diff --git a/Gemfile b/Gemfile
index 485f894..70c4024 100644
--- a/Gemfile
+++ b/Gemfile
@@ -4,13 +4,14 @@ ruby '2.6.8', engine: 'jruby', engine_version: '9.3.9.0'
 
 gem 'rails', '~> 5.2.6'
 gem 'tzinfo-data', platforms: [:jruby]
-gem 'puma'
+gem 'puma', '~> 6.3.1'
 
 # Drivers
 gem 'activerecord-jdbcpostgresql-adapter'
 gem 'redis'
 
 # Security
+gem 'ruby-saml', '~> 1.17'
 gem 'omniauth-saml', '~> 1.10' # TODO unlock this once https://sluzbyslovenskodigital.atlassian.net/browse/API-103 is resolved
 gem 'jwt'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index b76cc48..17e1bd4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -53,7 +53,7 @@ GEM
     arel (9.0.0)
     attr_extras (7.0.0)
     builder (3.2.4)
-    clockwork (3.0.1)
+    clockwork (3.0.0)
       activesupport
       tzinfo
     coderay (1.1.3)
@@ -67,7 +67,6 @@ GEM
     database_cleaner-redis (2.0.0)
       database_cleaner-core (~> 2.0.0)
       redis
-    date (3.3.3-java)
     delayed_job (4.1.11)
       activesupport (>= 3.0, < 8.0)
     delayed_job_active_record (4.1.7)
@@ -78,14 +77,14 @@ GEM
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
-    erubi (1.12.0)
+    erubi (1.11.0)
     factory_bot (6.2.1)
       activesupport (>= 5.0.0)
     factory_bot_rails (6.2.0)
       factory_bot (~> 6.2.0)
       railties (>= 5.0.0)
     ffi (1.15.5-java)
-    globalid (1.0.1)
+    globalid (1.0.0)
       activesupport (>= 5.0)
     hashie (5.0.0)
     htmlentities (4.3.4)
@@ -95,14 +94,14 @@ GEM
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
     jdbc-postgres (42.2.25)
-    jwt (2.6.0)
-    listen (3.8.0)
+    jwt (2.5.0)
+    listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.19.1)
+    loofah (2.19.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.8.0.1)
+    mail (2.8.0)
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
@@ -110,19 +109,18 @@ GEM
     marcel (1.0.2)
     method_source (1.0.0)
     mini_mime (1.1.2)
-    minitest (5.17.0)
-    mock_redis (0.35.0)
+    minitest (5.16.3)
+    mock_redis (0.34.0)
       ruby2_keywords
-    net-imap (0.3.4)
-      date
+    net-imap (0.3.1)
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.0)
       timeout
     net-smtp (0.3.3)
       net-protocol
-    nio4r (2.5.8-java)
+    nio4r (2.7.3-java)
     nokogiri (1.13.10-java)
       racc (~> 1.4)
     omniauth (1.9.2)
@@ -134,16 +132,16 @@ GEM
     optimist (3.0.1)
     patience_diff (1.2.0)
       optimist (~> 3.0)
-    pry (0.14.2-java)
+    pry (0.14.1-java)
       coderay (~> 1.1)
       method_source (~> 1.0)
       spoon (~> 0.0)
     pry-rails (0.3.9)
       pry (>= 0.10.4)
-    puma (6.0.2-java)
+    puma (6.3.1-java)
       nio4r (~> 2.0)
-    racc (1.6.2-java)
-    rack (2.2.6.2)
+    racc (1.8.1-java)
+    rack (2.2.9)
     rack-test (2.0.2)
       rack (>= 1.3)
     rails (5.2.8.1)
@@ -162,8 +160,8 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
-      loofah (~> 2.19, >= 2.19.1)
+    rails-html-sanitizer (1.4.3)
+      loofah (~> 2.3)
     railties (5.2.8.1)
       actionpack (= 5.2.8.1)
       activesupport (= 5.2.8.1)
@@ -174,17 +172,17 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    redis (5.0.6)
+    redis (5.0.5)
       redis-client (>= 0.9.0)
-    redis-client (0.12.1)
+    redis-client (0.11.2)
       connection_pool
-    rexml (3.2.5)
+    rexml (3.3.7)
     rspec-core (3.12.0)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rspec-expectations (3.12.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.3)
+    rspec-mocks (3.12.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-rails (5.1.2)
@@ -196,16 +194,16 @@ GEM
       rspec-mocks (~> 3.10)
       rspec-support (~> 3.10)
     rspec-support (3.12.0)
-    ruby-saml (1.15.0)
+    ruby-saml (1.17.0)
       nokogiri (>= 1.13.10)
       rexml
     ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     spoon (0.0.6)
       ffi
-    sprockets (4.2.0)
+    sprockets (4.1.1)
       concurrent-ruby (~> 1.0)
-      rack (>= 2.2.4, < 4)
+      rack (> 1, < 3)
     sprockets-rails (3.4.2)
       actionpack (>= 5.2)
       activesupport (>= 5.2)
@@ -248,10 +246,11 @@ DEPENDENCIES
   nokogiri
   omniauth-saml (~> 1.10)
   pry-rails
-  puma
+  puma (~> 6.3.1)
   rails (~> 5.2.6)
   redis
   rspec-rails
+  ruby-saml (~> 1.17)
   rubyzip
   super_diff
   tzinfo-data
diff --git a/INSTALL.md b/INSTALL.md
index 05b35af..0297c95 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,4 +1,4 @@
-**Inštalačná príručka popisuje komponent verzie [3.7.2](https://github.com/slovensko-digital/slovensko-sk-api/releases/tag/v3.7.2), uistite sa, že čítate príručku [verzie komponentu](https://github.com/slovensko-digital/slovensko-sk-api/releases), ktorý používate.**
+**Inštalačná príručka popisuje komponent verzie [3.7.3](https://github.com/slovensko-digital/slovensko-sk-api/releases/tag/v3.7.3), uistite sa, že čítate príručku [verzie komponentu](https://github.com/slovensko-digital/slovensko-sk-api/releases), ktorý používate.**
 
