Pharos Cloud 4.1 Release Notes - February 2025

Pharos Cloud 4.1 Release Notes

This release represents the latest version of Pharos Cloud. This update includes several important new features including:

• Support for SAML as a User Authentication Provider
• Account Management: Support for Copy Accounting (Preview Mode)
• Added the following New APIs
  • Users
  • Device Toner Data
  • Device Status Data
• External Card Integration (Preview Mode)
• Device Profiles Updates
  • Cloud Release setting added to Device Profiles
  • Added the ability to hide Print Options and Print and Retain Settings
• User Management: Added the "View Guests only action
• Sentry Print Service Updates

Support for SAML as a User Authentication Provider

Pharos Cloud now supports SAML for end-user authentication, providing seamless and secure login experiences across all Pharos Cloud applications.

SAML support, previously available for system users logging into the web console is now expanded to end-user authentication. SAML has been added as a User Authentication Provider for Secure Print and Direct Print, facilitating user registration for Pharos applications, such as Print Scout, User Portal, Chrome Print, and the mobile app.

With SAML support for SSO, end users can access Pharos Cloud applications using their identity provider (IdP) credentials. During their first login, users are redirected to the IdP's login page to authenticate. Once successfully authenticated, they are seamlessly redirected back to Pharos Cloud and logged into their account.

Key Benefits:

• Improves user experience - Users can log in using their existing company credentials. Users do not have to remember another set of credentials.
• Helps lower IT costs - Eliminates the responsibility of storing and managing user credentials.

Web Console Update

To support SAML, a new SAML2.0 option has been added to the following tabs in the Pharos web console. These tabs are used to enable and configure SAML.

• Secure > Settings > User Authentication Providers
• Direct > Settings > User Authentication Providers

Refer to the Pharos Cloud Help for more information on how to configure SAML as an Authentication Provider.

Account Management: Support for Copy Accounting (Preview Mode)

Pharos Cloud 4.1 introduces the Copy Accounting feature which enables higher education institutions with Pharos Cloud Education Edition to track and manage costs associated with copy transactions. Using this feature, users can choose which account to charge for their copying activities directly at a Secure Release enabled printer.

Requirements:

• Job Accounting license and Secure Release or Direct Print license 
• OpenID or SAML authentication 
• Education Edition license

Note: The Copy Accounting feature is in “Preview Mode” only. You can request access to this feature by emailing customerpreview@pharos.com.

How it works

Administrators create accounts in the web console. Accounts can be created in the Users > Account Management tab of the web console. For detailed information on creating and managing accounts, refer to the Account Management document in the Help Center.

Once accounts are created and configured, when a user logs into a Secure Release enabled printer, their active account is displayed at the top of the printer screen next to a “Copy Billing” label, and all copying will be charged to that account.

Note: The active account shown under the Copy Billing label applies only to copy jobs, not print jobs. Print jobs are billed to the account assigned at the time of submission or updated later in the User Portal. Users can see which account their print jobs will be charged to by viewing the Review Documents screen.

For copying, if users have multiple accounts, they can switch to a different one by clicking the edit button next to Copy Billing, which will display a list of available accounts as shown below.

New APIS

Administrators can use the Analysis > API screen in the web console to connect to specific API endpoints. These endpoints enable the extraction of data from the Pharos Cloud providing access to valuable information such as meter data and print transactions data. Once extracted, administrators can use a variety of tools, such as Power BI to manipulate and analyze the data.

In this update, three new APIs have been introduced to expand data access and support various organizational requirements. The new APIs with this release are:

• Users
• Device Toner Data
• Device Status Data

Note: Device Toner and Device Status APIs require a Device Meter Data license.

Users API

The Users API allows administrators to create, manage, and access user accounts, including guest accounts, programmatically. It provides endpoints to handle tasks such as creating new users (including guest users), updating user details, and deleting users.

Refer to the API Documentation to explore endpoints, view request and response details, and test API functionality.

Refer to the Pharos Cloud Help Center for more information on how to generate the Client ID and Client Secret required to connect to the API.

Device Toner Data

The Device Toner Data API allows administrators to extract data from the Fleet > Toner tab. The data contains information about toner levels and usage. It allows administrators to connect to endpoints and monitor toner consumption, track current toner levels, and identify when replacements are needed.

Device Status Data

The Device Status Data API enables administrators to extract device metrics from the Fleet > Status tab. The data contains specific information about the status of your print devices and other metrics that reflect device health and performance.

For more details about the APIs, refer to Connecting to the API to Extract Data in the Pharos Help Center.

External Card integration (Preview Mode)

Note: The External Card integration feature is in “Preview Mode” only. You can request access to this feature by emailing customerpreview@pharos.com.

Pharos Cloud now integrates with third-party card systems, allowing organizations to connect external web services to query card information. Printers can retrieve card details directly from external sources, offering a more flexible, secure, and scalable solution that meets modern workplace security requirements.

With this integration, card management is handled by your organization, reducing reliance on Pharos Cloud. Pharos Cloud performs real-time queries to third-party APIs whenever card information is needed. In addition, administrators can test card IDs directly within the Pharos Cloud web console to help verify that the integration works and ensures smooth operations for end users.

