Select release
Liveness Check Proxy Documentation

Configuration Properties

Database Structure

Deploying Liveness Check Proxy

Liveness Check Proxy REST API

Artifact Signing

Migration Instructions

Migration from 1.2.x to 1.3.0

Edit on Github Send Feedback develop

This guide contains instructions for migration from Liveness Check Proxy version 1.2.x to version 1.3.0.

Database Changes

For convenience, you can use liquibase for your database migration.

The main Liquibase script is located in path db/changelog/db.changelog-master.xml.

For manual changes use SQL scripts:

audit_log Table

Added a new indexed column subject_id holding an identifier linking the audit record to an entity it is related to (e.g. user ID for user-related audit records).

The auditing tables may be already updated in your database schema if the database schema is not separated for different PowerAuth applications. In case the column audit_log.subject_id and its index audit_log_subject_id_idx are already present, you can safely skip this migration step.

lcp_enrollment Table

Added a new column timestamp_onboarding_event holding the timestamp of the last onboarding event.

Added index on external_id column.

REST API

Onboarding Events Endpoint

Added new endpoint POST /onboarding-events which process onboarding events of type PROCESS_FINISHED. It creates record in lcp_enrollment table or updates existing one with matching external_id if timestamp of received event is newer than the last change of the record.

Audit Log Responses

Added reference field to audit log list (GET /admin/audit/users/{userId}) and audit log detail (GET /admin/audit/{auditLogId}) responses. The field contains the iProov verification token when available, linking all audit records of one verification session together.

Liveness Verification Provider

iProov

When POST /liveness/init is called for a user that no longer exists in the provider, the corresponding record in lcp_enrollment is deleted and the action is recorded in the audit log. This behavior enables self-recovery.

The initial request returns HTTP 400 with an error indicating that the user does not exist. However, because the database enrollment record has been removed, the next endpoint call creates a new enrollment in the provider. This recovery mechanism is triggered when the provider responds with HTTP 400 and the response body contains an error field with either invalid_user_id or no_user.

In the previous implementation, the fallback behavior was different. Instead of deleting the database enrollment record, the system attempted to create a new enrollment directly in the provider. This fallback was triggered only when the provider returned error with no_user. Since iProov now returns error with invalid_user_id for the same scenario, the previous recovery logic was no longer activated, causing the fallback to fail.

Dependency Updates

Docker Base Image Upgrade

The Docker base image has been upgraded from ibm-semeru-runtimes:open-21.0.9_10-jre-noble (OpenJDK 21) to ibm-semeru-runtimes:open-jdk-25.0.3.0-jre-noble (OpenJDK 25). No action is required.

Spring Boot 4 and Jackson 3

Liveness Check Proxy has been migrated to Spring Boot 4 and Jackson 3.

Last updated on Jun 08, 2026 (09:48) Edit on Github Send Feedback
On this page:

develop

Liveness Check Proxy