 # slovensko.sk API - Inštalačná príručka
 
diff --git a/app/controllers/health_controller.rb b/app/controllers/health_controller.rb
index b676c0f..b1b017d 100644
--- a/app/controllers/health_controller.rb
+++ b/app/controllers/health_controller.rb
@@ -10,7 +10,7 @@ def index
     status = :ok
     health = {
       description: 'slovensko.sk API',
-      version: '3.7.2',
+      version: '3.7.3',
       status: 'pass',
       checks: {
         'environment:variables' => environment_variables,
diff --git a/lib/upvs/pom.xml b/lib/upvs/pom.xml
index 721affd..bc891ad 100644
--- a/lib/upvs/pom.xml
+++ b/lib/upvs/pom.xml
@@ -15,7 +15,7 @@
     <jax.version>2.3.1</jax.version>
     <jws.version>1.0-MR1</jws.version>
     <cxf.version>3.4.4</cxf.version>
-    <spring.version>5.3.15</spring.version>
+    <spring.version>5.3.39</spring.version>
     <guava.version>30.1.1-jre</guava.version>
     <slf4j.version>1.7.30</slf4j.version>
     <logback.version>1.2.3</logback.version>
diff --git a/public/openapi.yaml b/public/openapi.yaml
index 100a8ec..82b0681 100644
--- a/public/openapi.yaml
+++ b/public/openapi.yaml
@@ -2,7 +2,7 @@ openapi: 3.0.0
 
 info:
   title: slovensko.sk API
-  version: 3.7.2 (Komunitná verzia) 8.8.2 (Prémium verzia)
+  version: 3.7.3 (Komunitná verzia) 8.8.2 (Prémium verzia)
 
   description: |
     slovensko.sk API je proxy REST API komponent k službám www.slovensko.sk (Ústredný portál verejnej správy – ÚPVS), pomocou ktorých je možné:
diff --git a/spec/requests/health_spec.rb b/spec/requests/health_spec.rb
index 06ecef6..c7af969 100644
--- a/spec/requests/health_spec.rb
+++ b/spec/requests/health_spec.rb
@@ -71,7 +71,7 @@ def expect_fail(checks)
       expect(response.status).to eq(200)
       expect(response.object.with_indifferent_access).to match(
         description: 'slovensko.sk API',
-        version: '3.7.2',
+        version: '3.7.3',
         status: 'pass',
         checks: hash_including(*checks),
         links: {
diff --git a/spec/requests/sso/upvs_spec.rb b/spec/requests/sso/upvs_spec.rb
index 53578e6..b61f9db 100644
--- a/spec/requests/sso/upvs_spec.rb
+++ b/spec/requests/sso/upvs_spec.rb
@@ -6,7 +6,7 @@ def idp_response_object
   end
 
   def mock_idp_response(response)
-    OmniAuth.config.add_mock(:saml, extra: { response_object: OneLogin::RubySaml::Response.new(response) })
+    OmniAuth.config.add_mock(:saml, extra: { response_object: OneLogin::RubySaml::Response.new(response, {skip_conditions: true}) })
   end
 
   before do
@@ -52,7 +52,7 @@ def mock_idp_response(response)
       end
 
       context 'with invalid response' do
-        let(:idp_response) { 'INVALID' }
+        let(:idp_response) { '<invalid/>' }
 
         before(:example) { mock_idp_response(idp_response) }