Version: Cloud

Resolved Issues and Bug Fixes

Read more about resolved issues and bug fixes in this release.

Access request and approval

Unnecessary approval assignment mail sent

There was an issue where an unnecessary approval assignment email was sent when the request was auto-completed. The issue has been resolved and obsolete notifications are not sent anymore.

INC-288782

RoPE calculation behaviour for cancelled access requests

We fixed the issue where cancelled access requests were incorrectly treated as directed assignments - the cancelled status is now skipped during resource assignment load in the Role and Policy Engine.

INC-294979

Connectors

SAP environment provisioning issue

There was an issue with connectivity configuration. When a vault option was selected for storing secrets, the Connection details remained in Pending state, and the test connection option was unavailable. The issue has been resolved, and retrieving secrets from the vault for connector test connection functions properly.

INC-295552

RoPE tasks order update (Azure Active Directory connectivity)

From August 2025 Cloud Update, RoPE now allows executing disabled account provisioning tasks after permissions-related tasks (for backward compatibility, this feature is disabled by default). For some systems the previous configuration caused issues - they required assignments deletion before disabling accounts or didn't allow any changes to permissions if the account was disabled.

INC-282719

Active Directory delta import attributes

The Active Directory connectivity did not return all attributes during delta imports,. This issue has been fixed.

#INC-288085

Active Directory - reference properties failed if null value was sent

In Active Directory connectivity, the reference properties failed if the null value was sent, causing issues to clear attributes in AD that used reference properties. It has been fixed - now null values can be sent for reference properties to clear attributes.

INC-295050

ResourcePathGet not respected in reconciliation requests

When using the REST connector, the ResourcePathGet object detail was not respected in reconciliation requests. This issue has been fixed.

INC-294860

Role and Policy Engine

OData DateTimeOffset values

We have updated how DateTimeOffset values are serialized in OData responses. Previously, OData returned DateTimeOffset values using the offset of the host machine’s default time zone, even when the values represented Coordinated Universal Time (UTC). Now, OData consistently returns DateTimeOffset values using a zero offset (+00:00), clearly indicating UTC. This change improves clarity and ensures time values are interpreted correctly across systems.

INC-293811

Failing calcuation of identities

There was an issue where risk score calculations based on child resources caused a System.InvalidOperationException if no children were present. The calculation is now skipped when a resource has no children, and processing continues with the next risk score step.

INC-296855

Surveys

Survey export stability

We have introduced a new customer setting MaxSurveyExportDownloadObjects to resolve an issue with large numbers of objects downloaded in a single export resulting in instability and timeouts. By default, the setting value is set to 50. If the configured threshold is exceeded, the Download immediately option is disabled, allowing you to manage performance and maintain system stability during the export process.

For more information, go to the Customer settings section.

INC-292901

Survey mail notifications - incorrect behaviour

The incorrect behaviour of survey notifications has been fixed - now only the approvers that still need to perform an action are notified.

INC-293934 and INC-294121

Other

"Leave site" pop-up

There was an issue with a Leave site pop-up unnecessarily appearing when navigating between different sections of Omada Identity. The issue has now been resolved.

INC-293444

`ValidFrom` Date/Time validation error

There was an issue with the time conversion to UTC format happening multiple times. Depending on the time zone, it resulted in Date/Time validation error. The issue has been resolved, and the time conversion does not trigger validation errors.

INC-292848

Function level Access controls issues

We have enhanced control over archive operations jobs by limiting access to them when triggered via web services. The roles needed for that are ObjectUId.UserGroup.Administrators, ObjectUId.UserGroup.OperationAdministrators (accessed through the Operations dashboard), and ObjectUId.UserGroup.SystemOwners (accessed through the System page).

INC-294061

Honorable mentions

If a thing is worth doing, it is worth doing well. We extend our gratitude to everyone who found, reported, and helped us fix the issues, contributing to the release quality. Our special thanks go to Heino, Helena, and Henrik.

Access request and approval​

Unnecessary approval assignment mail sent​

RoPE calculation behaviour for cancelled access requests​

Connectors​

SAP environment provisioning issue​

RoPE tasks order update (Azure Active Directory connectivity)​

Active Directory delta import attributes​

Active Directory - reference properties failed if null value was sent​

ResourcePathGet not respected in reconciliation requests​

Role and Policy Engine​

OData DateTimeOffset values​

Failing calcuation of identities​

Surveys​

Survey export stability​

Survey mail notifications - incorrect behaviour​

Other​

"Leave site" pop-up​

ValidFrom Date/Time validation error​

Function level Access controls issues​