diff --git a/docs/simplesamlphp-upgrade-notes-1.5.txt b/docs/simplesamlphp-upgrade-notes-1.5.txt
new file mode 100644
index 0000000000000000000000000000000000000000..2fb9993eefbcebfc406d0424471b92f39674b253
--- /dev/null
+++ b/docs/simplesamlphp-upgrade-notes-1.5.txt
@@ -0,0 +1,17 @@
+Upgrade notes for simpleSAMLphp 1.5
+===================================
+
+  * `SimpleSAML_Session::isValid()`
+
+    If your code calls `$session->isValid()` without an argument, you will now have to update it to pass an argument (probably `saml2`).
+    The reason for this change is that calling `$session->isValid()` without an argument can easily create a security hole.
+
+
+  * We have introduced a new module for SAML authentication.
+    This authentication module supports both SAML 1.1 and SAML 2.0 IdPs.
+
+    We have also added a new authentication framework which should replace the previous redirects to the initSSO-scripts.
+    Relating to this change, we have also deprecated the `initSSO`-scripts for SAML 1.1 and SAML 2.0 authentication.
+    The old methods will still be supported for a while, but new code should probably use the new code.
+
+    See the [migration guide](http://rnd.feide.no/content/migration-modularized-saml-service-provider) for more information about this.