Release Highlights

Key changes of the 4.2.0 release:

  • Update minimum required Java version to 21 – any deployment must upgrade their Java runtime accordingly; older Java versions will no longer be supported
  • Remove requirement to authenticate clients holding locally-issued OAuth token also with password – Previously, clients holding an OAuth token issued locally still had to supply a client’s credential – this requirement is removed
  • Add support for ignoring AttributeConsumingServiceIndex in SAML AuthnRequests – The SAML module now supports ignoring the AttributeConsumingServiceIndex field in incoming authentication requests
  • Cyclic dependencies update for 4.2

Bug fixes:

  • Trusted SPs marked “Hide from discovery” were still appearing
  • Upman groups with a slash (/) in the name were not properly handled
  • NullPointerException during OAuth “verificator” TRACE logging
  • Authentication errors were not returning the correct response codes (should be 403) or proper SOAP faults in relevant modules

Upgrade from 4.1.x

Unity-IdM 4.2.0 introduces minor migration changes, so it is recommended to back up the database and thoroughly test the new release before performing an upgrade on production instances.

Go back to all releases
4.2.0 was published on 20/10/2025
Assets
Detailed changelog, complete documentation & downloads
View
Downloads
Direct access to the 4.2.0 packages
Download
User manual
Read the 4.2.0 user manual
Read