Backend API Version 16.9.9
Released on May 30, 2023
Bug Fixes
KA-5338: Delegated admin can affect SSO configuration in other nodes through configurations.
KA-5360: When share admin transfers ownership of a record, incremental sync missing transferred record UID, causing record to appear/disappear on both side vaults until full sync happened (on a background or next login).
KA-5424, KA-5421: Improved sync performance by removing queries for non-enterprise users.
KA-5419: After an Admin deletes a user from the admin console and then re-creates that user with the same user email the user is unable to successfully create the account a second time. The user will see network connection errors in the Vault and we see server errors on the backend.
KA-5453: Allow longer custom email invite templates, up to 5,000 chars.
KA-5468: Add role enforcement to disallow importing of shared folders from LastPass. The role policy name is RESTRICT_IMPORT_SHARED_FOLDERS. This change goes with Vault ticket VAUL-5977.
KA-5470: When a user is deleted, their pending device approval queued entries are not deleted. This is causing a problem when the user is created again with the same username.
KA-5463: Commander API errors with shared_folder_update
KA-5478: Error message when a Share Admin removes a user from a shared folder.
Improvements/Changes
KA-5473: Bulk change endpoint for folder permissions, to accept an array of shared_folder object. This will provide Commander with bulk permission changes under ticket KC-590.
KA-5427, KA-5447: Logout timer improvements
The minimum logout timer for the device type (Web apps, desktop apps, mobile apps) are utilized for any device that you login to.
If the admin lowers the max allowed logout timer for a device type, the next login will enforce the lower amount across all devices of the specified type.
If the admin lowers the max allowed logout timer for a device type, this will modify the current session for all affected users.
If the admin raises the max allowed logout timer, users will not be raised higher. But the user will need to logout and login to increase their logout timer.
The role enforcement max allowed will be used as the "Default" logout timer for users.
The idle logout is by device type for a user, not specific to a device for the current user.
Logout timers shall be allowed beyond 24 hours. Any value up to 30 days will be supported.
Last updated