The checkbox to enable/disable a SAML authentication profile in Identity Manager Admin has been removed. From now on the configuration is always active by default. Customers who want to disable SAML can do this now in the runtime system, in the system properties in the Admin tab of Identity Manager Operator. From 21.04 on, the visibility of any authentication method can be controlled here.
If multiple nodes of Identity Manager (e.g. in a HA setup) are deployed, the nodes need to get dedicated names to differentiate in the business logic from which node requests are coming. In the past this was done via the parameter "explorerInstanceId" in system.properties. Now a new parameter called "idmInstanceID" has been introduced for that case, that can be set via a corresponding label in the docker-compose file. The old parameter "explorerInstanceId" will still work for backwards compatibility reasons but will be removed in the future. therefore it is recommended to switch to the new setting now.
Port configuration for Certificate login
As part of the changes on the Identity Manager login screen, an additional port parameter has been introduced in system.properites. From now on, the client auth TLS port, that expects the user authentication certificate needs to be configured in system.properites. Therefore the new parameter "login.certificateLoginPort=<portNo>" has to be set via docker-compose label in Identity Manager Operator and Identity Manager Admin, if certificate based authentication is used.
New data pool field "search config" for batch orders
In the data pools of type "order" a new standard field "search config" has been introduced. This needs to be activated for all batch orders from now on and was introduced as part of the CRED-10232 bugfix.
Go to "data pools" in Identity Manager Admin.
Open all data pools of type "order".
Select the tab "Data Source" in the order data pool.
Open the "field selection" and activate "search config".
Save the change and repeat the steps for each data pool of type "order".