Skip to main content
← Back to index page

9.0

We are proud to present you the new version 9 of webPDF.

Below you will find the new features and functions of this release. We hope you enjoy the new version. Any feedback is always welcome.

💥 Important changes

caution

This section contains important information, notes and changes to the new product release. Please make sure to read and take this information into account, as some adjustments may result in breaking changes in the use of the product.

SOAP 1.1 and "&" parameters removed

In the current version, the deactivation of the old parameters announced in version 7 has been implemented. The old SOAP 1.1 web services and thus the old "&" concatenation of the parameters has been removed. From this version on, only the complex XML or JSON structure is available for SOAP. The parameters are defined via the XML Schema Definition (XSD) language and are linked using SOAP 1.2.

Parameters in the pay load of the request

With the REST API, all parameters are only passed as JSON structures in the pay load of the request. The REST API does not understand parameters that are passed as XML in the pay load. Conversely, the SOAP API only understands parameters that are passed as XML structures and no JSON structures.

Documentation of the parameters

The documentation of the parameters and the XML or JSON structures is no longer part of this documentation. The descriptions have been integrated directly into the OpenAPI or WSDL API and can now be viewed under API {REST} or API {SOAP}.

General documentation

The documentation of the portal is no longer part of this document, but has been integrated directly into the portal. All dialogs have the (?) and (i) icons that display context-sensitive help. In the Admin Portal, the documentation of the configuration parameters is displayed directly in the dialog via the (i) symbol.

JWT Authorization

The REST and SOAP APIs use a JSON Web Token (JWT), also called an access token, for authorization. This access token replaces the previous session ID, but is to be used transparently to the previous ID and passed with each web service call. webPDF uses RSA signed tokens (JSON Web Signature (JWS)) provided via local authorization or an OAuth2 provider. Access tokens have an expiration (expiration date) that automatically terminates a session. This can be prevented by a refresh token if necessary.

Login (Authentication)

The REST API call "/authentication/user/login" as "GET" is deprecated and should no longer be used for new applications or replaced by the corresponding "POST" call. The "POST" call allows requesting a refresh token during authentication.

POST /authentication/user/login

API {REST}

The call performs authentication and provides the corresponding JSON Web Token (JWT) for authorizing the web service calls (REST and SOAP).

Provision of authorization (access token)

The JSON web tokens are passed in the "Header" of the web service call. The access token is passed to the endpoint in the "Authorization" header as "Bearer: [access token]". This is possible for both the REST API and the SOAP API. For compatibility reasons, it is still possible to pass the access token in the "Token" field. However, this should be avoided for new applications or changed over in a timely manner.

Authorization via OAuth2

In addition to local authorization of the REST and SOAP API and local authentication via the local user sources, external OAuth2 authorization can also be used to use the web services.

Disable API and anonymous login

The REST and SOAP APIs can be disabled individually on the server. In addition, the anonymous use of both APIs can be disabled.

Language in admin portal

The admin portal is now only available in English.

REST limits

The limits for the REST API, such as maximum number of documents per session or maximum upload size, must be reconfigured via the Admin Portal after an update. These parameters are now part of the local authorization.

🚀 New Feature

Installation

Server

  • Migration to Tomcat 10.x and Jakarta EE 9.x
  • "TLS v1.3" and "http/2" for HTTP connections of the server
  • Authorization of web services via external OAuth2 providers (e. g. Microsoft or Auth0)
  • REST and SOAP API can be disabled separately
  • Anonymous login can be disabled
  • Get web service status via
  • Java Management Extension (JMX),
  • REST API status: "/rest/admin/server/status" and
  • REST API statistics: "/rest/admin/statistic/realtime/..." (experimental)
  • User login (authentication) via "Azure AD"
  • Read certificates from LDAP profile when logging in via LDAP and Active Directory
  • Administration of the server via REST-API possible ("/rest/admin/configuration/...")
  • Central keystores: Certificates for encryption/decryption and digital signatures

Documentation

  • Help now only "online" as part of the server (accessible via admin portal)
  • Help now only contains documentation for administrators and developers
  • Help for the portal directly integrated into the dialogs via the "(i)" and "(?)" icons
  • All web service parameters described directly in OpenAPI or SOAP API (WSDL)
  • Client stubs (e. g. editor.swagger.io) can be generated via OpenAPI

