Unit4 Financials by Coda 2026Q1 was made available on 10^th March 2026.

Highlights of the 2026Q1 release include:

Administration:

Trusted Certificates Master

A new Trusted Certificates Master has been added to store and manage public trusted certificate files. These certificates can subsequently be used by various protocols such as HTTPS, IPPS, or SFTP to establish trust for external servers. The Trusted Certificate Master will be used by the protocols described in a later release.

Unique index column updated to not-nullable – com_extconfig

The column itemname in the com_extconfig table has been updated to not-nullable to allow primary keys to be added for database table replication purposes.

Generic Browse Master

The user can now specify a Printing Options Master on the General tab of the Generic Browse Master.

Finance:

Reminder Letters

The Print or Transmit process for reminder letters can now access the Printing Options Master on the Generic Browse master.

This will allow the reminder letter filename to be set to the value specified on the Printing Options Master.

Pay/Collect Master

The Printing process now displays the default Printing Options Master which is held on Printing tab of the Pay/Collect Master for Remittance output.

Structured Output:

UBL 2.1 Invoice Transformation and UBL 2.1 Credit Note Transformation

The ability to add multiple notes for the EN16931 schema for France (BG-1) vocabulary has been added to the Invoice and Credit Note Transformations. The vocabulary is available on the EN16931 Schema and is configured on the Manipulation Master.

Electronic Invoicing:

Posting to Companies with Balancing Elements

You can now post invoices and credit notes to a company using balancing elements, while using the VAT number to identify the company and balancing element level 1.

Identifying the Company Using EndpointID

The AccountingCustomerParty/Party/EndpointID element in the UBL is now supported as a company identifier for posting invoices and credit notes.

Console:

Authentication

A new read-only field Financials web application URL has been added to the Authentication configuration. The value of this field is configured in the Configuration tab and is displayed here for reference only.

Miscellaneous:

Attachment Deletion

Improvements have been made to how attachments are deleted. The system start up runs a background process that periodically polls to identify and remove any attachments that need deleting.

Software Media Changes

Changes have been made to how software media is delivered for on-premise customers. Instead of a single ISO containing the software and documentation this has been split to make downloads more efficient and gives you flexibility to access only the content you need.

Technical:

Deprecated features:

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• The Password hashing algorithm has been updated to comply with Cloud Computing Compliance Criteria Catalog (C5) requirements
• The version of the Unit4 Message Hub Bridge has been updated to fix vulnerabilities.
• User-supplied PDF attachments are rejected if JavaScript actions are found in the PDF.
• The XMLi Java Router no longer accepts XML that makes use of external entities.

General Fixes/Updates:

• An issue copying and pasting items within Print Formatter has now been resolved.
• Background Financials tasks now use a keep alive setting to prevent failure of long running tasks.
• The Capability Master selection of available Message Transport Masters on the Alerts tab has been optimised, improving performance and preventing failures.
• The credit lines on the Financials document are now referenced on the Asset transaction when depreciating, instead of the debit lines. This was a problem when depreciating multiple periods and having “Post all asset transactions to this period” set.
• A timestamp error no longer occurs when sending recurring documents with attachments to Workflow.
• A special character ‘?’ can now be entered when adding a document comment using Diary and Browse Transactions.
• The pay write process now correctly handles EncodeForXMLOutput, which no longer applies to a literal value from a conditional element.
• Invoices with attachments that go into matching and have a discrepancy raised against them, which is greater than the document threshold, are now successfully sent to workflow for authorisation.
• Electronic Invoicing now supports Finance Document masters which use Automatic-by-period numbering.
• The parsing of XML inputs has been improved. Greater attention is now paid to namespace declarations. This resolves intermittent issues including errors creating requisitions and errors invoking the Tax service public API.
• When using OpenID Connect authentication, SOAP API calls will use the default user if that user is also mapped to special users (INSTALL, LEVEL8, LEVEL8SUB). This change also applies when using the Mobile Apps for workflow authorisations.
• REST API calls can now be executed by users with passwords containing non-ASCII characters.
• SOAP API calls can now be executed by users with passwords containing non-ASCII characters.
• REST API calls can now retrieve masters with codes that contain special characters such as { } and ( ).
• When using the Element Master XMLi API, the Get, Update and Set operations will now return all the mandatory fields in the response if an error occurs.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.

Unit4 Financials by Coda 2025Q4 was made available on 2 December 2025.

Highlights of the 2025Q4 release include:

Finance:

Pay/Collect Master

The user can now specify a Printing Options Master on the Printing tab of the Pay/Collect Master for Remittance output.

