Unit4 Financials by Coda 2026Q2R2 was made available on 15th June 2026.

The following enhancements and fixes are included in this maintenance release:

Electronic Invoicing – Life Cycle Tracking (Inbound CDAR API)

A new REST resource has been introduced for Electronic Invoicing life cycle tracking. This resource captures and records status updates received in CDAR format from the certified service provider (PA/PDP).

For further details, please refer to the Electronic Invoicing Life Cycle API documentation.

Fixes

• Bug 1101870 – Resolved an issue where the workflow typescope was missing in the 2026Q2 release. The typescope is now included, enabling workflow definitions to be successfully imported during installation and upgrades.

Highlights of the 2026Q2 release include:

Administration:

Trusted Certificates Master

A new Ignore invalid certificates setting has been introduced, allowing IPPS protocols to ignore any certificate warnings or errors on the endpoint when it is enabled. The default is enabled.

Output Protocols

The IPPS protocol can use the Trusted Certificates Master to verify the remote server certificate. When ‘Ignore invalid certificates’ is enabled, warnings and errors about the certificate are ignored for this protocol.

Certificate Master

A new certificate master has been added to store third party certificates. Each certificate master stores a single encrypted certificate.

OpenID Connect User Claims

The user can now upload claims via a CSV file, allowing claims to be updated in bulk.

My Profile and User Master Changes

Language Labels and Fields

The existing Default language label has been renamed to Translated names language to better reflect its purpose. This setting determines which language is used for translated element names when configured on the element master.

A new Display language field has been introduced, allowing users to control the language of the user interface independently of browser settings.

System Security – Password Parameters

The user can now specify a message transport master and sender e-mail address on System Security – Password Parameters.

This will enable the system to notify a user when their password has been changed ensuring compliance with C5 audit requirements.

Finance:

Document Master

A new check box has been added to the document master to enable life cycle tracking for use with inbound and outbound electronic invoicing.

Electronic Invoicing:

 Mapping Master

The Invoice Matching Mapping Master now supports mapping multiple values for Order numbers, Advice note numbers, Comments and Printable comments when an XPath returns multiple results.

Identifying the Supplier Using PartyIdentification

The AccountingSupplierParty/Party/PartyIdentification/ID element in the UBL is now supported as a supplier identifier for posting invoices and credit notes.

Electronic Invoicing Life Cycle API

A Document Life Cycle API is now available, for use with inbound and outbound electronic invoicing. The API can ADD and LIST Life Cycle events for Finance and Billing documents.

Posting Invoices as Credit Notes

UBL InvoiceTypeCode 384 is now configured by default to be posted as a Credit Note in Finance and Invoice Matching.

Miscellaneous:

Query Performance

Query performance on Microsoft SQL Server has been improved by removing CAST expressions when selecting ID columns.

Technical:

Deprecated features: 

IBM Platforms

IBM platforms are deprecated as of this release. See release notes for more details.

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• The security of Print Formatter and Workflow Designer has been improved in this release. It is recommended that users install the versions available for download from the web application.
• A new configuration setting, com.coda.common.app.security.initialPassword.maxDays, has been introduced to control the expiry of first‑use passwords that are set or reset by an administrator.
• The third-party libraries Microsoft Azure Client Library for Identity and Key Vault Secrets have been updated to address a security issue (CVE-2025-67735).
• The version of the Unit4 Message Hub Bridge has been updated to fix vulnerabilities CVE-2026-1225 & CVE-2026-33870.
• The third-party libraries jackson-core, jackson-annotations, jackson-databind have been updated to improve security. This addresses WS-2026-0003.
• The third-party library BouncyCastle has been updated to improve security. This addresses CVE-2026-0636.

General Fixes/Updates:

• The Table Link Transfer Client now honours standard JVM proxy configuration such as ‑Dhttps.proxyHost.
• Exporting the Capability Settings report to Excel when using a non-English language no longer fails with an error about invalid sheet names.
• An Asset can now be created in a category that has comments of more than 100 characters long mapped from a Finance document.
• Assets PostRuleMaster Web Service can now be used in Workflow definitions.
• The deletion of attachments is now correctly audited, when using Audit Trail.
• Browse Details no longer fails when an External Reference URL contains a $ character.
• A comment field configured as mandatory on an Invoice Matching input template master is now correctly enforced during Input.
• Structured output processing has been enhanced to support increased data volumes for the GDPdU transformation type.
• Incorrect total values are no longer generated when using the UBL 2.1 Invoice and Credit Note Transformations.
• An issue has been resolved where the get-period-from-date REST API endpoint rejected date values containing a time zone offset in the form +hh:mm.
• Changes have been made to some REST API endpoints such that they display the same error text as those from the SOAP API rather than just the error code.
• The Currency Calculation XMLi service is now correctly visible in the Functional Security capability tree for read-only capability profiles.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.

