The FF changes from Released to GA

An MCP (Model Context Protocol) Server acts as a bridge between your solution and AI models. For us, the new Liferay DXP MCP Server exposes our Headless APIs through a standardized interface that LLMs can understand and interact with allowing them both to retrieve information, but also interact with Liferay DXP to create or update different types of entities.

This standard enables easy, cost-effective integrations of Liferay DXP with various AI models (like ChatGPT or Gemini). Leveraging the headless APIs ensures LLMs can reliably access data using structured protocols while strictly enforcing the user's Liferay permission system for security.

Key Benefits:

• Reduces costs of implementation and maintenance for integrating Liferay with compatible LLM models.
• Security: Enforces the user's permission system via Headless APIs, ensuring data security.

Liferay seeks to better understand how administrators engage with the Control Panel and Product Menu in self-hosted environments. Since these deployments are customer-managed, Liferay currently lacks visibility into real-world admin behavior.

This feature introduces a privacy-first analytics solution that enables organizations to opt in to share anonymized usage data. By doing so, Liferay can gain valuable insights to enhance usability, guide product improvements, and deliver a more data-informed experience, while maintaining full transparency and compliance.

Key Benefits:

• Data-Driven Product Improvements: Gain visibility into real-world admin behavior to prioritize enhancements that deliver the most value.

• Enhanced Customer Experience: Use insights to refine usability and optimize administrator workflows.

• Trust and Compliance: Ensure analytics collection respects customer autonomy, privacy, and regulatory requirements through an opt-in model.

This feature enables administrators to map OpenID Connect (OIDC) user attributes to Liferay custom fields during user authentication or synchronization. By allowing flexible attribute mapping, organizations can seamlessly integrate identity data from external providers, ensure user profiles remain accurate and complete, and reduce manual configuration. This enhances interoperability, simplifies user management, and supports a more personalized user experience across systems.

Key Benefits:

• Seamless Integration: Simplifies connecting external identity providers by automatically mapping OIDC attributes to Liferay user data.

• Improved Data Consistency: Ensures user profiles are accurate and synchronized across systems without manual intervention.

• Enhanced Flexibility: Allows organizations to tailor user data mapping to their specific business and compliance needs.

This feature introduces the ability to map SCIM (System for Cross-domain Identity Management) attributes to Liferay custom fields. It allows organizations to synchronize additional user information from external identity systems beyond standard fields. By enabling flexible attribute mapping, Liferay supports richer identity data integration, simplifies user provisioning, and strengthens alignment with enterprise identity management standards.

Key Benefits:

• Streamlined Identity Synchronization: Automatically align user attributes between Liferay and external identity providers.

• Greater Flexibility: Support custom business requirements through configurable mappings of SCIM attributes.

• Enhanced Data Accuracy: Maintain consistent and up-to-date user information across all connected systems.

This feature enables Liferay to function as both a SAML Identity Provider (IdP) and a Service Provider (SP) at the same time. With this capability, organizations can simplify complex authentication flows—such as acting as an IdP for connected systems while also consuming authentication from an external IdP. This flexibility supports diverse deployment scenarios, multi-tenant setups, and hybrid identity architectures. user provisioning, and strengthens alignment with enterprise identity management standards.

Key Benefits:

• Increased Flexibility: Support advanced identity configurations by allowing Liferay to serve dual roles in SAML-based authentication.

• Simplified Integration: Reduce complexity in hybrid or multi-system environments by centralizing identity management within Liferay.

• Enhanced Interoperability: Enable seamless authentication across multiple systems without compromising security or compliance.

The new OIDC authentication enhancement uses the OIDC “sub” (subject) claim to identify users instead of relying on email addresses. Since the “sub” claim is a unique and permanent identifier assigned by the identity provider, it ensures consistent and reliable user recognition even if a user’s email changes or multiple providers share the same address. This improves account stability, reduces login mismatches, and enhances overall security and user experience.

Key Benefits:

• Reliable user identification: Ensures consistent recognition of users even if their email address changes.

• Eliminates account mismatches: Prevents conflicts caused by identical email addresses across different identity providers.

• Improved security: Uses the permanent and unique OIDC “sub” claim, reducing the risk of identity errors.

• Better user experience: Provides seamless authentication and minimizes login or access issues.