Release Highlights

The 3.16.0 release is brings several notable improvements:

  • It is possible to create dynamic policies, activating 2FA. Exposed as a new policy in Authentication Flow configuration. Dynamic MVEL based rule can take decision basing on user’s attributes, 1st factor used and other information.
  • SAML IdP can be configured to return the NotBefore constraint
  • SAML authenticator can filter trusted federation IdPs basing on their attributes set in metadata
  • Authentication Context Reference obtained from upstream OAuth and SAML IdPs is preserved and exposed for use in output profile as well as available in dynamic MFA activation policy. This allows for forwarding this information to Unity relying parties as well as ensuring MFA is not repeated, if was already performed by upstream IdP.
  • Several performance optimizations were applied:
    • fixed problem with slow loading of Requests view in Console, in case of many user enquiry responses
    • when entering console the root group is not automatically selected in Groups Browser.
    • there are small optimizations in bulk query API, improving some of the Unity operations spanning whole users directory.
    • indexes were added to the tokens DB table

Migration consideration

MySQL users shall ensure that permissions to create procedures are granted to the Unity DB user. See Update instructions in the manual for details, if you are on this DB.