ValidSign
Getting started

Release Notes - ValidSign v2.0.0

Welcome to version 2.0.0 of the ValidSign platform. Below you will find an overview of the changes in this release. Backwards compatibility During the developme

5 min readLast updated: 2026-05-13

Welcome to version 2.0.0 of the ValidSign platform. Below you will find an overview of the changes in this release.

Backwards compatibility

During the development of our new backend, we made every effort to ensure full backwards compatibility. The vast majority of existing integrations and connections will continue to function unchanged. For a limited number of components, however, small changes were unavoidable. These changes are documented per endpoint below.

New features

The table below provides an overview of the new functionality introduced in this release.

Feature Area Description
Custom branding FRONTEND

Admin

Admins can apply custom branding themselves
Through the new Create brand screen in the frontend, admins can set up their own brand profile independently, without involvement from support.

For each brand the following elements can be configured:

  • Brand name — the name of the brand profile.
  • Application logo and Email logo — separate logos for the application and for outgoing emails (max. 2 MB, PNG/JPG/GIF).
  • Color settings — colors for text, links, button background and button text, with an immediate preview of the result.


Once saved, the brand profile can be assigned right away, so your users and recipients experience a consistent corporate identity throughout the ValidSign platform.
Multi-factor authentication (MFA) FRONTEND

All users 		Multi-factor authentication (MFA) is mandatory within the ValidSign platform as of this release, unless mandatory SSO login is used. In that case, MFA within ValidSign does not apply. It allows you to add an additional layer of security to your account.

For a detailed step-by-step explanation on how to enable and use MFA, please refer to the dedicated guide: Setting Up Two-Factor Authentication (MFA).

Changed functionality

The table below provides an overview of existing functionality that has been changed in this release.

Feature Area Description
Signing URL refreshes after transaction change PLATFORM

Signers 		Signing link is invalidated when a transaction is modified
When a transaction is modified and resent, the original signing link is no longer reused.

Previously: The existing signing URL remained valid, even after the transaction was modified and resent.
Now: Each time a transaction is modified and resent, a new signing URL is generated and sent to the signer. The previous URL is no longer usable.
Special characters no longer allowed in names PLATFORM

All users

Stricter validation on user and recipient names
A number of special characters are no longer accepted in user names and recipient names.

The following characters will be rejected:

, & < > " / # % ( ) [ ] { } | : ; ? ! =


When creating or editing users and recipients, make sure the entered names do not contain any of the characters listed above. Existing integrations should take this into account when submitting name data.
Reply-to matches sender address PLATFORM

All users 		Reply-to address is always equal to the sender address
The reply-to address of outgoing emails now always matches the actual from address.

Previously: It was possible to configure a separate reply-to address, independent of the from address.
Now: The reply-to address is automatically aligned with the from address. Setting a different reply-to address than the actual from address is no longer possible.

API changes

The table below provides an overview of all endpoints where a change has been made. Please check whether your integration uses these endpoints and adjust them where necessary.

Endpoint Method Change
api/account/senders POST Mobile phone number now requires country code
The mobile phone number field no longer accepts numbers without a country code.

Previously: 0622022222
Now: +31622022222

All phone numbers must be provided in the international E.164 format, including the country code preceded by a plus sign (+).
api/account/senders POST Status ACTIVE is no longer supported on creation
It is no longer possible to directly activate a user by sending the status ACTIVE in the payload.

Previously: A user could be activated immediately by including "status":"ACTIVE" in the request.
Now: Every new user is required to go through the registration flow and must complete the account activation themselves. Sending a status in the payload no longer affects activation.
api/account/senders/{senderId} DELETE User is now deleted directly instead of locked
This endpoint now deletes the user directly and permanently, including all associated transactions.

Previously: The user was locked when there were still active transactions.
Now: The user is deleted immediately, regardless of active transactions. All linked transactions are also deleted.
api/authenticationTokens/sender POST Sender authentication token is now properly transaction-scoped
The sender authentication token now grants access exclusively to the specific transaction (package) it was issued for, as originally documented.

Previously: Requesting a sender authentication token effectively returned a token with the same scope as a user authentication token — that is, full access to the account.
Now: The token is correctly transaction-scoped and grants access only to the corresponding packageId. For account-wide access, use the api/authenticationTokens/user endpoint instead.

Verify that your integration uses the correct endpoint for the intended scope. Integrations that unintentionally relied on the broader scope of the sender token must be updated to use the user authentication token.

Questions or need support?

Do you have questions about these changes or need help adjusting your integration? Please contact our support team at support@validsign.eu.

Was this article helpful?

Need help?

Contact our support team

Contact us