Comment on page
Backend API Version 16.9.9
Released on May 30, 2023
- KA-5338: Delegated admin can affect SSO configuration in other nodes through configurations.
- KA-5360: When share admin transfers ownership of a record, incremental sync missing transferred record UID, causing record to appear/disappear on both side vaults until full sync happened (on a background or next login).
- KA-5424, KA-5421: Improved sync performance by removing queries for non-enterprise users.
- KA-5419: After an Admin deletes a user from the admin console and then re-creates that user with the same user email the user is unable to successfully create the account a second time. The user will see network connection errors in the Vault and we see server errors on the backend.
- KA-5453: Allow longer custom email invite templates, up to 5,000 chars.
- KA-5468: Add role enforcement to disallow importing of shared folders from LastPass. The role policy name is RESTRICT_IMPORT_SHARED_FOLDERS. This change goes with Vault ticket VAUL-5977.
- KA-5470: When a user is deleted, their pending device approval queued entries are not deleted. This is causing a problem when the user is created again with the same username.
- KA-5463: Commander API errors with shared_folder_update
- KA-5478: Error message when a Share Admin removes a user from a shared folder.
KA-5473: Bulk change endpoint for folder permissions, to accept an array of shared_folder object. This will provide Commander with bulk permission changes under ticket KC-590.
KA-5427, KA-5447: Logout timer improvements
- The minimum logout timer for the device type (Web apps, desktop apps, mobile apps) are utilized for any device that you login to.
- If the admin lowers the max allowed logout timer for a device type, the next login will enforce the lower amount across all devices of the specified type.
- If the admin lowers the max allowed logout timer for a device type, this will modify the current session for all affected users.
- If the admin raises the max allowed logout timer, users will not be raised higher. But the user will need to logout and login to increase their logout timer.
- The role enforcement max allowed will be used as the "Default" logout timer for users.
- The idle logout is by device type for a user, not specific to a device for the current user.
- Logout timers shall be allowed beyond 24 hours. Any value up to 30 days will be supported.