Incompatible changes

Requests passing the _api parameter now require authorization. Learn more in Common REST.

Starting with IDM 7.3.0, unordered array comparison became the default behavior. For this release of IDM, ordered array comparison is the default behavior, restoring the default behavior from prior to IDM 7.3.0.

You can now use the comparison managed object schema configuration property to choose how JSON array comparisons are made with regard to array order.

Learn more about managed object schema properties and array comparison.

You must upgrade to Java 17, which is required by Jetty 12, to run IDM 7.3.2. Learn more in Embedded Jetty configuration.

The Flowable embedded workflow engine has been upgraded to version 6.8.0. If you’re upgrading from a previous version of IDM and use workflow, this upgrade requires one or more incremental upgrade scripts. For more information, refer to Upgrade an existing repository.

JSON array comparison during sync is now order-agnostic. This change may negate the need for certain custom scripts within mappings. For example, scripts that were previously required to sort ldapGroups values to avoid unnecessary target object updates.

Assignment attributes are now encrypted if the corresponding connector attribute indicates confidentiality, based on the attribute’s nativeType (such as JAVA_TYPE_GUARDEDSTRING or JAVA_TYPE_GUARDED_BYTE_ARRAY). As part of this change, the managed assignment object now includes the following property:

If attributeEncryption is not present, the assignment attributes are not encrypted. If the property is present but empty, it will default to IDM’s default encryption cipher. To specify a different cipher, add the cipher property. For example:

Additionally, secrets.json has a new secret: idm.assignment.attribute.encryption.