All Systems Operational

About This Site

This is the statuspage of Evidos, evidence in online services. You can monitor the availability and maintenance of our signing and identification platform. Please subscribe with the top right subscribe button on this site to get pro-active messages on (planned) maintenance or degraded performance. Evidos is a market leader in the field of electronic signatures and electronic identification.

API Operational
90 days ago
99.78 % uptime
Today
UI / View ? Operational
90 days ago
99.78 % uptime
Today
Portal Operational
90 days ago
99.88 % uptime
Today
⮑ External verifications Operational
eHerkenning Operational
DigiD Operational
iDEAL Operational
iDIN Operational
Phonenumber / SMS Operational
itsme Operational
eIDAS ? Operational
Auth ? Operational
90 days ago
99.61 % uptime
Today
Queueing backend ? Operational
ID Proof ? Operational
90 days ago
99.9 % uptime
Today
Webforms ? Operational
90 days ago
99.86 % uptime
Today
External services Operational
SMS Service Operational
CDN-EU1 Operational
CDN-EU2 Operational
Mail service ? Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.
Scheduled Maintenance
Scheduled - Summary:
We are improving our API security. This message is relevant if you use our API.

18th of January we will phase out allowing invalid Accept headers to be communicated to our API. Please check your implementation for adhering to the http internet standards and our documentation.
Sending an Accept header for a message type we cannot and never could deliver will stop working.
We are not changing our API or removing backwards compatibility, but will strictly interpret API messages conforming to security specs.


Full message:

We are continuously improving our Signhost service with new verification methods, performance and keeping it up to date with the latest security standards. We are always striving to keep our API backwards compatible as we document it on https://api.signhost.com.

However, in the API so far we have always accepted requests that differed from what we have documented, as well as some requests that did not meet the HTTP standard and/or JSON.
API requests that do not meet the standards are not supported by us.

Because we want to be able to keep rolling out new features and we don't want to jeopardize the safety of our product, invalid requests will not be accepted anymore.
What has changed:

If there is a correct API implementation that adheres to internet standards such as HTTP/1.1 (RFC2616), ISO8601 and our documented Model types and properties then nothing will change. Our API remains as it was for you. We do not introduce a new version, the current version v1 will continue to work as it is. There is no v2 version of the API.

For reference version 1.1 of the HTTP standard can be found at https://www.w3.org/Protocols/rfc2616/rfc2616.html and is still supported by us.
Use the Model types and properties as documented and don't rely too much on example requests / responses.

We see a number of different invalid request types occurring to our API:
- a Content-Type header in a GET request to us, when you send us content of a whole differerent type (eg. JSON instead of PDF)
- null values in JSON
- Invalid Accept headers, where a type of message is requested which we cannot and never could deliver. (eg. docx. when requesting a signed pdf.)


What was done?
Our initial test of phasing out the Accept header workaround was reverted due to some unforseen issues on December the first.
Null values where succesfully phased out.
Invalid Content type GET requests will be phased out fully later in 2021. This will be communicated on this channel.
https://status.signhost.com/incidents/dr9lg69z0w1q

We have contacted customers who we suspect sending incorrect Accept headers, and advise all our API customers to double check a correct Accept header implementation.

Not sure what to do? If you do not specify an accept header, we are unrestricted in our response to your request and no issues will arise.

An easy way to test your outgoing headers is through a webhook test endpoint such as webhook.site.

Read more about accept headers here:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#:~:text=The%20Accept%20request%2Dheader%20field,for%20an%20in%2Dline%20image.
Dec 23, 10:40 CET
DigiD: release 5.18 Feb 8, 00:00-06:00 CET
Maandag 8 februari van 0.00 tot 06.00 uur staat onderhoud van DigiD gepland. Release 5.18 wordt dan naar de productieomgeving gebracht. Gedurende dit onderhoud is DigiD niet beschikbaar.

Hieronder treft u de belangrijkste definitieve wijzigingen van deze release.

Release 5.18 | Definitieve wijzigingen

1. Gerichte melding bij niet-ondersteund besturingssysteem en/of browser

Update DigiD app
Logius verbetert de DigiD app continu. Een update van de app vindt plaats op maandag 15 februari 2021. De volgende wijzigingen worden doorgevoerd:

1. Nieuwe manieren voor het ontvangen van meldingen
2. App activeren met gebruikersnaam en wachtwoord
3. Extra aandacht voor uitvoeren ID-check
Posted on Jan 14, 09:21 CET
For our API implementations our customers are using postbacks to proactively process the transaction status.

We never recommended nor supported to perform IP address whitelisting for security, but some customers might use this method.
From end of February we will move our postback services and introduce flexible IP's. So any customer that still has this IP whitelisting configured , this is NOT POSSIBLE anymore from the end of February. Customers can use the checksum method.

Because we want to improve our security all the time we will introduce a new possibility to validate if the postback messages are coming from our environment. We will make it possible to configure security authorization headers in Q1.

See the full message and explanation of the new feature here.
here https://intercom.help/evidos/nl/articles/4739431-postback-header-security
Posted on Dec 21, 18:43 CET
Messages being processed
Backend processing times ?
Past Incidents
Jan 18, 2021

No incidents reported today.

Jan 17, 2021

No incidents reported.

Jan 16, 2021

No incidents reported.

Jan 15, 2021

No incidents reported.

Jan 14, 2021

No incidents reported.

Jan 13, 2021

No incidents reported.

Jan 12, 2021

No incidents reported.

Jan 11, 2021
Completed - The scheduled maintenance has been completed.
Jan 11, 06:00 CET
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Jan 11, 00:00 CET
Scheduled - Regular maintenance of DigiD's production environment is planned. DigiD is not available during this maintenance window.
Dec 29, 16:47 CET
Jan 10, 2021

No incidents reported.

Jan 9, 2021

No incidents reported.

Jan 8, 2021

No incidents reported.

Jan 7, 2021

No incidents reported.

Jan 6, 2021

No incidents reported.

Jan 5, 2021

No incidents reported.

Jan 4, 2021

No incidents reported.