Unit4 Financials by Coda 2026Q2

Unit4 Financials by Coda 2026Q2R2 was made available on 15th June 2026.

The following enhancements and fixes are included in this maintenance release:

Electronic Invoicing – Life Cycle Tracking (Inbound CDAR API)

A new REST resource has been introduced for Electronic Invoicing life cycle tracking. This resource captures and records status updates received in CDAR format from the certified service provider (PA/PDP).

For further details, please refer to the Electronic Invoicing Life Cycle API documentation.

Fixes

• Bug 1101870 – Resolved an issue where the workflow typescope was missing in the 2026Q2 release. The typescope is now included, enabling workflow definitions to be successfully imported during installation and upgrades.

Highlights of the 2026Q2 release include:

Administration:

Trusted Certificates Master

A new Ignore invalid certificates setting has been introduced, allowing IPPS protocols to ignore any certificate warnings or errors on the endpoint when it is enabled. The default is enabled.

Output Protocols

The IPPS protocol can use the Trusted Certificates Master to verify the remote server certificate. When ‘Ignore invalid certificates’ is enabled, warnings and errors about the certificate are ignored for this protocol.

Certificate Master

A new certificate master has been added to store third party certificates. Each certificate master stores a single encrypted certificate.

OpenID Connect User Claims

The user can now upload claims via a CSV file, allowing claims to be updated in bulk.

My Profile and User Master Changes

Language Labels and Fields

The existing Default language label has been renamed to Translated names language to better reflect its purpose. This setting determines which language is used for translated element names when configured on the element master.

A new Display language field has been introduced, allowing users to control the language of the user interface independently of browser settings.

System Security – Password Parameters

The user can now specify a message transport master and sender e-mail address on System Security – Password Parameters.

This will enable the system to notify a user when their password has been changed ensuring compliance with C5 audit requirements.

Finance:

Document Master

A new check box has been added to the document master to enable life cycle tracking for use with inbound and outbound electronic invoicing.

Electronic Invoicing:

 Mapping Master

The Invoice Matching Mapping Master now supports mapping multiple values for Order numbers, Advice note numbers, Comments and Printable comments when an XPath returns multiple results.

Identifying the Supplier Using PartyIdentification

The AccountingSupplierParty/Party/PartyIdentification/ID element in the UBL is now supported as a supplier identifier for posting invoices and credit notes.

Electronic Invoicing Life Cycle API

A Document Life Cycle API is now available, for use with inbound and outbound electronic invoicing. The API can ADD and LIST Life Cycle events for Finance and Billing documents.

Posting Invoices as Credit Notes

UBL InvoiceTypeCode 384 is now configured by default to be posted as a Credit Note in Finance and Invoice Matching.

Miscellaneous:

Query Performance

Query performance on Microsoft SQL Server has been improved by removing CAST expressions when selecting ID columns.

Technical:

Deprecated features: 

IBM Platforms

IBM platforms are deprecated as of this release. See release notes for more details.

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• The security of Print Formatter and Workflow Designer has been improved in this release. It is recommended that users install the versions available for download from the web application.
• A new configuration setting, com.coda.common.app.security.initialPassword.maxDays, has been introduced to control the expiry of first‑use passwords that are set or reset by an administrator.
• The third-party libraries Microsoft Azure Client Library for Identity and Key Vault Secrets have been updated to address a security issue (CVE-2025-67735).
• The version of the Unit4 Message Hub Bridge has been updated to fix vulnerabilities CVE-2026-1225 & CVE-2026-33870.
• The third-party libraries jackson-core, jackson-annotations, jackson-databind have been updated to improve security. This addresses WS-2026-0003.
• The third-party library BouncyCastle has been updated to improve security. This addresses CVE-2026-0636.

General Fixes/Updates:

• The Table Link Transfer Client now honours standard JVM proxy configuration such as ‑Dhttps.proxyHost.
• Exporting the Capability Settings report to Excel when using a non-English language no longer fails with an error about invalid sheet names.
• An Asset can now be created in a category that has comments of more than 100 characters long mapped from a Finance document.
• Assets PostRuleMaster Web Service can now be used in Workflow definitions.
• The deletion of attachments is now correctly audited, when using Audit Trail.
• Browse Details no longer fails when an External Reference URL contains a $ character.
• A comment field configured as mandatory on an Invoice Matching input template master is now correctly enforced during Input.
• Structured output processing has been enhanced to support increased data volumes for the GDPdU transformation type.
• Incorrect total values are no longer generated when using the UBL 2.1 Invoice and Credit Note Transformations.
• An issue has been resolved where the get-period-from-date REST API endpoint rejected date values containing a time zone offset in the form +hh:mm.
• Changes have been made to some REST API endpoints such that they display the same error text as those from the SOAP API rather than just the error code.
• The Currency Calculation XMLi service is now correctly visible in the Functional Security capability tree for read-only capability profiles.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.