Powered by Algolia

    New in 2026.3.3

    OpenIAM version 2026.3.3 introduces new capabilities in rule management, Active Directory performance, and connector functionality, alongside important infrastructure updates and critical bug fixes. This release focuses on scalability, performance under load, and improved deployment flexibility.

    New features

    Rule management and configuration

    OE-1491 – Bulk export and import of business rules & linked objects
    Introduced bulk import/export capabilities for business rules and related objects, addressing large-scale environments with hundreds or thousands of rules:

    • Supports mass loading and migration of rules.
    • Current support includes Roles and Rules.
    • Extended support planned for Groups, Resources, and Organizations.

    Installer and deployment

    OE-3802 – Pass product code via command-line parameters
    Added support for passing a custom product code during installer execution, enabling more flexible connector builds and deployment scenarios.

    Active Directory and performance optimization

    OE-3922 – AD RootDSE caching implementation
    Implemented caching for RootDSE queries to reduce repeated calls to domain controllers:

    • Minimizes overhead for repeated requests.
    • Improves performance in AD-heavy environments.
    • Safe caching due to low frequency of RootDSE changes.

    Logging improvements

    OE-3924 – Enhanced logging in ADLoginModule
    Improved logging structure and clarity within the ADLoginModule:

    • Better distinction between business and internal events.
    • Refined log levels (trace, debug, operational logs).
    • Improved troubleshooting and observability.

    Enhancements and tasks

    DevOps and deployment

    OE-3824 – Connector Helm chart separation
    Separated connector Helm charts from the Kubernetes project into standalone charts managed via the java-connectors repository.

    OE-3852 – SelfService V2 SPA setup
    Added required configurations and assets to support the new SelfService V2 single-page application across:

    • rpm-utils
    • openiam-docker-compose
    • kubernetes-docker-configuration

    API and integration

    OE-3846 – REST API endpoint for route checks
    Introduced a new REST API endpoint that validates routes using the same filters and logic applied to JSP pages.

    Connector improvements

    OE-3879 – Teams connector: user provisioning support
    Added support for user provisioning in the Teams connector, including phone number assignment and enterprise voice configuration.

    OE-3917 – PsGraph connector: MFA reset support
    Enabled the ability to reset MFA for users during SAVE operations in the PsGraph connector.

    Bug fixes

    Installer and deployment

    OE-3797 – Multi-instance installer naming issue
    Resolved an issue where custom product names were ignored when installing multiple instances using MSI transforms.

    OE-3938 – Increased max file size in nginx RPM
    Updated configuration to support larger file uploads and prevent failures due to size limits.

    Authentication and user experience

    OE-3871 – New user login loop
    Fixed an issue where new users were repeatedly redirected to the password entry page during login.

    Active Directory and synchronization

    OE-3859 – AD sync failure due to RabbitMQ message size
    Resolved synchronization failures caused by oversized message payloads when processing users with large group memberships.

    OE-3882 – Performance degradation during AD synchronization
    Improved performance for AD synchronization involving large datasets (~13K objects), reducing system slowdown during execution.

    Messaging and system load

    OE-3885 – RabbitMQ timeout during high-volume operations
    Fixed timeout issues occurring when performing user operations (role/group assignments) during large synchronization jobs (>5K users).

    Access certification and performance

    OE-3881 – UAR campaign performance delays
    Optimized UAR campaign execution for large environments:

    • Reduced processing time for high-volume datasets (~91K entitlements / 7K users).
    • Improved notification timing and batching behavior.

    UI and workflow

    OE-3897 – SelfService portal timeout
    Resolved portal timeouts caused by inefficient workflow history queries:

    • Optimized database queries.
    • Reduced load from large historical datasets.

    Security

    OE-3906 – Consul exposure and weak authentication vulnerability
    Addressed a critical security issue involving unauthenticated access to the Consul administration console:

    • Enforced authentication requirements.
    • Improved default security configurations.
    • Strengthened password policy enforcement guidance.

    Audit and logging

    OE-3974 – Audit log export issues
    Fixed multiple issues affecting audit log export:

    • Resolved TLS configuration problems.
    • Improved log format transformation.
    • Added retry logic for failed exports.

    More on Audit log exporting feature can be found in this document.

    Minor improvements

    • General performance and scalability improvements across synchronization and messaging layers.
    • Enhanced system stability under high-load conditions.
    • Improvements to connector lifecycle and deployment flexibility.
    • Refinements to logging, debugging, and observability.
    • Ongoing alignment with modern infrastructure and deployment standards.
    Previous
    New in v2026.3.2
    Next
    New in v2026.4.1