Release 4.0.0

[MrBurtyyy]

Changes

Breaking Changes

• The Identity Profile requirements as part of session creation are now strongly typed, with associated builders making it easier to request Identity Profile as part of a session.
  • Instead of using a Map<String, Object>, you will now need to use the IdentityProfileRequirementsPayload and associated buillder class (accessible via IdentityProfileRequirementsPayload.builder()
• Some constructors that were incorrectly public, have now been made private (these have associated builders available)

Added

• Support for Yoti Authentication tokens for backend authentication
  • A new yoti-sdk-auth module is available for API generation of authentication tokens, which can be used as a replacement for Yoti Signed Requests
  • The DocScanClient.Builder can now be configured to be used with an authentication token, rather than a PEM file.
• Support for fetching ShareCodeResource as part of a session
  • These can be found on the GetSessionResult along with their associated media and tasks.
• The capture_type property is now exposed for StaticLivenessResourceResponse
• The process property is now exposed for breakdowns on the BreakdownResponse class

[sonarqubecloud]

Quality Gate passed

Issues
51 New issues
0 Accepted issues

Measures
0 Security Hotspots
56.2% Coverage on New Code
1.4% Duplication on New Code

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

This is a major version release (4.0.0) of the Yoti Java SDK that introduces support for authentication tokens as an alternative to signed requests, strongly typed Identity Profile requirements, and exposes additional API properties. The PR includes significant internal refactoring to support multiple authentication strategies while maintaining the existing signed request functionality.

Changes:

• Introduced new yoti-sdk-auth module for generating Yoti Authentication tokens
• Refactored authentication to use strategy pattern with AuthStrategy interface
• Changed Identity Profile requirements from Map<String, Object> to strongly typed classes
• Made several constructors private that were incorrectly public (with builders available)
• Added support for ShareCode resources and exposed additional properties (capture_type, process)

Reviewed changes

Copilot reviewed 153 out of 154 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
pom.xml files	Updated version from 3.12.0 to 4.0.0 across all modules
yoti-sdk-auth/*	New module for authentication token generation
AuthStrategy classes	New authentication strategy pattern implementation
YotiHttpRequest/Builder	Refactored from SignedRequest to support multiple auth strategies
DocScanClient/YotiClient	Updated to use AuthStrategy instead of direct KeyPair usage
Identity Profile classes	New strongly typed payload classes for Identity Profile requirements
Session/Resource classes	Added ShareCode support and new properties
Test files	Updated tests to use new authentication patterns
Documentation	Updated version references and breaking change notes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.