Important Notes:

• This feature works for OpenID or SAML authentication providers only. It does not support Email Authentication or Active Directory authentication.
• When you enable and configure External Card Integration, any previously stored card data within Pharos Cloud will no longer be used.
• Only one card system can be active at a time. You can either use the card system within Pharos Cloud or use the external card integration feature. You cannot use both at the same time.

Web Console Update

To support this feature, a new External Card Integration section has been added to the Analysis > API tab in the web console. Administrators can use this section to configure and manage the connection between Pharos Cloud and third-party identity providers.

Administrators configure the integration by entering details like the endpoint URL and authentication credentials. Pharos Cloud then queries the third-party identity provider to retrieve or validate card details when a card is used at a secure printer.

The External Card Integration settings screen include

• Allow card authentication via external API - Toggle this switch to enable the feature. This can only be enabled when an Endpoint URL is provided.
• Endpoint URL – Add the API endpoint URL for the third-party card system.
• Certificate URL – Enter the URL of the digital certificate hosted on a server  to establish secure communication between Pharos Cloud and the third-party card system, ensuring the data exchanged is signed or encrypted for security.
• Test API Configuration –Test card IDs to ensure the integration is working correctly.

How it works

Configure Card Integration in the web console

1. The administrator configures the External Card Integration in the Pharos web console.
2. The administrator tests a card ID to verify that the card integration works.

User Workflow

1. A user swipes their card at a secure printer or enters their card details, the contents of which are encrypted.
2. The encrypted data is sent to Pharos Cloud for verification to generate a temporary access token.
3. Pharos Cloud sends an authentication request to the third-party user identification provider.
4. The third-party provider decrypts, verifies, and identifies the user.

Device Profiles Updates

Added Cloud Release toggle in Device Profiles

This update introduces a new Cloud Release option within Secure > Device Profiles. The new setting allows administrators to override the global Cloud Release option available on the Secure Print Settings page. This update gives organizations more control over device configurations, making Secure Release setup simpler and more flexible.

The Cloud Release setting will remain in the Secure Settings tab with a new toggle added to Device Profiles.

Notes:

• The Cloud Release checkbox in Device Profiles appears only if the global Cloud Release setting is enabled. If the global setting is OFF, Cloud Release will not be available in Device Profiles.
• Cloud Release setting applies to HP and Ricoh devices only.

Disabling the Cloud Release enables documents to be released via the Print Scout (instead of going through the cloud). 

Added the ability to hide Print Options and Print and Retain

In the previous version, the Print Options and Print and Retain settings in the Device Profiles tab of the web console could only be set to "Shown". With this update, they can now be set to “Hidden” if needed. This allows administrators to allow or restrict users to use these options.

• Print Options – When set to “Hidden”, users are prevented from changing print options after the job has been submitted. When set to “Shown”, users can change document options at the secure printer before the job is released.
• Print and Retain – When set to "Hidden," users cannot retain print jobs in the queue after release. When set to "Shown," users can reprint documents as needed.

Note: These settings are set to “Shown” by default.

User Management: Added the "View Guests only" setting

A new View guests only toggle has been added to the Users > User Management tab of the web console. This feature allows administrators to filter and view only guest users within the user grid. This feature makes it easier to quickly identify guest users within Pharos Cloud. 

Sentry Print Service Updates

This section outlines the improvements and bug fixes for the latest version of the Pharos Systems Sentry Print Service.

Improvements

• Enhanced Control over Secure Release Settings 

Updated the Sentry Print Service to support the ability to disable Print Options and Print and Retain in the Secure > Device Profiles tab of the web console. Previously, these options were always visible on secure printers. In this update, these options can now be hidden if required.

• Email notification when scan file size is exceeded

The file size limit for scanned documents in the Secure Scan app is 80 MB. When a user's file exceeds this limit, an email notification is now sent to users. This minimizes confusion by making users aware that they have exceeded the limit. 

Bugfixes

• HP devices - Secure Scan quality attribute mapping on HP devices now functions correctly, ensuring full utilization of the scan functionality.
• Canon and Xerox devices - Job upload and accounting for Copy/Scan now function correctly when a user logs out immediately after job completion. Previously, logging out too quickly caused failures when uploading to all destinations (OneDrive, SharePoint, Email, Network Folder).
• Xerox devices
  • Resolved a Site Service cache issue on Xerox devices that caused authentication failures after an admin credential update. The failure is caused by the Site Service attempting authentication using cached credentials, resulting in an "Admin credential not valid, please set the credentials and try again" error
  • Fixed the issue showing “Could not log in. The server could not be found or is unavailable” for users with display name longer than 32 characters.

Print Scout Updates

The Print Scout has been updated with the following changes:

• Added support for the latest HP Universal Print Driver 7.3.0 (released in November 2024).
• Implemented security patches to address known vulnerabilities and mitigate potential exploits.

Component Release Versions

This release includes the following software components and release versions.

*Note: Secure Release mobile apps and the Chrome extension are published after the Cloud Services are updated.