Release notes
Compromised Password Check
Added support for checking for compromised passwords by integrating with . This feature can be enabled trough the following configuration property. The integration requires an access key from HaveIBeenPwned, which can be updated in the 'Compromised Password Check-AccessKey' property.
When enabled, the password reset and random password generator will use the provider's (HaveIBeenPwned.com) APIs to determine whether the password entered has been compromised. A compromised password will make the reset operation fail and error message will be displayed in the UI.
Google Connector Enhancements
Google connector has been enhanced to support a new OrgUnit data format and user delegate management.
OrgUnit Data Fomat
OrgUnit data format can be used to export, lookup and import Organizational Units (OU) in Google Workspace. Import supports add, modify and delete. Filter and paging are not supported for this data format. The following is the list of attributes supported for this data format.
| Name | Type | Export | Create | Modify | Delete | Comments |
| blockInheritance | String | Y | Y | Y | N | Determines if a sub-organizational unit can inherit the settings of the parent organization. The default value is false |
| description | String | Y | Y | Y | N | Description of the organizational unit. |
| etag | String | Y | N | N | N | ETag of the resource. |
| kind | String | Y | N | N | N | The type of the API resource. For Orgunits resources, the value is admin#directory#orgUnit. |
| name | String | Y | Y | Y | N | The organizational unit's path name. For example, an organizational unit's name within the /corp/support/sales_support parent path is sales_support. |
| orgUnitId | String | Y | N | Y | Y | The unique ID of the organizational unit. |
| orgUnitPath | String | Y | Y | Y | N | The full path to the organizational unit. The orgUnitPath is a derived property. When listed, it is derived from parentOrgunitPath and organizational unit's name. For example, for an organizational unit named 'apps' under parent organization '/engineering', the orgUnitPath is '/engineering/apps'. |
| parentOrgUnitId | String | Y | Y | Y | N | The unique ID of the parent organizational unit. |
| parentOrgUnitPath | String | Y | Y | Y | N | The organizational unit's parent path. For example, /corp/sales is the parent path for /corp/sales/sales_support organizational unit. |
The following are the API scopes required for org unit management.
| Action | Scope |
| Export | |
| Import |
Manage User Delegates
User data format has been enhanced to support delegate settings for a user. The operations of export, lookup and import are supported for delegates. Import supports add and delete of delegates. The following is the list of attributes supported to handle delegates.
| Name | Export | Import | Comments |
| EmailSettings.Delegate->email | Y | Y | The email address of the delegate. |
| EmailSettings.Delegate->verificaionStatus | Y | N | Indicates whether ownership of an email address has been verified for delegation use. |
JSON Data Format in Flat File Connector
Flat File connector has been enhanced to support JSON data format. Export, Lookup and Import are supported for this data format. Import supports add, modify and delete of entries in the JSON file. The implementation is generic enough to support any type of JSON schema.
Configure Attributes
The first step is to configure the attributes for export/lookup/import. This can be done by providing template JSON file. For lookup, this option is available under advanced settings. Once the template JSON is configured, the entry node should be configured.
Once the template JSON entry node are configured, attribute for export/lookup/import can be selected. The attribute names here are relative to entry node.
Oracle HCM Enhancements
Oracle HCM connector has been enhanced to replace Employee (EMPS) API calls with Worker API as much as possible. The service account should have enough permissions to call worker API after applying this patch. The following are the changes made to the connector. Also, introduced two export/lookup only data formats Role and User Role.
Test Connection
Test connection is modified to replace Employee API with Worker API. Get worker is called with a limit of 1 to make sure that the service account credentials are valid and has enough permissions to call worker API.
Worker Filter
Worker export and lookup are enhanced to support more filter attributes. All connector level filter handling for Worker export and lookup are replaced with API filters. To make API filters work, the RestFrameworkVersion parameter should be configured for export and lookup. The default value for this parameter is set to 7, but this change won't reflect in old workflows. So all existing Worker export/lookup workflows using filters should be adjusted to set this parameter.
Worker Data Format Manage User Account and Role
Worker data format has been enhanced to support user account management and user account role management. Connector was using Employee API to manage these settings. So existing workflows managing user account settings and role should be adjusted to use this option.
| Name | Type | Export | Create | Modify | Delete |
| user->CreatedBy | String | Y | N | N | N |
| user->CreationDate | Date | Y | N | N | N |
| user->CredentialsEmailSentFlag | Boolean | Y | Y | Y | N |
| user->GUID | String | Y | N | Y | Y |
| user->LastUpdateDate | Date | Y | N | N | N |
| user->LastUpdatedBy | String | Y | N | N | N |
| user->PersonId | String | Y | Y | Y | N |
| user->SuspendedFlag | Boolean | Y | Y | Y | N |
| user->userAccountRoles->CreationDate | Date | Y | N | N | N |
| user->userAccountRoles->LastUpdateDate | Date | Y | N | N | N |
| user->userAccountRoles->RoleCode | String | Y | Y | N | N |
| user->userAccountRoles->RoleGUID | String | Y | Y | N | N |
| user->userAccountRoles->RoleId | String | Y | Y | N | Y |
| user->userAccountRoles->UserRoleId | String | Y | N | N | Y |
| user->UserId | String | Y | Y | Y | N |
| user->Username | String | Y | Y | Y | N |
Role Data Format
Introduced new data format to export and lookup roles. This data format supports paging, filter and get entry by Id options. The following is the list of attributes supported for this data format.
| Name | Type |
| AbstractRole | String |
| ActiveFlag | Boolean |
| DataRole | String |
| DelegationAllowed | String |
| Description | String |
| DutyRole | Boolean |
| ExternalRole | Boolean |
| JobRole | Boolean |
| ObjectVersionNumber | Number |
| RoleCode | String |
| RoleId | Number |
| RoleName | String |
User Role Data Format
Introduced new data format to export and lookup user roles. This data format supports paging, filter and get entry by Id options. The following is the list of attributes supported for this data format.
| Name | Type |
| Description | String |
| Reqrownumber | Number |
| RequestableFlag | Boolean |
| RoleCode | String |
| RoleId | Number |
| RoleName | String |
| SelfRequestableFlag | Boolean |
| Selfrownumber | Number |
| Username | String |
Moodle 2 Connector - Version Support
Moodle 2 connector has been enhanced to support all released versions as of May 1, 2023. Moodle 2 connector version selection option was limited to values in the range 2.3 to 2.9. Now the options are available up to 4.1.
Fixed defects
List of defects reported by customers or implementation, does not contain defects raised internally.
-
Fixed issue with password reset REST end-point generating internal server error.
Feature Affected: Password reset REST API
-
Fixed issue with scheduled reports, which prevented viewing report schedules from admin user interface.
Feature Affected: Reports
-
Fixed certification issue which failed to initiate certification campaign when there are more than 250 certifiers
Feature Affected: Compliance
-
Fixed enable/disable user access requests not completing, due to missing database column reference.
Feature Affected: Enable/Disable User Access
Downloads
The download links below are applicable to Fischer on-premise customers that host the Fischer IdM software in their environment. If you are a Fischer IaaS (Cloud) customer, all delivery of updates are performed by Fischer on a scheduled basis.
To download the latest update, you will need a login to the Fischer Release portal. If you are a Fischer on-premise customer and would like to request an account to the Fischer Release portal, please submit a request through the Fischer ticketing system.
Identity Linux 7.7.16 Installer
Identity Windows 7.7.16 Installer
DataForum Linux 7.7.16 Installer
DataForum Windows 7.7.16 Installer
Gateway Linux 7.7.16 Installer