nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Vanilla Release Notes

Release 2026.004

Overview

We’ve updated the User Preferences experience in the Dashboard with a refreshed, more modern UI. While the underlying functionality remains unchanged, the new design makes it easier for Admins to navigate and manage notification settings—especially as more notification options continue to be introduced.

This release also includes improvements to OAuth2 flexibility, along with general bug fixes and performance enhancements.

Schedule

Staging: Week of Mar 16
Production: Week of Mar 30
Enterprise: Week of Apr 6

Improved User Preferences UI

The User Preferences area in the Dashboard has been updated with a more modern and usable interface.

No changes to existing functionality or behavior
Improved layout and clarity for managing notification settings
Designed to better support the continued expansion of notification options

Admins can continue to configure default notification preferences for users, helping drive engagement by ensuring users receive relevant updates.

OAuth2 + SAML Authenticator Rework

We’ve reworked our OAuth2 and SAML authenticators to improve security, flexibility, and overall configuration experience. This update introduces new settings pages, enhanced debugging capabilities, and expanded profile field mapping support.

New Settings Pages

Authentication settings for OAuth2 and SAML have been reorganized into clearer, more intuitive configuration pages. This makes setup and ongoing management easier for admins, especially when working with multiple identity providers.

Improved Security

We’ve implemented several security enhancements across both authenticators, including more robust validation and safer handling of authentication flows and tokens.

Debug Log System

A new debug logging system has been introduced to help troubleshoot authentication issues more effectively. Admins can now access more detailed logs to diagnose configuration or login problems.

OAuth2: Profile Field Mapping

OAuth2 authentication now supports mapping external identity provider fields directly to Vanilla profile fields. This allows for more flexible user provisioning and better alignment with external user data.

OAuth2: Configurable Content-Type for Profile Requests

We’ve introduced the ability to configure the Content-Type header used in OAuth2 profile requests.

Enables compatibility with providers that require specific Content-Type formats
Reduces the need for custom development when integrating with certain OAuth2 services

Bug Fixes & Improvements

This release also includes a variety of bug fixes, you can learn more about bug fixes in this thread:

https://success.vanillaforums.com/discussion/4035/resolved-issues