Powered by Algolia

    New in v4.2.2

    OpenIAM version 4.2.2 delivers new functionality, architectural improvements, performance optimizations, and enhancements across the platform, Identity Governance, and Customer Identity (CIAM). The complete list of changes is available in the change log. The required steps for user upgrading to 4.2.2 version of OpenIAM from earlier versions are provided in this document.

    Platform enhancements

    • Added a descriptive analytics dashboard providing real-time operational and identity insights.
    • Introduced Prometheus-based monitoring for system health, performance, and service metrics.
    • Completed a Groovy Manager redesign, including improved editing, version history, auditing, and advanced search.
    • Improved memory and performance efficiency, enabling stable operation in 32GB environments.
    • Reduced backend latency and improved UI responsiveness.
    • Migrated core components:
      • Elasticsearch → OpenSearch
      • ETCD → Consul
    • Added platform-level notifications for maintenance, incidents, and operational updates.
    • Continued React-based UI migration, covering:
      • WebConsole administration features
      • Self-Service request administration and history
    • Enhanced password security with Have I Been Pwned integration.
    • Improved password validation across all authentication flows.
    • Added deployment support for CJIS and STIG profiles on RHEL.

    Identity Governance enhancements

    • Introduced Segregation of Duties (SoD) management via the UI, including enforcement during access requests and continuous violation monitoring.
    • Major refactor of Access Certification, including:
      • Redesigned user interface
      • Performance improvements for large-scale campaigns
      • Event-driven certification support
      • Certification-specific reporting backend
      • Tagging and enhanced search and filtering
    • Enhanced identity verification, including adaptive flows and Microsoft Teams Bot integration for approvals.

    Customer Identity (CIAM) improvements

    • Added configurable and passwordless authentication options (FIDO2, OpenIAM Auth App).
    • Introduced adaptive password change flows supporting multiple verification factors.
    • Enhanced risk-based authentication with behavioral analysis, contextual risk scoring, and device intelligence.
    • Added Teams-based delegated management using group membership.
    • Extended identity verification for CIAM onboarding and login flows.
    • Improved session management with configurable inactivity and maximum duration limits.
    • Added user profile switching in self-service without requiring logout.
    Previous
    New in v4.2.1.15
    Next
    New in v2026.1.1