIs.

• Added regex for API resource endpoint registration:
• Credit cards accounts: transactions-current
• Accounts: transactions-current
• Reordered Organisation Details page
• Edited wrong name in Organisation Certificates header page

• Updated logos

Version 3.4.0

August 25, 2022

What's new

• Sandbox - Updated BRCAC certificate to have both new model (called BRCAC_2022) and old. This will allow institutions to generate BRCAC’s with the new “organizationIdentifier = OFBBR-” prefix

• Added Software Statement wizard feature – 4-steps wizard that facilitates Software Statements creation, improving tooltips and making the process of creating the resource more intuitive to the end user

• Changed Open Finance logo
• For the new BRCAC Certificate, updated the certificate generator wizard
• Improved left menu usability when selecting sub-options
• Deactivating administrators with “+” email should no longer error out
• Reference Data field is now only shown to SuperAdmins
• When creating a new organization, tags and segment options now correctly appear
• When selecting organization that has no Authority Domain Role Claims, left menu now correctly shows
• Organisation Domain Users: Added “System” column to improve visibility
• Renamed field “Authority Claims” inside Software Statements to “Software Authority Claims”
• “Server Certifications” menu is now correctly shown
• Changed “TnC” text to “Terms & Conditions” on directory messages
• Changed “Legal Name” to “Organisation Name” in Organisation List
• Improved UI breadcrumbs navigation

Version 2.14.0

July 15, 2022

What's new

• Block the publication for duplicated APIs: directory will not allow two major APIs of the same family type to be published -> this won’t affect already published API resources
• New software statements will automatically have either “sandbox” or “production” value set on the environment field when created
• CustomerFriendlyName field length restricted to 40 characters
• Update directory trusted clients list to allow integration with FVP results page
• Improved directory error messages - Server should always sends error details together with HTTP error code
• Open Finance branding implemented
• Certificate generation: Removed BRCAC/BRSEAL fields “commonName” and “DNS” rule to no longer require SubjectAlternateName or Wildcard
• Updated unauthorised participant message
• Added Poland to list of accepted countries for sign-up
• Swagger changes:
• Domain Role Name length changed to 60 characters -> this won’t impact existing domain role names
• UI:
• Corrected T&C status bar message to match DocuSign status
• Updated Phase 1 APIs to not require certification URI
• Fixed issue where software statements from one organisation weren’t shown to organisation administrators from other organisations
• Participants are now able to click the resign button in the Orgs T&C History view
• Software Statement certificates are now showing after 10 counts
• Improved table item selection, where in some cases it was showing incorrect item
• Improved certificate upload functionality: now correctly refreshes when uploading two certificates in sequence

Version 2.5.0

Sandbox: June 9, 2022

Production: June 16, 2022

What’s new

• Improved directory webhook response format, which now will include the timestamp of the update and the path of the updated resource
• Updated the directory public swagger file to match the more recent changes
• Corrected an issue that made the Phase 2 API Family unarranged-accounts-overdraft to not appear on the New U.I.
• Increase length of field of AuthorisationDomainRoleName field from 30 characters to 40 characters
• Improved naming of the sandbox generated transport and signing certificates
• Administrator user changes email now correctly identify if it’s production or sandbox
• New UI Updates:
  • Fixed issue when trying to revoke BRSEAL certificates
  • Fixed no menu shown when user has no authority domain role claim and selects the menu
  • Added options to Segments and Tags when creating a new organisation
  • Adjusted the Organisation Details page
  • Added pagination to Software Statements, Authorisation Servers and Certificates views
  • Users should now get correctly logged out when session is expired
  • Small UI changes:
  • Active/Inactive buttons are no longer “clickable”
  • Logo added when in the “User” profile

Version 2.3.0

Sandbox: May 18, 2022

Production: May 19, 2022

What’s new

• Added release-notes area. This can accessed by going to https://data.sandbox.directory.openbankingbrasil.org.br/release-notes (sandbox) and https://data.directory.openbankingbrasil.org.br/release-notes (production)
• Updated API Family Type size to 128
• UI Updates:
  • Fixed two issues with automatic config generation for BRCAC
  • Added “No Organisation Selected” when user is unauthorised
  • “Self-Certified” option when editing API resource is now available and set as default. It wasn’t available in the selectable options.
  • Improved overall UX/UI:
    • Selectable tables now have correct mouse pointer
    • Added Software Statement title when creating adding a new software statement certificate
    • Disabled icons when the user doesn’t have correct permission
  • Changed default value for “auto registration supported” to false. This field is not used at the moment.
  • Fixed issue when an organisation administrator is trying to see information from an organisation he doesn’t have access.
• Other fixes:
  • Adjusted issue with Terms & Conditions status
  • Improved organisation search -> should return nothing if no matching records