Web services in general

  • Connection to external OAuth2 providers for web service authorization
  • "compress" and "signature" profiles for web service invocation to influence default behavior
  • "signature" options: noEditRestrictions, generalEditRestrictions, adobeRestrictions
  • "compress" options: always, never, recompress
  • Certificates (PEM encoded) directly in the parameters for document encryption/decryption and for digital signatures
  • Incremental changes for signed PDF documents (within allowed operations)
  • New endpoint "/rest/document/{documentId}/security/password" to update document encryption to read documents encrypted with certificate and password
  • User API "/authentication/user/".
  • Retrieve certificates and keystores of a logged in user "/rest/authentication/user/certificates"
  • Endpoint to provide passwords for access to private keys and keystores "/rest/authentication/user/passwords/{keyStoreName}"

Web service "Toolbox"

  • "export": Export PDF documents as SVG graphics
  • "transcribe" (new): HTML export for PDF documents
  • "scale" (new): Scaling of pages and content in PDF document
  • "rotate": Automatic page orientation: detection of page rotation by edge lengths
  • "xmp": Use custom fields in the PDF description
  • "annotation": New "shapes" annotation: Circle, Square, Line
  • "annotation": Subsequent editing of existing annotations
  • "annotation": Remove existing annotations
  • "annotation": Annotations and responses to annotations
  • "annotation": Flattening of annotations
  • "annotation": Central PDF template from server for rubber stamps
  • "annotation": PDF, SVG and raster images as custom appearance for rubber stamps and note annotations
  • "encrypt/decrypt": Encryption with certificates
  • "encrypt/decrypt": Decryption with certificates and private keys
  • "encrypt/decrypt": Reading PDF documents with certificate encryption
  • "encrypt/decrypt": Partial encryption (exclude metadata) when encrypting with certificates and passwords
  • "compress" (new): Automatic compression depending on the "compress" profile
  • "compress" (new): Function for subsequent compression or optimization
  • "merge": Merge signed PDF (depending on setting in "signature" profile)
  • "extract": Include PDF documents encrypted with certificates in metadata
  • "options": Support for "ViewerPreferences" (e. g. "displayDocTitle")
  • "options": Automatically open a document when opening the PDF Portfolio

Web service "Pdfa"

  • Correct structure/syntax errors in PDF during PDF/A conversion
  • Update PDF/A engine

Web service "Converter"

  • Update OutsideIn for document conversion
  • Update Chromium for HTML conversion (e. g. for mails)

Web service "Signature"

  • Certificates passed directly in parameters as PEM format
  • Multiple signing after changes (incremental PDF documents)
  • Removal of signatures and "rendering" of the visual image in the PDF document

Web service "Barcode"

  • QR Code Swiss Payment
  • Create barcode as graphic or PDF: "/rest/barcode/new"

Portal

  • Completely redesigned version of the portal (general UI maintained)
  • All new functions of the web services (see above) integrated
  • Login (if configured) to external OAuth2 providers
  • Align and scale pages
  • HTML and SVG export
  • "Shapes" annotation: Circle, Square, Line
  • Stamps: predefined and custom stamps
  • Open tab management extended: open, (group) close, filter, preview, ...
  • Clickable "tags" in the document manager (attachments, PDF/A, signatures)
  • "Tags" on documents e. g. number of pages, signatures, annotations, history, etc.
  • Simultaneous download of multiple documents as ZIP
  • Adopt display mode from PDF when scrolling (e. g. two-page display)
  • Highlight signature fields and sign directly in the fields by entering the signature on the screen (e. g. "draw" signature)
  • Remember settings per document (e. g. open windows or dialog settings)
  • Activation of keystores for the logged-in user
  • Certificate encryption/decryption on display and execution on PDF document
  • Create barcodes (without PDF)
  • Help directly in the portal using "(i)" and "(?)
  • Placement of objects with new selection frames
  • Dialog call for placeable objects changed
  • Options for annotation as "inline dialog"
  • Responses to annotations

Portal: Admin area

  • New start page with server and web service status overview
  • Statistics for the last 30 days (execution times, formats, server load)
  • Integration of parameter help directly into dialogs
  • All available documentation combined on one page
  • Admin UI now only in English