Unit4 Financials by Coda 2026Q1 was made available on 10^th March 2026.

Highlights of the 2026Q1 release include:

Administration:

Trusted Certificates Master

A new Trusted Certificates Master has been added to store and manage public trusted certificate files. These certificates can subsequently be used by various protocols such as HTTPS, IPPS, or SFTP to establish trust for external servers. The Trusted Certificate Master will be used by the protocols described in a later release.

Unique index column updated to not-nullable – com_extconfig

The column itemname in the com_extconfig table has been updated to not-nullable to allow primary keys to be added for database table replication purposes.

Generic Browse Master

The user can now specify a Printing Options Master on the General tab of the Generic Browse Master.

Finance:

Reminder Letters

The Print or Transmit process for reminder letters can now access the Printing Options Master on the Generic Browse master.

This will allow the reminder letter filename to be set to the value specified on the Printing Options Master.

Pay/Collect Master

The Printing process now displays the default Printing Options Master which is held on Printing tab of the Pay/Collect Master for Remittance output.

Structured Output:

UBL 2.1 Invoice Transformation and UBL 2.1 Credit Note Transformation

The ability to add multiple notes for the EN16931 schema for France (BG-1) vocabulary has been added to the Invoice and Credit Note Transformations. The vocabulary is available on the EN16931 Schema and is configured on the Manipulation Master.

Electronic Invoicing:

Posting to Companies with Balancing Elements

You can now post invoices and credit notes to a company using balancing elements, while using the VAT number to identify the company and balancing element level 1.

Identifying the Company Using EndpointID

The AccountingCustomerParty/Party/EndpointID element in the UBL is now supported as a company identifier for posting invoices and credit notes.

Console:

Authentication

A new read-only field Financials web application URL has been added to the Authentication configuration. The value of this field is configured in the Configuration tab and is displayed here for reference only.

Miscellaneous:

Attachment Deletion

Improvements have been made to how attachments are deleted. The system start up runs a background process that periodically polls to identify and remove any attachments that need deleting.

Software Media Changes

Changes have been made to how software media is delivered for on-premise customers. Instead of a single ISO containing the software and documentation this has been split to make downloads more efficient and gives you flexibility to access only the content you need.

Technical:

Deprecated features:

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• The Password hashing algorithm has been updated to comply with Cloud Computing Compliance Criteria Catalog (C5) requirements
• The version of the Unit4 Message Hub Bridge has been updated to fix vulnerabilities.
• User-supplied PDF attachments are rejected if JavaScript actions are found in the PDF.
• The XMLi Java Router no longer accepts XML that makes use of external entities.

General Fixes/Updates:

• An issue copying and pasting items within Print Formatter has now been resolved.
• Background Financials tasks now use a keep alive setting to prevent failure of long running tasks.
• The Capability Master selection of available Message Transport Masters on the Alerts tab has been optimised, improving performance and preventing failures.
• The credit lines on the Financials document are now referenced on the Asset transaction when depreciating, instead of the debit lines. This was a problem when depreciating multiple periods and having “Post all asset transactions to this period” set.
• A timestamp error no longer occurs when sending recurring documents with attachments to Workflow.
• A special character ‘?’ can now be entered when adding a document comment using Diary and Browse Transactions.
• The pay write process now correctly handles EncodeForXMLOutput, which no longer applies to a literal value from a conditional element.
• Invoices with attachments that go into matching and have a discrepancy raised against them, which is greater than the document threshold, are now successfully sent to workflow for authorisation.
• Electronic Invoicing now supports Finance Document masters which use Automatic-by-period numbering.
• The parsing of XML inputs has been improved. Greater attention is now paid to namespace declarations. This resolves intermittent issues including errors creating requisitions and errors invoking the Tax service public API.
• When using OpenID Connect authentication, SOAP API calls will use the default user if that user is also mapped to special users (INSTALL, LEVEL8, LEVEL8SUB). This change also applies when using the Mobile Apps for workflow authorisations.
• REST API calls can now be executed by users with passwords containing non-ASCII characters.
• SOAP API calls can now be executed by users with passwords containing non-ASCII characters.
• REST API calls can now retrieve masters with codes that contain special characters such as { } and ( ).
• When using the Element Master XMLi API, the Get, Update and Set operations will now return all the mandatory fields in the response if an error occurs.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.