Release Notes - EmpowerID Build 7.213.0.0
EmpowerID Build 7.213.0.0 delivers significant advancements in identity governance and administration capabilities. This release focuses on enhancing enterprise-scale operations through improved connector infrastructure, expanded microservices functionality, and strengthened security controls.
In This Release
- Platform Updates
- Connectors
- Microservices
- Security & Performance
- Workflows
- Resolved Issues & UI Fixes
Platform Updates
Alignment with Microsoft Entra Branding
EmpowerID has been updated to reflect Microsoft's transition from Azure Active Directory to Microsoft Entra. This comprehensive update ensures terminology consistency across the Classic UI, Microservices interfaces, and Workflows, aligning with Microsoft's current identity and access management nomenclature.
The rebranding initiative maintains precision by retaining the "Azure" designation for core infrastructure services including Virtual Machines, Networking Services, Resource Manager (ARM), API Management, DevOps tooling, and Key Vault—services that continue to use Azure branding per Microsoft's specifications. This selective approach ensures accuracy while modernizing identity-related terminology throughout the platform.
Microservices
IAM Shop
Enhanced Privileged Session Monitoring
The Polling API has been enhanced with comprehensive session lifecycle tracking for Privileged Session Manager (PSM) applications. Real-time updates to the PrivSession table now include RecordingStatus, LastReported timestamps, and ProcessInstanceID values during active polling cycles, enabling accurate session state monitoring and automated termination management.
The EndSession API has been extended to update session status indicators when users close PSM applications, ensuring complete session lifecycle visibility and supporting audit requirements for privileged access management.
My Tasks
Modernized Business Request Reporting
Business Request (BR) and Business Request Item (BRI) reports have been successfully migrated from the legacy platform to My Tasks, introducing enhanced modularity and improved maintainability. The modernized reports provide comprehensive filtering capabilities including participant context, request categories, fulfillment stages, status types, audit references, and time-based queries. Business Request reports additionally support filtering by risk violations, approval presence, and pre-approval status.
Advanced Resource Subject Filtering
The Approver Decisions view now includes category-based filtering for target resource subjects, providing approvers with more granular control over request visibility and streamlining approval workflows for large-scale deployments.
Extended Request Attribute Visibility
The Request Details view has been enhanced with additional attribute controls displaying critical request metadata including Name, FriendlyName, DueDate, LastModified, ExpirationDate, and InactivityExpirationDate. These attributes provide approvers and auditors with comprehensive request context within the Request Details Overview.
Resource Admin
Refined App Management Roles Display
The App Management Roles section has been optimized to align with specific Authorization Models. For hybrid Azure-PBAC models, the interface now eliminates duplicate role displays—roles appear exclusively in the main grid. For non-Azure, non-PBAC models, previously hidden App Management Roles and associated grids (members, assignments) are now properly displayed.
Unified Ownership Management
Consistent display of Responsible Party, Owners, and Deputies across all application types has been implemented, with granular access control through dedicated permissions:
ResourceAdmin-ApplicationDetails-Overview-Owners-ControlResourceAdmin-ApplicationDetails-Overview-Deputies-ControlResourceAdmin-ApplicationDetails-Overview-ResponsibleParty-Control(new)ResourceAdmin-AzureApplicationDetails-Overview-Owners-Control(new)ResourceAdmin-AzureApplicationDetails-Overview-Deputies-Control(new)ResourceAdmin-AzureApplicationDetails-Overview-ResponsibleParty-Control(new)
Visibility is governed by permission-based access controls, ensuring role-appropriate access to ownership management functions across Azure and non-Azure applications.
Security & Performance
SAP Integration Optimization
Performance enhancements to SyncHandler and connection caching mechanisms address the requirements of modernized SAP Sunrise platform migrations. These optimizations reduce connection overhead and improve transaction throughput for enterprise SAP environments.
Advanced Caching and Vector Store Integration
This release integrates Azure Redis Cache for distributed caching scenarios and Chroma vector store service for advanced data operations. The Create Group operation has been refactored to use the CreateResourceOperation base class, establishing consistent patterns across resource creation workflows. Enhanced default activity templates improve out-of-box functionality and reduce configuration complexity.
