Release Highlights

Key changes of the 4.3.0 release:

  • Token Exchange endpoint update: the previous implementation based on an early draft has been replaced with an implementation compliant with RFC 8693.
  • Support for Pattern Scopes: OAuth identity providers can define open-ended scopes using regular-expression patterns, enabling controlled handling of dynamic scopes.
  • Issuance of Pattern Scopes: OAuth clients may be authorized to request pattern scopes, which can be resolved into concrete scopes (matching the pattern) via the Token Exchange endpoint.
  • External authorization of OAuth requests: the OAuth authorization flow can delegate decisions to an external program (e.g., a Python script), which may deny or approve requests and optionally enrich tokens with additional claims.
  • Native handling of JSON encoded attributes – allows for precise control of the content of OAuth claims (e.g. creation of 1-element array claims).

 

Bug fixes:

  • Corrected handling of output profile context during OAuth token refresh.
  • Improved multiselection handling in the Entities view of the Unity Console Directory Browser.

Upgrade from 4.2.x

Unity-IdM 4.3.0 introduces minor migration changes, so it is recommended to back up the database and thoroughly test the new release before performing an upgrade on production instances.

 

Go back to all releases
4.3.0 was published on 19/12/2025
Assets
Detailed changelog, complete documentation & downloads
View
Downloads
Direct access to the 4.3.0 packages
Download
User manual
Read the 4.3.0 user manual
Read