Hub 4.3 – May 2021

Click this icon on the toolbar to view and download a PDF version of the release notes.

This release note is for the 4.3 release of Blue Prism Hub delivered in an on-premise configuration.


The following new features and enhancements are introduced in this version of Hub.


Description of Change


Control Room

A new plugin has been added to Hub; Control Room. This plugin can only be used with Blue Prism version 7.0 or later, and it complements the Control Room features in the Blue Prism interactive client.

The new Control Room provides dashboards and data views that allow users to view and manage Blue Prism activity for all their environments. Control Room has four plugin features that complement the existing Blue Prism interactive client functionality:

  • Work Queues – Monitor the status of work queue items and track queue activity.
  • Schedules and Tasks – View and monitor schedules and tasks.
  • Sessions – View, filter, and organize session activity in each environment.
  • Digital Worker Health – View and monitor the Digital Workers in each environment.

The Control Room plugin also introduces a number of widgets which can be used on the Dashboard to graphically view the data.




The following new features have been added to the Hub installer:

  • Authentication Server SQL configuration and IIS setup – The Identity Management Server (IMS) has been renamed to Authentication Server. In addition, the Authentication Server facilities enhanced integration to utilize the new features in Blue Prism 7.0, such as service accounts (using centralized authentication for selected components of the Blue Prism platform) and the Control Room plugin.

    The Authentication Server screens in the installer replace the IMS screens that were present in earlier versions.

  • Email Service SQL configuration – Email configuration now supports Microsoft OAuth 2.0 authentication as well as the existing username and password authentication method. To support this, a new screen has been added to the installer to configure the database for the Email Service.
  • Email Service IIS setup – In earlier releases, Email Service was called Email Sender. The installer screen has been updated with this name change. The default website name has also changed, however, the default URL still remains as email.local.
  • Blue Prism API URL – A new screen has been added to the installer to capture the URL for the Blue Prism API. The URL is required to use the new Control Room plugin with Blue Prism 7.0, otherwise, the screen can be left blank.





Support for two languages, Russian and Portuguese (Brazilian), has been removed. English will now be displayed for users who have selected these languages in their browser settings, or using the language drop-down on the login page in earlier versions of Hub.



The Email configuration page has been enhanced to support Microsoft OAuth 2.0 authentication with SMTP, as well as the existing username and password authentication method. Any changes to the SMTP settings are audited and can be seen on the Audit page.


User management

The Users page has been enhanced:

  • Only live users (those that are not retired) are displayed by default. Retired users can be viewed by changing the setting under the Live filter. All users can be viewed by turning off the Live filter.
  • On the Users page, an administrator can view a user's information and click the new Change password icon to change their password. An administrator cannot change another administrator's password.


Fixes and improvements

The following fixes and minor improvements are included in this version of Hub.


Description of Change



The Uplift License option has been added to the Plugin management page to enable administrators to upgrade the ALM license from an earlier version to a version that is compatible with 4.3.

This resolves the previously documented known issue where a warning message was permanently displayed on some pages in the system indicating that the ALM license limit had been exceeded.


The creator of a process definition can now assign their own access level. Previously, they were defaulted to be the owner of the process definition and this could not be changed. They can now select to be a Contributer or a Viewer, however, the process definition can not be saved unless there is at least one owner.



Two columns in the Audit page have been renamed:

  • Username is now Audited by – to reflect that the audit records can also be created by system components and not just users.
  • Date time is now Created on – to clearly define the purpose of this column.



An enhancement has been made so that Hub now also supports connections to multiple RPA databases that reside on the same server, that is, they have the same server IP or hostname. Previously, multiple databases could only be connected as long as they were on different servers to each other. The connection is configured through the existing Environment management page.


Database connections can no longer be edited on the Environment management page. Connections can still be added, refreshed and deleted.



The importing of Active Directory users into Hub has been fixed. Previously, when importing Active Directory users into Hub, if any of the Active Directory user accounts were missing one of the mapped attributes defined in the Hub authentication settings, the import would fail for all users.

The import now displays a counter with the number of valid users against the total number of users found, and displays the list of valid users so that the administrator can select the required users to synchronize with Hub.

In addition, an enhancement has been made to introduce detailed LDAP logging. This can be turned on by updating the appsettings.json file in the Application Server folder. Under Ims > Logging > LogLevel, add the line:
"ImsServer.IntegrationServices.Services.LdapConnectionService": "Debug"
Once this change has been made, refresh the Application Pool.


  • a new install, the Application Pool will be called Authentication Server.
  • an upgraded system, the Application Pool will be called IMS.


If a user who has been imported into Hub using LDAP clicks the Forgot password link, they are no longer sent an email enabling them to reset their password within Hub. Previously, this email was sent, and, if a user went through the process, it created a native user account in addition to their LDAP account.

Users who have been synced into Hub using LDAP use their Active Directory domain password to log into Hub. If they need to reset their password, they should do so using Windows.



The error messages that display when uploading an invalid license file for a plugin have been improved. If an administrator uploads an invalid file type, or a license file that is too large, using the Renew license key functionality, a more informative message will display.

Only .lic files under 100Kb are accepted.



When a user clicks a plugin in the Plugins repository, they now see an overview of the plugin with a link to learn more about the product, which opens the online help. The plugin downloads are available below the overview.




A change has been made to ensure that emails are sent according to the encryption method selected. For SMTP configurations using the Username and password authentication method, the encryption method can be set to None or SSL-TLS. Previously, Hub was attempting to send emails over SSL regardless of the encryption setting.


Known issues

A list of any prominent issues with this release is maintained in the knowledge base, click here for more information.

Secure development policy

As part of our secure development policy, Blue Prism products are evaluated against the following security standards:

  • OWASP Top 10 –The security vulnerabilities that pose the most risk to applications development. For more information, see the OWASP website.
  • SANS CWE Top 25 – The most common software security vulnerabilities found throughout the software development industry. For more information, see the SANS website.
  • Federal Information Processing Standard (FIPS) Publication 140-2 – U.S. government standard that defines minimum security requirements for cryptographic modules in information technology products.
  • Payment Card Industry Data Security Standard (PCI DSS).
  • Health Insurance Portability and Accountability Act (HIPAA).
  • Federal Information Security Management Act (FISMA).

A compliance highlight summary report is available upon request via Product Support.