Version: Cloud

Resolved Issues and Bug Fixes

Read more about resolved issues and bug fixes in this release.

Role and Policy Engine

RoPE performance issue

We have fixed a performance issue where the discovery of auto accounts for logical applications generated many duplicate auto accounts. We have also fixed a performance issue where resolving the assignment attribute values was impacted by the number of context memberships and assignment attributes.

INC-280861

Implicitly assigned resources without "is managed" are being removed

We have fixed the way we calculate an implicit parent. Now, to become implicitly assigned, a role must meet the following conditions:

The identity is assigned to all the child resources of the role.
None of the child resources is in disabled state. If any of them is in disabled state, then the role will not be implicitly assigned. However, if a child resource is marked as deleted, typically because it is deleted in the target system, RoPE will still assign the parent role implicitly if the remaining child resources are assigned.

For more details, see the Implicit assignments of roles section in Assignments.

INC-282343

Access Approvals

Encountering a 404 error on the Approval task page

We have fixed a bug where users were encountering a 404 error when clicking on Approval task links in email notifications.

INC-283097

Connectors

Active Directory OPS didn't accept a slash (/) in the organizational unit field

The Active Directory connector returned an error if the organizational unit contained a slash (/). This issue has been fixed.

INC-284508

Warehouse mapping errors not visible under IGA systems

We have fixed an issue where Warehouse mapping errors were not visible under IGA systems.

INC-284393

Documentation

Governance for Omada Identity - OData permissions?

We have made the OData API documentation more precise, specifying which users are excluded from the users entity type in cloud and on-prem versions of Omada Identity. For more details, see the Data object type section of OData REST API.

INC-282670

Other

Potential SQL Injection in JSON POST Parameter

We have fixed a bug where a JSON POST request with the sidx parameter modified to include a quotation mark would return an error message. To address this issue, we have added an additional validation for the sidx parameter in the http://webservice/JQGridPopulationWebService.asmx/GetPagingData API endpoint.

INC-284331

Potential XPath Injection in JSON POST Parameter

We have fixed a bug where a JSON POST request sent to the application with te GroupBy parameter modified to include a single quote would return an error message. To address this issue, we have added an additional validation for parameter GroupBy in http://webservice/JQGridPopulationWebService.asmx/GetPagingData API endpoint.

INC-284329

Export queries and mappings

Visibility issues for export warning

There was an issue with the visibility of the export warnings after the November 2024 update. Warnings were not visible on the Omada Identity system if the Governance feature was not enabled. The issue has been resolved and the warnings are now displayed correctly.

Role and Policy Engine​

RoPE performance issue​

Implicitly assigned resources without "is managed" are being removed​

Access Approvals​

Encountering a 404 error on the Approval task page​

Connectors​

Active Directory OPS didn't accept a slash (/) in the organizational unit field​

Warehouse mapping errors not visible under IGA systems​

Documentation​

Governance for Omada Identity - OData permissions?​

Other​

Potential SQL Injection in JSON POST Parameter​

Potential XPath Injection in JSON POST Parameter​

Export queries and mappings​

Visibility issues for export warning​