Powered by Algolia

    New in v4.2.1.6

    Version 4.2.1.6 is a minor upgrade with numerous bug fixes and a few new features. The full set of changes can be found in the change log. The sections below provide an overview of the improvements.

    Authentication

    • Integration with Criipto to allow end-users to authenticate using EU BankId such as MitID
    • Contents of the access_token used in oAuth have improved configurability.
    • Resolve issues with logout with SAML.

    Privacy and Consent

    • Consent management functionality was introduced with the ability to support multiple languages, consent history, validate date, and admin tools to manage customer consent. The details on how to configure consent management can be found in the document by this link.
    • The terms and conditions section has been dropped.

    Self-service portal

    • Allows authorized users to create bulk access requests.

    Deployment improvement

    • Docker deployments now support Ubuntu 22.04 and RHEL 8.8.
    • RPM support for RHEL 8.7 and 8.8 on Azure.

    Performance

    • Reconciliation has been improved to support better performance.
    • Janus Graph related performance improvements made in the previous version only available in K8 deployment. In 4.2.1.6 they are available in RPM deployments.

    API and Script changes

    New scripts

    • iamscripts/idp/TestCriiptoTransformationAuthenticator.groovy
    • iamscripts/AM/sp/CustomServiceProviderRelayStateGenerator.groovy

    Removed the following scripts

    • iamscripts/sync/log/log/LogSampleMatchRule.groovy

    Changes to out of the box Groovy scripts

    iamscripts/batch/passwordNearExpNotification.groovy Changed the following line:

    List<Login> loginList = loginManager.getInactiveUsers(INACTIVE_DAYS, 0)?.principalList

    TO

    List<Login> loginList = loginManager.getInactiveUsers(INACTIVE_DAYS, 0)?.getList()

    In iamscripts/batch/passwordNearExpNotification.groovy the following line changed:

    List<Login> loginList = loginManager.getUsersNearPswdExpiration()?.principalList

    TO

    List<Login> loginList = loginManager.getUsersNearPswdExpiration()?.getList()

    For synchronization

    The following custom match scripts should be changed (only in case there is any, since there is no default out-of-the-box script) as follows.

    org.openiam.model.UserSynchronizationPair

    TO

    org.openiam.model.UserPair
    org.openiam.model.RoleSynchronizationPair

    TO

    org.openiam.model.RolePair
    org.openiam.model.GroupSynchronizationPair

    TO

    org.openiam.model.GroupPair
    org.openiam.model.ResourceSynchronizationPair

    TO

    org.openiam.model.ResourcePair
    org.openiam.model.PolicySynchronizationPair

    TO

    org.openiam.model.PolicyPair
    org.openiam.model.OrganizationSynchronizationPair

    TO

    org.openiam.model.OrganizationPair
    org.openiam.model.ManagedSystemSynchronizationPair

    TO

    org.openiam.model.ManagedSystemPair
    Previous
    New in v4.2.1.5
    Next
    New in v4.2.1.7