Release Highlights

The 4.1.0 release focuses on improving authentication, with a particular emphasis on better MFA handling.

  • Authentication Method Reference (AMR) support: Administrators can now utilize information on active AMRs in the configuration of dynamic attributes and claims returned by any IdP endpoint.
  • OAuth IdP recognizes requested ACRs (Authentication Context References).
  • OAuth and SAML authenticators can request ACRs: Requests can be fixed (set in configuration) or dynamic, forwarding the requested ACR from the downstream client (useful for proxy IdP scenarios).
  • Unity now returns the auth_time claim.

Additionally, Unity introduces a proprietary feature allowing OAuth clients to specify a whitelist of claims, effectively filtering the returned claims to only those values deemed relevant.

Upgrade from 4.0.x

While version 4.1.0 does not introduce major changes that might increase migration risk, it is still advised to back up the database and thoroughly test the new release prior to upgrading.

Go back to all releases
4.1.0 was published on 10/04/2025
Assets
Detailed changelog, complete documentation & downloads
View
Downloads
Direct access to the 4.1.0 packages
Download
User manual
Read the 4.1.0 user manual
Read