Incompatible changes

When you update to IDM 7.3.1 from the last major version, the following changes may impact existing deployments. Adjust existing scripts, files, clients, and so on, as necessary.

If you are upgrading from an older release, review the changed functionality from all releases after your current version of IDM:

Changes between IDM 7.3.0 and 7.3.1

Workflow engine upgrade

The Flowable embedded workflow engine has been upgraded to version 6.8.0. If you are upgrading from a previous version of IDM and use workflow, this upgrade requires one or more incremental upgrade scripts. For more information, refer to Upgrade an existing repository.

Changes between IDM 7.2.x and 7.3.0

Synchronization JSON array comparison is order-agnostic

JSON array comparison during sync is now order-agnostic. This change may negate the need for certain custom scripts within mappings. For example, scripts that were previously required to sort ldapGroups values to avoid unnecessary target object updates.

Attribute encryption on assignments

Assignment attributes are now encrypted if the corresponding connector attribute indicates confidentiality, based on the attribute’s nativeType (such as JAVA_TYPE_GUARDEDSTRING or JAVA_TYPE_GUARDED_BYTE_ARRAY). As part of this change, the managed assignment object now includes the following property:

"attributeEncryption" : { }

If attributeEncryption is not present, the assignment attributes are not encrypted. If the property is present but empty, it will default to IDM’s default encryption cipher. To specify a different cipher, add the cipher property. For example:

"attributeEncryption" : {
  "cipher" : "AES/CBC/PKCS5Padding"
}

Additionally, secrets.json has a new secret: idm.assignment.attribute.encryption.