Unit4 Financials by Coda 2026Q1 was made available on 10^th March 2026.

Highlights of the 2026Q1 release include:

Administration:

Trusted Certificates Master

A new Trusted Certificates Master has been added to store and manage public trusted certificate files. These certificates can subsequently be used by various protocols such as HTTPS, IPPS, or SFTP to establish trust for external servers. The Trusted Certificate Master will be used by the protocols described in a later release.

Unique index column updated to not-nullable – com_extconfig

The column itemname in the com_extconfig table has been updated to not-nullable to allow primary keys to be added for database table replication purposes.

Generic Browse Master

The user can now specify a Printing Options Master on the General tab of the Generic Browse Master.

Finance:

Reminder Letters

The Print or Transmit process for reminder letters can now access the Printing Options Master on the Generic Browse master.

This will allow the reminder letter filename to be set to the value specified on the Printing Options Master.

Pay/Collect Master

The Printing process now displays the default Printing Options Master which is held on Printing tab of the Pay/Collect Master for Remittance output.

Structured Output:

UBL 2.1 Invoice Transformation and UBL 2.1 Credit Note Transformation

The ability to add multiple notes for the EN16931 schema for France (BG-1) vocabulary has been added to the Invoice and Credit Note Transformations. The vocabulary is available on the EN16931 Schema and is configured on the Manipulation Master.

Electronic Invoicing:

Posting to Companies with Balancing Elements

You can now post invoices and credit notes to a company using balancing elements, while using the VAT number to identify the company and balancing element level 1.

Identifying the Company Using EndpointID

The AccountingCustomerParty/Party/EndpointID element in the UBL is now supported as a company identifier for posting invoices and credit notes.

Console:

Authentication

A new read-only field Financials web application URL has been added to the Authentication configuration. The value of this field is configured in the Configuration tab and is displayed here for reference only.

 

Miscellaneous:

Attachment Deletion

Improvements have been made to how attachments are deleted. The system start up runs a background process that periodically polls to identify and remove any attachments that need deleting.

Software Media Changes

Changes have been made to how software media is delivered for on-premise customers. Instead of a single ISO containing the software and documentation this has been split to make downloads more efficient and gives you flexibility to access only the content you need.

Technical:

Deprecated features:

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• The Password hashing algorithm has been updated to comply with Cloud Computing Compliance Criteria Catalog (C5) requirements
• The version of the Unit4 Message Hub Bridge has been updated to fix vulnerabilities.
• User-supplied PDF attachments are rejected if JavaScript actions are found in the PDF.
• The XMLi Java Router no longer accepts XML that makes use of external entities.

General Fixes/Updates:

• An issue copying and pasting items within Print Formatter has now been resolved.
• Background Financials tasks now use a keep alive setting to prevent failure of long running tasks.
• The Capability Master selection of available Message Transport Masters on the Alerts tab has been optimised, improving performance and preventing failures.
• The credit lines on the Financials document are now referenced on the Asset transaction when depreciating, instead of the debit lines. This was a problem when depreciating multiple periods and having “Post all asset transactions to this period” set.
• A timestamp error no longer occurs when sending recurring documents with attachments to Workflow.
• A special character ‘?’ can now be entered when adding a document comment using Diary and Browse Transactions.
• The pay write process now correctly handles EncodeForXMLOutput, which no longer applies to a literal value from a conditional element.
• Invoices with attachments that go into matching and have a discrepancy raised against them, which is greater than the document threshold, are now successfully sent to workflow for authorisation.
• Electronic Invoicing now supports Finance Document masters which use Automatic-by-period numbering.
• The parsing of XML inputs has been improved. Greater attention is now paid to namespace declarations. This resolves intermittent issues including errors creating requisitions and errors invoking the Tax service public API.
• When using OpenID Connect authentication, SOAP API calls will use the default user if that user is also mapped to special users (INSTALL, LEVEL8, LEVEL8SUB). This change also applies when using the Mobile Apps for workflow authorisations.
• REST API calls can now be executed by users with passwords containing non-ASCII characters.
• SOAP API calls can now be executed by users with passwords containing non-ASCII characters.
• REST API calls can now retrieve masters with codes that contain special characters such as { } and ( ).
• When using the Element Master XMLi API, the Get, Update and Set operations will now return all the mandatory fields in the response if an error occurs.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.