What's New
News and Alerts
Security Update: React and Next.js Vulnerabilities
December 2025
We want to assure our users that neither Experlogix Smart Flows nor Experlogix Documents is impacted by the recently disclosed vulnerabilities CVE-2025-55182 (React) and CVE-2025-66478 (Next.js). These products do not utilize any components affected by these issues.
Our security team is actively monitoring the situation and stands ready to respond immediately should new developments arise. Protecting our customers and their data remains our highest priority.
End of Life: Automated User Sync
February 2026
Automated User Sync has been deprecated since Experlogix Smart Flows version 4.23 and will be fully removed in version 4.28. Customers using this functionality are strongly encouraged to transition to the Automated User Creation model, which has been the default behavior since version 4.23. Any remaining configurations relying on Automated User Sync must be replaced before upgrading to version 4.28.
This change aligns user provisioning with actual platform usage, improves system performance, and ensures more accurate license consumption.
Background
In earlier versions of Experlogix Smart Flows, administrators could rely on two different mechanisms to provision users:
-
Automated User Sync (deprecated)
-
Automated User Creation (current default)
Prior to version 4.23, Automated User Sync was commonly used to continuously synchronize users from connected systems into Smart Flows. As of version 4.23, this approach has been replaced by Automated User Creation for all primary connectors.
Primary connectors include:
-
Microsoft Dynamics 365 Business Central
-
Microsoft Dynamics 365 Customer Engagement (Sales)
-
Microsoft Dynamics 365 Finance & Operations
-
Salesforce
-
SugarCRM
Deprecated behavior: Automated User Sync
Under the deprecated Automated User Sync model, users who had an Experlogix Smart Flows security role or permission set in a connected system:
-
Could see Experlogix Documents controls inside the connected application
-
Were automatically created as users in Smart Flows by a background synchronization service
-
Consumed a Smart Flows license as soon as they were synchronized, regardless of actual usage
This synchronization service ran continuously in the background to detect and update users.
Current default behavior: Automated User Creation
Since version 4.23, Smart Flows uses Automated User Creation as the default model.
Under this approach, users who have an Experlogix Smart Flows security role or permission set in a connected system:
-
Can see Experlogix Documents controls inside the connected application
-
Are automatically created as users in Smart Flows only when they log into the Flow Execution Panel for the first time
-
Consume a Smart Flows license only after their first login
This model removes the need for a continuously running synchronization service.
Automated User Sync vs. Automated User Creation Comparison
| Aspect | Automated User Sync (deprecated) | Automated User Creation (current default) |
|---|---|---|
|
Availability |
Deprecated since Smart Flows 4.23, removed in 4.28 |
Default behavior since Smart Flows 4.23 |
|
Trigger for user creation |
Background synchronization service |
First login to the Flow Execution Panel |
|
User visibility in connected application |
Users see Experlogix Documents controls |
Users see Experlogix Documents controls |
|
User creation in Smart Flows |
Automatically created by a sync process |
Automatically created on first login |
|
License consumption |
License consumed immediately after synchronization |
License consumed only after first login |
|
Background services |
Requires a continuously running sync service |
No background synchronization required |
|
License allocation efficiency |
Licenses may be allocated to users who never log in |
Licenses allocated only to active users |
|
Resource usage |
Higher memory and processing overhead |
Reduced resource usage |
|
Scalability |
Less suitable for large user bases |
Optimized for large-scale environments |
|
Overall impact |
Higher operational overhead and less accurate licensing |
Improved performance and optimized license usage |
Role handling for returning users
Depending on your project configuration, Smart Flows can do one of the following:
-
Automatically update a returning user’s Smart Flows role based on their current security role or permission set in the connected system, or
-
Preserve the user’s existing role in Smart Flows
This allows organizations to balance centralized role management with local control.
Recommended action
Customers should:
-
Verify that Automated User Sync is no longer enabled
-
Confirm that users can log in via the Flow Execution Panel
-
Review license usage to align with actual user adoption
-
Upgrade with confidence knowing that Automated User Creation is already in effect
New Content
List of new content
- Creating an Experlogix CPQ (Preview) Connector
- Creating the SQL Server Database
- Data Sets History Tab
- Data Sets List view
- Data Sets Overview Tab
- Data Sets Schema Tab
- Data Sets Settings Tab (for Forms)
- Data Sets
- Dependencies in Smart Flows
- Deploy Smart Flows On-Premises
- Experlogix CPQ Data Set Configuration
- Landing Page
- Organizations Page
- Project Settings Users Tab
- Releases
- Share File
- Smart Flows Trial Experience
- Test a Flow
- Version Compatibility Matrix
- Videos
Revised Content
List of revised content