Optimized Data Retrieval for Legacy Components
Legacy Component Views now support selective column retrieval, dramatically improving performance for high-volume data operations. By requesting only required columns, the system eliminates unnecessary property serialization and memory allocation.
Performance benchmarks demonstrate substantial improvements:
- Full property retrieval (10,000 records): 16.7 seconds, ~93.6 MB memory
- Selective column retrieval (3 properties): 2.7 seconds, ~32.8 MB memory
This represents an 84% reduction in processing time and 65% reduction in memory consumption, delivering significant benefits for large-scale identity data operations.
Workflows
Enhanced Fulfillment Group Assignment
The ManageAzLocalRightWizard workflow now includes an intelligent, searchable dropdown control for FulfillmentGroup/AssignedByGroupResourceID assignment within the Advanced Settings section. The autocomplete-enabled control streamlines fulfillment group association with application rights, automatically granting group membership to assignees when a fulfillment group is selected. Integrated tooltip guidance ("Assignees receiving this right will be added as a member of this group as well") ensures clarity during configuration.
Advanced No-Code Flow Execution Control
The No-Code Flow engine has been enhanced to support dependency-based sequential execution of flow items. Previously, dependent items only enforced ordering through approval-based "wait approval" mechanisms. The updated implementation now waits for precedent item fulfillment completion before proceeding, enabling administrators to define precise execution sequences without requiring approval steps. This advancement provides greater control over complex identity lifecycle workflows and improves automation reliability.
Resolved Issues & UI Fixes
This release addresses multiple issues affecting user experience, data accuracy, and system reliability across the platform.
Role Mining Campaign Grid Stability
Resolved a critical issue affecting the RoleMiningCampaignRun grid that caused interface failures during sort operations or page size modifications. The grid now maintains stability across all user interactions.
Business Request Source Attribution
Corrected missing source name display in Business Requests for Role Definition Assignments involving Set Groups. The interface previously displayed a dash ('-') placeholder; it now correctly shows Set Group details, ensuring consistency with other assignment types.
Role Definition Assignment Controls
Fixed Delete button behavior in the Role Definition Assignments section where the button remained active after submission, potentially enabling duplicate delete requests. The button now properly disables upon submission across all resource types, preventing unintended actions. Additionally, resource type descriptions under Role Definition now display correctly.
Computer Details Update Resolution
Resolved "Internal Server Error" responses when saving computer details through either the ViewOne page or Manage Computer Wizard. Users can now successfully update computer configurations without encountering errors.
Shopping Cart Secondary Display
Corrected cart button functionality following primary cart submission. The interface previously displayed "Your Shopping Cart is Empty" without showing available secondary carts. The cart button now properly displays the carts dropdown, providing access to all available shopping contexts.
Approver Decisions Report Enhancements
Addressed filtering limitations in the Approver Decisions report where Risk Type, Request Name, and Request Number filters failed to display corresponding data. The report now dynamically displays:
- Risk Type column when filter values (e.g., Critical Access) are selected
- Request Name and Request Number columns when advanced search criteria are applied
These enhancements enable approvers to validate filter results and make informed decisions based on complete request context.
PBAC Field Type Edit Access Control
Refined access control for the Edit Field Types option in PBAC Assignments under Resource Admin. The control previously appeared for all role assignments regardless of field type configuration. The button now renders only when users have appropriate permissions and the assigned role includes field type definitions, preventing unauthorized access attempts.
Field Type Selection Count Accuracy
Corrected a UI inconsistency in the PBAC Assignments section where field type value counts failed to update after modifications via the Configure Field Types workflow. The count now accurately reflects current selections when values are added or removed from multi-select field types.
Business Request Generation for Assignments
Resolved an issue in Resource Admin where App Right or Role Definition assignments submitted through the People section failed to generate business requests. The UI displayed success popups without business request details despite successful backend processing. Assignments now correctly generate business requests with appropriate confirmation messaging, ensuring complete audit trails for access modifications.