MidPoint 4.9, code-named “Verne”, was released in October 2024. Similar to Verne’s novels, it brings several technological advancements. You can look forward to significant improvements in role mining and the first version of outlier detection. Moreover, midPoint 4.9 focuses on streamlining entitlement management, which is described in detail in a new methodology and backed up by a training. Recently, the first maintenance update, midPoint 4.9.1, was released. This update includes important fixes, stability improvements, and different performance and usability improvements. Let’s look at the major enhancements in more detail.
Role mining, first introduced in midPoint 4.8, helps organizations analyze and optimize access rights. Now, with midPoint 4.9, this capability has been significantly enhanced, making role analysis even more efficient, intuitive, and insightful. Improvements such as pre-defined modes provide pre-configured parameters for successfully running a role mining session targeting a specific use case. Additionally, advanced attributes analysis helps in the next steps when deciding how to name or what to do with the discovered role. In October, Tadeáš Chrapovič showcased role mining in midPoint 4.9 during the webinar Role Mining in MidPoint: Transformative Access Governance Webinar.
A large part of the midPoint 4.9 release was focused on streamlining the work with entitlements in midPoint. As a part of it, new methodology was introduced that came with the training that guides you through it step by step. The teaser for the training was presented by Ivan Noris during the Group Management with MidPoint webinar. It covered the biggest problem usually faced by organizations, which is to stop considering a target system as an authoritative source for groups and their memberships, and start using midPoint to enforce it using roles and assignments. Ivan showed how such a change in entitlement management might be done step by step, entitlement by entitlement, eventually ending up with full control in midPoint.
As you could also see in the webinar, a lot of improvements were made to achieve this. GUI changes include improvements for the wizards to help with the configuration for synchronizing entitlements to and from midPoint, and a new wizard for synchronizing associations from and to midPoint with completely new configuration also on the backend. In addition, bundled connectors were improved to support native associations, provenance metadata was productized to behave as default ranges for multi-valued attributes such as assignments, new marks were introduced with extended configuration for tolerance of association existence, and many more.
In another webinar by Ivan Noris: Teaser: MidPoint Deployment Intermediate Training, he revealed the content of another training, Deployment Intermediate Training, which is expected to be released by the end of February. The aim of this training is to understand and know how to work with midPoint’s configuration objects in XML and be able to get these objects versioned, for example, in Git. To provide a convenient way to switch from configuring midPoint using GUI to having the configuration objects versioned, the midPoint Studio, the Intellij IDEA plugin, was improved. New functionality was added to cleanup configuration objects after they are downloaded from midPoint. Operational data such as metadata are automatically removed, while others such as resource schema are configurable, and a user can decide what will happen. Moreover, with the new version of the midPoint Studio plugin, it is possible to compare the local version of the object with the version present in midPoint, choose which changes should be applied, and, in that way, merge the two versions of the same object. Such objects, properly cleaned up and merged, can be later updated in, for instance, Git.
In addition to features and improvements related to both trainings, midPoint 4.9 brings even more. Access certification pages related to end users were re-worked with an emphasis on improving the UX. All the changes, including the new configuration options, were presented in The Power of Access Certification Webinar held in November by Kate Honchar. One interesting aspect is the new possibility to manage extension schema completely in the GUI without the need to restart midPoint. A second interesting aspect is the content assistant of midPoint query language being integrated into midPoint Studio. And of course, there is even more, so if you are interested, please read the full release notes for both, midPoint 4.9 and midPoint 4.9.1, releases.
Would you like to discuss the benefits of midPoint in person? Meet us at the MidPoint Community Meetup 2025, taking place from May 12-14, 2025, in Bratislava, Slovakia, where Evolveum and midPoint users will connect to talk about the platform’s future. See the agenda here and register here.