search

Backend API 17.6.5

Released on January 15th 2026

hashtag
Features

  • All new GovCloud tenants will default to EC-only sharing encryption

  • Added Notification Center support for Categories

  • Created Bulk APIs on the backend to:

    • Remove Multiple Teams From a Role

    • Remove Multiple Managed Nodes From a Role

    • Remove Multiple Roles From a Team

    • Remove Multiple Privileges From a Managed Node

    • Add Multiple Privileges to a Managed Node

    • Add Multiple Teams to a Role

    • Add Multiple Roles to a Team

    • Add Multiple Managed Nodes to a Role

hashtag
Improvements

  • KA-7870: If a ML-KEM aware keeper client attempts to use a ML-KEM key on a system where it is not configured or allowed we return an EC Key ID.

  • KA-7698: Support for KSM Ruby SDK client version code

  • KA-7015: Added category mapping for Notification Center

  • KA-7027: Created endpoint for Admin Console to use if it receives an ARAM localization key it doesn't know.

  • KA-7057: Created new functionality to"Remove Multiple Teams From a Role".

  • KA-7058: Created new functionality to “Remove Multiple Managed Nodes From a Role”.

  • KA-7059: Created new functionality to “Remove Multiple Roles From a Team”.

  • KA-7061: Created new functionality to “Add Multiple Privileges to a Managed Node”.

  • KA-7062: Created new functionality to “Remove Multiple Privileges From a Managed Node”.

  • KA-7063: Created new functionality to “Add Multiple Teams to Role”.

  • KA-7064: Created new functionality to “Add Multiple Roles to Team”.

  • KA-7065: Created new functionality to “Add Multiple Managed Nodes to Role”.

  • KA-6178: Created Bulk functionality for Removing Teams, Managed Nodes and Roles.

  • KA-7153: Added change to enforce all new enterprise tenants to default to EC encryption instead of RSA in GovCloud region.

  • KA-7381: Added ARAM events for KeeperAI PAM configuration enable/disable actions.

  • KA-7634: Allow gateway visibility when sharing KSM apps across nodes.

  • KA-7649: Updated notification category for Device Approval Response Notification.

  • KA-7664: Updated notification full name field should show users full name instead of email.

  • KA-7758: Implemented security efficient regular expression for uncontrolled data.

  • KA-7867, KA-7894: Updated third party library dependencies.

hashtag
Bug Fixes

  • KA-7344: Fixed an issue where an add-on for MSPs should never be in a trial state and should never be in an expired state.

  • KA-4679: Fixed an issue with BreachWatch API calls generating data truncation error

  • KA-5288: Fixed issue where new linked devices give both devices a 60 min logout timer.

  • KA-5549: Fixed issue where an ARAM alert was not being sent when selecting only outside share events.

  • KA-6236: Added file status when getting a KSM secret response.

  • KA-6596: Added missing event for enterprise out of license seats.

  • KA-6775: Fixed issue with enterprise transfer where pending enterprise users emails are listed in the source region and cannot be used after an enterprise account transfer.

  • KA-6813: Fixed an issue where deleting a team did not delete a user's shared folder.

  • KA-6899: Improved the IP AllowList enforcement logic to use logical OR instead of AND when there are multiple role policies involved. This will allow Admins to consolidate a list of possible allowed IPs, instead of requiring ALL IPs to be met.

  • KA-6915: Fixed an enterprise transfer issue with missing data when restarting a failed transfer.

  • KA-6949: Fixed ARAM trigger for the "clear security audit data" event.

  • KA-7003: Fixed an error in permission logic in regards to certain license types when creating one-time share links.

  • KA-7182: Fixed exception and DataDog error with the Keeper Automator client.

  • KA-7253: Fixed an issue where a KSM client could create records within folders with no user permissions

  • KA-7386: Fixed a device management issue where the device list is not current after the device was renamed.

  • KA-7497: Made privilege adjustment for any admin who has the "manage teams" admin permission for their node to get teams missing key pairs.

  • KA-7560: Fixed an issue where the Splunk configuration could not be saved if Splunk is on a trial.

  • KA-7576: Fixed an ARAM field to column mapping not outputting params when a PAM session recording downloaded.

  • KA-7577: Updated the “PAM session recording downloaded” ARAM event to show under the zero trust keeper PAM category.

  • KA-7645, KA-7648: Notification center API improvements

  • KA-7689: Fixed an issue with Account Switching role enforcement policy bypass.

  • KA-7699: Fixed a server error when resending an invite to a user who is a member of a deleted enterprise.

  • KA-7710: Fixed an issue where a MSP admin can create a user inside the MSP with a reserved for only the MC domain.

  • KA-7719: Fixed an issue where deleting an enterprise was setting the inactive date value for region transferred users.

  • KA-7721: Updated to allow MSP's reserved email domain to be used within the MSP's SSO MC's.

  • KA-7783: Fixed a Commander issue that bypassed the enforcement policy for One-Time Share restrictions when sharing a record with attachments.

  • KA-7839: Fixed an error caused by using an old Automator version with ECC-enabled enterprise.

  • KA-7931: Fixed a 500 error during 'Change Owner' action as Share Admin.

PreviousBackend APINextBackend API 17.6.3

Last updated

Was this helpful?