The Remittance filename will be set to the value specified on the Printing Options Master. If no Printing Options Master is specified, or the master has no filename, the existing naming functionality is applied.

Interest Charges

You now have the ability to define a minimum charge value on the Interest Master.

The minimum charge on the Interest Master is applied when an interest proposal is generated. If a minimum charge is present, then no summary will be generated if the home currency charge is less than the minimum charge value.

Element Master

On the Electronic Invoicing tab, the balancing element level account mappings are now hidden. When the Company balancing element level is set to 1, Element 1 in the account mapping is not accessible. When the Company balancing element level is set to 2, Element 1 and Element 2 in the account mapping are not accessible.

Pay

For Pay Write when sending a Pay file via HTTP POST, the file name generated will be sent as the ‘X-U4F-Filename’ header.

Structured Output:

Run Process

A Structured Output process can now be run via the public API.

Technical:

Deprecated features:

Implicit Flow

The ‘Implicit’ flow authentication method has been deprecated and will be removed in a future release. The final release has not been determined. We recommend that the ‘Authorization Code with PKCE’ flow is used instead when configuring a system to use OpenID Connect authentication.

.NET router

The .NET router has been deprecated. The final release has not been determined.

The Integration Toolkit Command Centre module

The Integration Toolkit Command Centre module (ITK) has been deprecated and will be removed in a future release. The final release has not been determined.

JavaScript User Extension Implementation Support

The ability to implement User Extensions using JavaScript is deprecated. The final release to include this support has not been determined.

Note: Support for implementing User Extensions using Java is not deprecated and is the recommended approach for implementing User Extensions.

Coda Encrypter

The command line utility coda-encrypter.exe is deprecated. The final release to include this support has not been determined.

Removed features:

32-bit XL was removed in the 2025Q1 release. Please use the 64-bit XL. This means that the supported releases of XL are available as 64-bit only.

Support for Apple Safari has ended. It is recommended to use Google Chrome or Microsoft Edge.

Security Updates

• Encryption improvements have been applied to the Punchout password when using the Element Master API.
• The third-party libraries commons-compress and commons-lang3 have been updated to improve security. This addresses CVE-2025-48924.
• The third-party libraries nimbus-jose-jwt have been updated to improve security. This addresses CVE-2025-53864.
• A potential security issue in a service used by Customiser has been fixed.
• CSV export has been improved to prevent Formula Injection. Fields exported in a CSV which start with ‘=’ (which identifies a formula) are now pre-fixed with a single quote.
• Downloading desktop clients via a direct access URL is now only available when the necessary functional security permissions are enabled.

General Fixes/Updates:

• The data dictionary now lists all possible log types for table com_loghead.
• The Unit4 Table Link Transfer Client now processes the oas_linkelement and oas_linkhead tables last and marks the records as transferred after all records have been successfully transferred for a table.
• The Unit4 Table Link Transfer Client parameter ‘Batchsize’ now has a default value of 10000.
• Interaction with the OpenID Connect identity provider has been improved.
• An issue in the write stage of a payment run that resulted in the bank rejecting the file has now been resolved. This was related to XML output encoding and Unicode conversion handling a special character for example &.
• Reminder letters sent via FTP/SFTP now appends a date and timestamp to the file name to make it unique.
• An issue where changes to matched invoices in Invoice Maintenance failed to post to Finance when involving deferred or partially recoverable tax has been resolved. The system now correctly processes and posts these updates.
• Structured Output no longer creates zero size, zero content files when outputting to the repository or SFTP.
• The following changes have been made to the IV3 transformation in Structured Output :-
• The ‘Metadata Periode’ now allows 0 and 5 to selected as stated by the CBS matrix
• The data view column is no longer mandatory
• The missing ‘Ultimo’ figures have been added to the JSON output file
• The Generic Browse API is no longer restricted by the browse limit configured in the application (capability/console). An optional parameter, rowLimit, is now available to limit the rows returned by the API. If this is not specified or is set to 0 then no limit is applied.
• The ‘/finance/currency/currency/get-rates/{cmpCode}/{rateDate}’ Rest API Endpoint no longer returns an index out of bounds error.
• The ‘/finance/pay/pay/get-dtt/{cmpCode}/{userCode}/{proposalCode}/{payMasterCode}’ Rest API Endpoint no longer returns an index out of bounds error.
• The ‘/finance/browsedetails/browsedetails/get-line/{cmpCode}/{code}/{number}/{lineNumber}’ Rest API Endpoint no longer returns an index out of bounds error.

Further details on the new features, security updates and reported issues can be found in the release documentation.

The release documentation for this release (and previous releases) can be found in the documentation area on the community.

The software can be downloaded from the “Software” tab on Community4U.