Skip to main content

Castor eConsent Release Notes 2025.1.x.x

Updated

Major Release eConsent 2025.1.0.0

Release dates

EU server: February 5, 6 pm CET / 12 pm ET

US server: February 6, 9 am CET / 3 am ET

New features and enhancements

  • In this release our main focus was upgrading our infrastructure. These technical improvements are not necessarily visible to the user, but they are needed to ensure a reliable user experience for the user.
  • We have improved the registration flow for participants. The fields are now in a more logical order and for US participants it is now easier to select a State/Province/Region, which ensures a smoother experience when filling in your personal details.

Maintenance release 2025.1.1.0

Release date

EU & US servers: February 24, 9 AM CET / 3 AM ET

New features and enhancements

  • eConsent now supports Italian and French for all participant-facing elements.
  • Password rotation can now be configured per study by Castor. Users will be forced to reset their password after a configurable amount of days. The two most recent passwords can not be re-used.
  • Validation for US zip codes has been added on the participant detail page that is part of the onboarding flow for participants.

Maintenance release 2025.1.2.0

Release date

EU & US servers: March 7, 9 AM CET / 3 AM ET

New features and enhancements

  • Various technical improvements to help our Support team assist customers more efficiently.

Minor release 2025.1.3.0

Release date

EU & US servers: March 24, 9 AM CET / 3 AM ET

New features and enhancements:

  • Passwordless authentication

To enhance security and usability, we are introducing a passwordless login experience for participants in our eConsent product. This change applies only to newly created studies and replaces traditional passwords with one-time passwords (OTP) sent via email.

Email-Based OTP Authentication - Instead of entering a password, participants will receive a one-time password (OTP) via email to authenticate/

Simplified Registration and Login Flow - Participants only need to enter their first and last name during registration. An OTP is then sent to their email for account activation. Future logins will also require an OTP for authentication.

Effortless Signing of Documents - An OTP is required when signing a document. When a participant initiates a signature, the system automatically sends an OTP to their email. Once authenticated, the signature is confirmed.

No More Forgotten Passwords - Because an OTP is generated for each login, participants no longer need to remember passwords or go through a password reset process.

Other enhancements

  • It is now possible to adjust the text of the participant questions when editing a draft ICF.

System defect fixes

  • We fixed an issue where, after Castor Support would change the email address of a LAR user, the system would log an ATE which specified that a participants' email address was changed instead of that of a LAR.

Maintenance release 2025.1.4.0

Release date

EU & US servers: April 22nd, 9 AM CET / 3 AM ET

New features and enhancements

  • The Participant ID will now be shown in the PDF version of a form. This is only applied to newly created forms. Existing forms are not affected.
  • Resolved an issue where some ICF forms had minor tickbox-text misalignment
  • Resolved issues with wording and presentation of authentication modals for users of OTP/SSO

 

Hotfix release 2025.1.4.1

Release date

EU & US servers: April 28th, 9 AM CET / 3 AM ET

System defect fixes

  • Fixed an issue where the content would be cut off in ICFs with a large amount of text.

 

Maintenance release 2025.1.5.0

Release date

EU & US servers: May 23rd, 9 AM CET / 3 AM ET

 

New features and enhancements

  • We fixed an issue where, after signing a document, the document overview would not indicate that the document was signed.
  • We fixed an issue where the 'Name' column width in the Consent form overview could not be adjusted.
  • Resolved an issue where it was possible for duplicate participant IDs to be created in CDMS as in eConsent, due to eConsent not being prompted to trigger a retry/check. Resolved by storing the Participant ID created in CDMS in a temporary storage in eConsent meaning when a retry happens, eConsent will first do a lookup in the temporary storage before executing another creation in CDMS

 

Minor release 2025.1.6.0

Release date

EU & US servers: 1st July, 9 AM CET / 3 AM ET

 

New features and enhancements

  • Castor's new browser and operating system policy will be applied across the eConsent platform - the full details of which are available in a dedicated page here
    • All clinicians will need to comply with the new policy when using the eConsent platform, regardless of their study
    • Participants on existing studies (those live prior to the release of 2025.2.0.0) will not have the policy applied by default. All participants on newly created studies will have the policy applied, and existing studies can migrate on request.
  • Resolved an issue where removing an ICF assigned to a participant was generating errors
  • Implemented underlying technical infrastructure changes to improve maintainability and performance

 

Minor release 2025.1.7.0

Release date (tentative)

EU & US servers: 11th July, 9 AM CET / 3 AM ET

 

New features and enhancements

  • First name and last name are no longer mandaotry/required as part of registration - enabling more flexibility when using eConsent with other Castor services
  • Minor amendments to authentication modals to make them clearer to users
  • Minor UI amendment to make the 'sign informed consent form' button a little more pronounced
  • Browser policy released in 2025.1.6.0 extended to cover/reflect permitted Mac OS versions, consistent with CDMS

Minor release 2025.1.8.0

Release date

EU & US servers: 17th July, 9 AM CET / 3 AM ET

 

New features and enhancements

  • Resolved an issue where the text of longer option field responses was being cut off at the margins in exported PDF copies of ICF forms

Minor release 2025.1.9.0

Release date

EU & US servers: 11th September, 9 AM CET / 3 AM ET

 

New features and enhancements

  • We have updated the digital signature process for users with two-factor authentication (2FA) enabled.
    • If you have 2FA enabled (e.g., via an authenticator app or passkey), you’ll now be redirected to Castor Identity to log in securely, just like SSO users.
    • This change applies to both standard document signing and in-person signing. When authentication is required, the modal will now close and redirect you to Castor Identity.
  • We have added locales (e.g. Dutch for Belgium/ Flemish) and additional languages for use by participants (e.g. Simplified Chinese)
  • The participant ID character limit for eConsent has been extended to 40 characters
  • Resolved an issue where entry of user details for signing without inclusion of an email was generating an unexpected error
  • Resolved an issue where uploading a paper ICF for a participant then changing their eligibility status could result in an unexpected error.
  • We now allow the removal of sites from an ICF if that ICF has no participants assigned for that site. This reduces the need to archive and replace an ICF due to an ICF historically being associated with patients/a site.

