# Backend API 17.5.1

## Major Features

* Notification Center APIs
* Device Management APIs
* Fast Account Switching APIs
* Passkey authentication APIs
* Crowdstrike NG SIEM integration
* Google Cloud Security SIEM integration

## Improvements

* **KL-159:** Added support for new SIEM - Crowdstrike Falcon LogScale.
* **PS-101:** Fixed memory issue.
* **PS-103:** Expanded push to accept device level notification.
* **PS-105:** Updated third-party libs.
* **KA-4855:** Added new record Type: Wifi Password.
* **KA-5682:** Fixed when a domain alias exists, creating an alias was causing issues.
* **KA-5783:** Added support for Google Cloud Security SIEM.
* **KA-5827:** Added missing role team add and role team remove events.
* **KA-5949:** Fixed get enterprise data for a user to return tier description for add-ons.
* **KA-6002:** Restricted allowed IPs after login during active session.
* **KA-6011:** Console Role Enforcement >> Added option to use default browser for SSO.
* **KA-6224:** Created role policy RESTRICT\_TOTP\_FIELD.
* **KA-6298:** Updated Keeperapp-to-Automator calls to support EC encryption.
* **KA-6357:** Removed references to deprecated ARAM events.
* **KA-6360:** Separated ARAM event for configuration of biometrics.
* **KA-6373:** Created personal account sharing enforcement.
* **KA-6400:** Updated libphonenumber to the latest version.
* **KA-6423:** Fixed KA: ARAM events not generating when TLA expires.
* **KA-6464:** Made KA changes for editable one-time share feature.
* **KA-6477:** RMD: Updated audit alert IDs for RMD (october update pt.2).
* **KA-6503:** Created fast account switching APIs.
* **KA-6518:** Fixed issue with a user with "view only" permissions on a shared connection record is capable of removing other users.
* **KA-6526:** Created API for device management: List all user devices.
* **KA-6529:** Device Management: Created API to rename a user device.
* **KA-6532:** Device Management: Created API to perform action on the devices.
* **KA-6533:** Fixed automator getting incorrect session information when approving a team.
* **KA-6642:** Modified query to select/insert/update full name as plain text AND encrypted in account\_user (Phase 1).
* **KA-6804:** Added backend server support for Biometric Backed Passkey login.
* **KA-6874:** Added default role Do Not Create PEDM role for approvers.
* **KA-6890:** Added support for new SIEM - Falcon LogScale (Crowdstrike).
* **KA-6901:** Modified PAM trial logic - do not remove existing PAM related SKUs (Enterprise ONLY).
* **KA-6921:** Purge device account every time a new one is created.
* **KA-6925:** PEDM SKU - Added Enterprise/Business license logic.
* **KA-6926:** PEDM SKU - Added MSP license logic.
* **KA-6953:** Updated PAM license active count.
* **KA-6961:** PEDM: Added new admin privilege to Keeper administrative role for Endpoint Privilege Manager
* **KA-6964:** Device management: Expanded device registration to include client form factor.
* **KA-6965:** Device management: Deleted old devices when device account gets created.
* **KA-6971:** Enhanced API to allow updating device platform and client form factor.
* **KA-6998:** Notification center additions and improvements.
* **KA-7053:** Added ARAM and email notifications to passkey creation and deletion events.
* **KA-7056:** Collapsed device statuses To 'Device Locked'.
* **KA-7060:** Device management: Sanitized device name and device platform.
* **KA-7094:** Updated passkey creation parameters that never expire.&#x20;
* **KA-7098:** Updated platform restriction bypass through passkey login.
* **KA-7099:** Fixed issue with the generate authentication and verify authentication endpoints work even when a user’s account is locked KPASS.

## Bug Fixes

* **KA-5026:** Fixed node ID being sent in admin permission ARAM event.
* **KA-5314:** Fixed ARAM event (granting admin permission).
* **KA-5607:** Fixed default exceptions from login from existing session.
* **KA-5624:** Fixed record in recently deleted reports broken attachment link.
* **KA-5782:** Fixed issue in account transfer of external direct share, the recipient user is getting "Internal Error" after sync.
* **KA-6015:** GRE: Fixed issue where external sharing prevented - No share relationship.
* **KA-6059:** SDR: Fixed issue where records self destructed in shared folder are not showing in deleted items shared folder contents tab.
* **KA-6185:** Fixed issue in B2B Welcome to Keeper email 404 links.
* **KA-6265:** Fixed issue in expired consumer lic. logs in after being invited to family plan getting invalid token type: ACCEPT\_FAMILY\_INVITE".
* **KA-6292:** Fixed issue when establishing syslog SIEM does not validate when using a custom port.
* **KA-6361:** Fixed  sync: potential minor incremental query improvements.
* **KA-6369:** Fixed issue with invalid session token when expired (deactivated) unlimited user accepts family plan invitation
* **KA-6416:** Issue fixed with accept\_group\_invite not being allowed for expired unlimited.
* **KA-6616:** Fixed issue when sharing a record to the alias domain. Fails with "domain alias" in place.
* **KA-6665:** Fixed issue with Permission Check on setting an alert.
* **KA-6700:** Improved issue in Enterprise > Transfer account > Account\_summary: Where recipient's bytesUsed doesn't include V3 records.
* **KA-6764:** Fixed issue with Invalid message returned when password validation fails for the given response code.
* **KA-6836:** Fixed issue where after 'records\_ownership\_transfer' the partial 'sync\_down' is missing both 'sharingChanges' and 'records' elements.
* **KA-6856:** Issue fixed where automator is not used when TOTP timeout occurs.
* **KA-6872:** Fixed 500 Error during device approval "missing argument.
* **KA-6911:** Fixed slow username query.
* **KA-6917:** SCIM: Fixed issue where I can create the team without a name that causes errors in the console.
* **KA-6972:** Fixed issue with support bucket folders for S3 SIEM export.
* **KA-6973:** Fixed missing ARAM event for admin device approval.
* **KA-6982:** Fixed issue in first time sharing invitation gives an error ‘Unable to connect..’.
* **KA-6993:** Fixed issue with updating signature count does not update last\_modified if the count does not change.
* **KA-7014:** Security issue fixed with KSM token binding to a device, allowing the same secret to be opened multiple times.
* **KA-7019:**  Issue fixed where one time share links can be opened on multiple devices.
* **KA-7020:** Issue fixed where user can open shared link without the knowledge of the sender.
* **KA-7084:** Fixed passkey login returning 500 error.
* **KA-7102:** Prepared  queries for upcoming user ambiguity due to app client joins.
* **KA-6666:** Device Management: Expanded device registration to include the additional field: device platform supplied by Clients.