# Backend API 17.5.6

## New Features

* **KA-7089:** New KeeperPAM ARAM Events

```
Discovery job (${discover_job_uid}) completed on Gateway UID (${gateway_uid}) for user ${username}
Discovery job (${discover_job_uid}) started on Gateway UID (${gateway_uid}) for user ${username}
User $username started connection with protocol $protocol on record $record_uid (private/personal record)
User $username started connection with protocol $protocol on record $record_uid (ephemeral account)
User $username started connection with protocol $protocol on record $record_uid (ephemeral account, elevated permissions)
User $username started connection with protocol $protocol on record $record_uid (elevated permissions)
```

## Improvements

* **KA-7149**: General SCIM improvements: more useful error messages and throttling responses
* **KA-7302:** Allow biometric / passkey registration from Commander CLI

## Bug Fixes

* **KA-6945:** Fixed issue with Security Reports getting too large. 
* **KA-6990:** Fixed an issue where only one security data entry was being saved for a given record associated with the record owner during Add and Update.
* **KA-7177:** Fixed 500 Error during 2FA validation when code doesn't match.
* **KA-7187:** Fixed a time-limited access (TLA) scheduler issue.
* **KA-7190:** Fixed SCIM where Users PUT fails when updating a pending user.
* **KA-7197**: Fixed an issue with push notifications and Notification Center under high load
* **KA-7217:** Fixed issue where consumer email change is triggering "\*\*\*\*\* Error processing Username Verification Token.
* **KA-7227:** Fixed issue where linked devices changed 2FA logs out other Linked Devices (BE and Web Vault)
* **KA-7260:** Fixed issue where sync\_down is not sending BreachWatch record data on a direct share.
* **KA-7261:** Fixed issue with sync\_down where BreachWatch records were empty for direct share records and BreachWatch security data was empty for ShareFolder records.
* **KA-7273:** Fixed PAM bundle add-ons expire issue when trial ends despite being purchased prior to trial start.
* **KA-7274:** Fixed CrowdStrike test event that raises parsing error with CrowdStrike.
* **KA-7291:** Fixed enforcement type that incorrectly consumes PAM seats in an enterprise trial.
* **KA-7298:** Fixed an issue where a passkey won't work if the browser extension client version is upgraded.

## Other Tasks

* **KA-7148:** Implemented new endpoint for PEDM MFA verifications.
* **KA-7172:** Fixed a device management issue where information should have been removed.
* **KA-7176:** PAM - Included a KSM flag for Account Summary for a Router Enforcement.
* **KA-7189:** Improved handling of older device identifiers for users with a large number of devices.
* **KA-7196:** Added Hardware Security Modules for BreachWatch in new environments.
* **KA-7228**: Updated KSM enforcement as part of PAM validation.
* **KA-7234:** Updated device management APIs regarding device name changes for logged-in devices. 
* **KA-7252:** Device Management: Added additional push notifications for device management actions.
* **KA-7306:** Upgraded Java libraries.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keeper.io/release-notes/backend/backend-api/backend-api-17.5.6.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.