Version 2.1.0

May 12, 2022

What’s new

• Updated API endpoint version field to allow semantic versioning (x.x.x). This change won’t affect already registered API endpoints
• Implemented wizard to support the certificate configuration generation for BRCAC and BRSEAL certificates
• Authentication will now redirect to the new UI, which will have the web.directory as its DNS - Previously it was ui.directory. Old UI will still be accessible over ui.directory
• UI Updates:
  • Removed the banner that says that the UI will be replaced on the future date
  • Improved overall UI (added breadcrumbs to menus and edited views to improve user navigation)
  • Adjusted translations and misspellings
  • Changed “Reset” button to “Refresh”
  • Phone Number field is now required when creating a new Contact
  • Fixed issues with Organisation Administrators:
  • Adjusted status toggle functionality
  • Removed incorrect icons
  • Organisation Administrators can now correctly edit and delete a “Contact” and a Domain User
  • Sign Terms & Conditions: added correct response when pressing “save” button
  • Corrected the displayed options for Authorisation Domain Names and Authorisation Domain Role Claims as they weren’t being properly filtered.
  • Added missing Member State field to Authority Domain Role Claim Authorisation
  • Added raw JSON information to user profile
  • Added “OPB - Directory” title to HTML page

Version 1.2.0

April 13, 2022

What’s new

• Added warning header on the old U.I about the new U.I and future deprecation of the old U.I
• Applied changes to T&Cs status banner in the old U.I
• New UI changes:
  • Authority Domain Claim:
    • Correct issue with no action happening when clicking on the view button
    • Added Authority Name column inside the Authority Domain Claim
  • When creating a new Authority Domain Role Claim, display only the Roles that are enabled by the domain claim authority
  • Authorisation Servers:
    • Added “Active/Inactive” text in the Status column
    • When creating a new Authorisation server, terms of service URI is no longer marked as required
    • When editing an Authorisation Server, you now can edit the Customer Friendly Name and OpenID Discovery Document URI fields
  • Software Statements:
    • When editing an unlocked Software Statement, you can now edit the Client Name field
    • When creating a new Software Statement, the Terms of Service and Policy URI fields are no longer marked as required
  • T&Cs:
    • Correct issue with no action happening when clicking on the signing icon
    • Replaced signing icon to better reflect action
  • Organisation Certificates:
  • Standardized icons inside the actions column
  • Reviewed button colors

Version 1.0.4

March 25, 2022

What’s new

• Authorization Server Security certification table
  • Self-Certified will now be the default status on all the existing certifications, both on UI and on an API level
  • New U.I. allows super users and certificate managers to assign self-certified status to a certification.
  • Participants endpoint will now include self-certified API resources and Authorisation Server certifications
• New U.I. Fixes/Improvements
  • Fix the issue where Phase 4 Families were not Appearing on the screen
  • Update the translation of field “Historia TnC” to “Histórico dos Termos e Condições”
  • When an organization is selected on the directory a grey bar will appear showing that it has been selected
  • Remove the cursor hovering hand from the “Active/Inactive” button
  • Whenever you hover over an icon, a tooltip will appear stating what action the button will perform
  • Wrapped pages into virtual horizontal sliders when page content is too big - Example Long Resource URIs
  • Whenever something is deleted a pop up will now appear asking you to confirm the deletion of said element
• General
  • On Registration, change the “Do You have an E-CPF” set switch to have its default value set to “no”
  • Fix the issue where customer friendly logo URI would display an error message despite the Uri being in the correct format

Version 1.0.3

March 17, 2022

What’s new

• New U.I. Changes
  • Translation Improvements
  • Change on Background Colours
  • Update the buttons for inactive users
  • Set the “show my orgs” to default to true
• Authorization Server Certification Changes
  • When a new certification is added, default status will be Self-Certified
  • Set rules regarding who can set and change the Self-Certified status on certification
• SS and SSA Updates
  • Allow users to add an Inactivated EXT_BRCAC as long as it’s valid on production
  • Disable the claim/field software_subject_type when the SSA is generated