Minor release 2025.1.10.0

Release date (tentative)

EU & US servers: 21st October, 9 AM CET / 3 AM ET

 

New features and enhancements

  • Arabic (RTL) is now available as a selectable language for participants
  • We have added the ability to add participant first and last names to eConsent email templates
  • A study setting mandating clinicians collect a participant phone number on participant creation has been added
  • Clinicians on studies using the latest enrolment flow can now use direct links in the participant view to navigate to Castor CDMS
  • Resolved an issue where surveys being created via eConsent <> CDMS integration were getting stuck in 'Created' status
  • Revised presentation of 'required' guidance text for fields on iOS to make them consistent with Android

Minor release 2025.1.11.0

Release date

EU & US servers: 13th November, 9 AM CET / 3 AM ET

 

New features and enhancements

  • We have added a study configuration to prevent the download of an ICF until it is signed
  • An additional study setting to make email collection mandatory on participant creation has been added
  • The setting making phone number collection mandatory added in 2025.1.10 has been extended to include paper upload
  • For studies using both eConsent and Castor CDMS with on-site ePRO configured, they will be able to click a direct link within the participant page of eConsent to access on-site ePRO for that participant

Maintenance release 2025.1.12.0

Release date (tentative)

EU & US servers: 10 March, 9 AM CET / 3 AM ET

System defects fixes

 [Arabic] PDF and HTML are not aligned

Informed Consent Form PDF for Arabic and other right-to-left (RTL) language participants now render with correct RTL text alignment, consistent with the version shown in the participant portal. Study teams using RTL-languages consent forms can now provide participants with PDF copies that accurately reflect the intended reading direction and layout.

 [Arabic] Email content not correctly aligned

Participant-facing emails are now correctly displayed right-to-left when the study language is set to Arabic or another right-to-left language.

 Subject ICF consent date is shown in the future if it is within the last week of the year

ICF signature date display now accurately reflects the calendar year for consent forms signed during the last days of December, preventing date records from appearing one year in the future.

 Participant is stuck at the page for updating profile details

The participant profile completion flow now handles pre-populated profile fields correctly, allowing participants to proceed to ICF signing even when a site investigator has pre-filled details such as gender on their behalf. This resolves an issue that caused participants to become blocked at the "Complete your study profile" page, unable to advance to consent signing.

 Only PDF download permitted of paper ICF

Restored the ability to download paper ICF files. The system now correctly handles non-PDF paper ICF downloads, allowing users to retrieve documents.

[Arabic]  ICF in PDF version translates Date header fields to English for Arabic language

We have fixed defect where the Date header field is now available in Arabic language R to L.

Supported Browser & OS versions

For more details you can review Castor’s Browser and Operating System (OS) Policy.

Supported Browsers

Browser Min version
Chrome / Chromium 133
Edge 133
Firefox 136
Safari (macOS/iOS) 18
iOS Safari 18
Samsung Internet 29

Supported Operating Systems

OS Min Version
Android 13
iOS 18
macOS 14
Windows 10
Linux Always supported

Deprecation Notice

Deprecation notice: Legacy eConsent Authentication Endpoint

As of release 2025.1.12.0, all URLs on the auth.castorconsent.com domain used for eConsent API authentication are officially deprecated and will stop working in September 2027 (approximately 18 months from this release).

Background In 2024, eConsent's identity provider was migrated to Castor Identity. A redirect has been in place since then to forward requests from the old Keycloak URLs to the new Identity endpoint. This redirect will be permanently removed in September 2027.

Action required

If your system authenticates with the eConsent API using a Service Account (client credentials), you are likely making one or both of the following requests and need to update the URLs accordingly.

1. Obtaining an access token using client_id and client_secret:

Old: POST https://auth.castorconsent.com/auth/realms/castor-econsent/protocol/openid-connect/token

New: POST https://identity.castoredc.com/realms/castor-identity/protocol/openid-connect/token

2. Refreshing an access token using a refresh token (if applicable):

Old: POST https://auth.castorconsent.com/auth/realms/castor-econsent/protocol/openid-connect/token

New: POST https://identity.castoredc.com/realms/castor-identity/protocol/openid-connect/token

In summary, replace all occurrences of https://auth.castorconsent.com/auth/realms/castor-econsent/ with https://identity.castoredc.com/realms/castor-identity/. No other changes to your integration are required.

If you have questions or need assistance, please contact Castor Support.

Timeline

  • March 2026 (2025.1.12.0 release): Deprecation notice published
  • September 2026: Usage check-in (6 months)
  • March 2027: Usage check-in (12 months)
  • September 2027: Legacy endpoint redirect removed (18 months)

 

Related articles