IDV Bridge On-Premise Changelog
v3.4
-
Bug fix:
KL_BIOM_ERROR_FILTER_TRIGGERED[422] is now correctly returned in all cases where the image fails our image quality checks. Previously there were occurrences whereKL_BIOM_ERROR_BAD_INPUT[500] was returned.
v3.3.0
-
The biometric library uses an improved face detector, which should improve successful enrollment rates for customers.
-
The default value for
MAX_CONCURENCYis now aware of CPU limits placed on the Docker container instead of using just the number of CPUs, which should improve both performance and stability.
v3.2.0
-
Updated to the latest biometric library.
-
This includes the removal of
filter_face_has_mask, which is now redundant.
v3.1.0
-
Added support for device type and origin - To improve performance metric insights and functionality (whether a device can be safely removed), we are adding
deviceTypeanddeviceOriginacross the PingOne Recognize infrastructure, including IDV Bridge On-Premise in online enrollment mode. -
This type of insight will also be visible in the dashboard soon (Q3 '25).
deviceType:
- "SDK"
- "BACKUP"
- "TEMPORARY_STATE"
deviceOrigin:
- "ANDROID"
- "IOS"
- "KEYLESS_AGENT"
- "WEB"
v3.0.0
Highlights
-
Performance - New memory management system reduces memory leaks and the need for auto-resets.
-
Audibility - Full JSON logs are now available without non-JSON print statements.
-
Security - PingOne Recognize can now run in both root and non-root configurations. In addition, we reduced the Docker image size and completed a fresh round of vulnerability scans.
Memory management
The new memory management system allows integrators to specify how many biometric sessions can run in parallel. This effectively limits maximum memory usage. Where previous versions needed 6GB of memory, this version requires only 1GB for the same throughput. Estimated performance and throughput are summarized in How to run PingOne Recognize Agent, though actual performance varies depending on the customer’s hardware.
Breaking changes
-
The deprecated endpoint
/enrollment-datahas been removed. -
Due to the new memory management system, integrators on 2.x.x need to make a small configuration change outlined in How to run PingOne Recognize Agent.
v2.x.x
Breaking changes and deprecations
The original offline enrollment endpoint (/enrollment-data) is now deprecated and will be removed. Most of its API remains the same except error reporting. Since IDV Bridge On-Premise now uses a new biometric SDK, error names have changed completely.
Integrators are advised to switch to the new endpoint (/v1/offline-enrollment) as soon as possible, or evaluate whether online enrollment better suits their use case.
Migration from /enrollment-data to /v1/offline-enrollment
With the new endpoint, the integrator must choose a scenario (using the Scenario header). Scenario is similar to the config query parameter in the old endpoint.
-
SELFIEscenario is similar toconfig=defaultin the old endpoint. This is also the default on the old endpoint. -
TRUSTED_SOURCEscenario is similar toconfig=less-strictin the old endpoint. -
DOCUMENTscenario has no equivalent in the old endpoint.
Final notes:
-
The request body is the same.
-
The response now follows camelCase naming conventions and the
statsfield has been removed. -
The error response is now more detailed and follows the same naming convention as the rest of the API.