# Backend API 17.6.0 ### Improvements * **KA-6430:** Increased number of security keys allowed in one account from 5 to 10. * **KA-7214:** Implemented SCIM bulk operations. See [RFC 7644, Section 3.7](https://datatracker.ietf.org/doc/html/rfc7644#section-3.7). `https://keepersecurity.com/api/rest/scim/v2/xxx/Bulk` The SCIM bulk operation is an optional server feature that enables clients to send a potentially large collection of resource operations in a single POST request. The body of a bulk operation contains a set of HTTP resource operations using one of the HTTP methods supported by the API, i.e., POST, PUT, PATCH, or DELETE. Current limits can be discovered in response of `/ServiceProviderConfig` request: `... "bulk": { "supported": true, "maxOperations": 1000, "maxPayloadSize": 1048576 }, ...` Those 3 parameters are populated from next properties: `SCIM_BULK_SUPPORTED`,\ `SCIM_BULK_MAX_OPERATIONS` and `SCIM_BULK_MAX_PAYLOAD_SIZE`. We do not support circular bulk references. HTTP status code 409 (Conflict) will be returned in this case. *** * **KA-7002:** Raised SCIM GET Users endpoint limit to 10k Users. * **KA-7454:** Modified login API process to improve cross-region account switching. * **KA-7466:** Improved login session updates for when the database is in a lock wait state. * **KA-7568:** Moved Category of ARAM events for KeeperAI. * **KA-7380:** Added ARAM events for KeeperAI session lock/unlock actions. * **KA-7384:** Removed User ID from passkey list retrieval API. * **KA-7537:** Added PEDM entry for RMD Security Benchmark. ## Bugs * **KA-5976:** Issue fixed with **granular role enforcements (GRE)**: External Sharing Prevented with a wrong user message. * **KA-6009:** Issue fixed with GRE: Inbound Sharing Prevented with a wrong user message. * **KA-6046:** Issue fixed with GRE: Receive Shared Items displaying a wrong modal. * **KA-6050:** Issue fixed with GRE: Sharing w attachment displaying a wrong modal. * **KA-6053:** Issue fixed where GRE: Outbound sharing is restricted - "can only receive" was displaying wrong modal generating for permissions. * **KA-6308:** Fixed issue where clearing security data did not reset reused password count. * **KA-6345:** Fixed an issue with the "Forbid Account Transfer" flag interfering with a Key getting set on user creation. * **KA-6418:** Fixed issue with removed shared folders in the sync down API. * **KA-6437:** Fixed issue where no more that one event per second is returned by ARAM audit event reports when certain MSP related events are generated. * **KA-6908:** Fixed issue with reading user revisions in some scenarios. * **KA-6988:** Fixed an issue where an MSP Admin launched into an MC can't process SCIM when adding a user to the team. * **KA-7078:** Fixed issue where role add users provided incorrect status code for each user. * **KA-7202:** Fixed issue when trying to update non-existent Security Data Entry. * **KA-7351:** Fixed issue where a PAM admin is able to add more users then allowed to a PAM role by admin adding multiple users at the same time. * **KA-7354:** Fixed issue in PAM where an invited user added to default PAM role allows an admin to go over PAM license limit. * **KA-7356:** Fixed an issue with the Endpoint Manager Free Trial Seats. * **KA-7372:** Fixed a Managed Company issue where an Admin can purchase PAM with less seats than they are consuming. * **KA-7383:** Fixed issue with switch account list and a login enforcement. * **KA-7390:** Fixed an issue where some Managed Service Providers in testing are hitting an error "Does not have managed roles privilege" when adding users to roles in Managed Company. * **KA-7408:** Corrected an Audit Event Type typo. * **KA-7413:** Fixed an issue with SCIM getting a timeout error when sending SCIM requests. * **KA-7444:** Removed Discovery ARAM events temporarily, will be fixed in an upcoming release. * **KA-7446:** Fixed an issue where a SCIM event is created twice when sending a PATCH request. * **KA-7453:** Fixed Enterprise issue where making a License Snapshot create a production error. * **KA-7459:** Fixed API update device errors when no client version was provided. * **KA-7463:** Fixed an issue with sync\_down failing with "SQL Exception root folder was not found". * **KA-7464:** Removed Lock Wait where it was causing errors. * **KA-7475:** Updated KeeperAI event categories. * **KA-7483:** Marking deleted rotation records as disabled in Router rotation info. * **KA-7491:** Fixed issue where API isn't throwing errors and also was not adding Users to Role when adding users. * **KA-7496**: Fixed SCIM issue where Roles were ignored in both POST and PUT. * **KA-7515:** Fixed issue where Linked Devices with Stay Logged in can forbid Logout * **KA-7550:** Issue fixed where a Locked User with TOTP enabled is still able to elevate an application with Privileged Elevation and MFA control. * **KA-7579:** Fixed GRE: No error message for enforcement 'Can share records with file attachments' when moving record to the shared folder with right click. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.keeper.io/release-notes/backend/backend-api/backend-api-17.6.0.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.