- Various bug fixes and improvements
Release notes
- Various bug fixes and improvements
- Custom Name and Subdomain saving minor adjustments
- Various bug fixes and improvements
- Entries - Can't update Website entry in certain circumstances
- Licenses - Correct label message when adding a license
- PAM - Fixed Password reset and Heartbeat check issue
- Various bug fixes and improvements
- Rebranding - New Look, to reflect "Devolution Cloud" name change
- Rebranding - Rebranding, from Hub to Devolutions Cloud
- Administration - Added an "Enforce clear clipboard after copy" setting in System Settings for Workspace clients, with a configurable timeout period
- Administration - Improved the Administration and Reports navigation and a cleaner overall UI layout
- Administration - Moved high-risk destructive actions (including "Delete Hub") to a dedicated "Danger Zone" tab under System Settings to reduce the risk of accidental execution
- Authentication - Added social login support for Hub accounts
- Authentication - Added support for configuring multiple Single Sign-On (SSO) providers for a single Hub
- Dashboard - Updated the dashboard UI to use consistent and clear terminology for custom widgets and default dashboards
- Entries - Added the "Allow password in variable" security option for Username and Password credential
- Entries - Improved the entry view so that the simplified view toggle remembers the user's last-used setting between sessions
- Entries - Removed the inapplicable "Use Linked Host Credential" credential type option from host-type entries
- Hub - Added support for reserved names in Hub Personal, allowing hubs to be accessed via a named URL path
- Hub - Added the ability to reserve a unique hub name and subdomain across regions
- Import/Export - Added the ability to export entries to an encrypted JSON file with a master password, including a deobfuscate option
- Logs - Added the platform and product version as a field in Hub log entries, improving diagnostic capability
- Logs - Added the platform and product version to the audit information displayed in the entry overview, making it easier to trace version-specific issues
- PAM - Added an option on SSH PAM providers to use the provider account credentials for heartbeat connections, supporting environments where privileged accounts have SSH access disabled
- PAM - Added checkout duration and requested JIT groups to the PAM checkout request email sent to approvers
- PAM - Added multi-factor authentication (MFA) verification when launching sensitive entries
- PAM - Added PAM support for the contractor user type
- PAM - Added support for Devolutions Gateway rule sets on PAM providers
- PAM - Added the ability for PAM operators to select group assignments from discovered accounts in scan results and automatically populate the JIT Elevation configuration
- PAM - Added the JIT Authorization tab to Active Directory and Azure PAM entries to display the configured JIT groups for each entry
- PAM - Improved the PAM checkout request message for approvers to display full checkout details with inline Approve and Deny actions
- PAM - Improved the performance of EntraID account discovery when searching large groups
- PAM - Restored a missing toggle switch in the PAM JIT account configuration
- Password - Updated the Password Analyzer to remove the password strength bar and show only the occurrence count
- Reports - Added a Contractor Users report page in the Reports section
- Sessions - Added session recording support for PowerShell sessions
- UI - Applied various minor UI improvements and polish across the application
- UI - Restricted the file types allowed for insertion in documentation attachments to supported formats (PDF, GIF, images)
- Users - Added an Authentication Type column to contractor reports
- Users - Added automated email notifications sent to administrators when user or contractor accounts expire
- Users - Added sorting and filtering by the "Last Used Device" field in the Users administration table, and improved the CSV export to include this field
- Users - Improved the contractor user type with a user type column in the user list
- Users - Improved the user table layout and responsiveness for small screen sizes
- Various bug fixes and improvements
- Vaults - Added an administrator-controlled setting to disable the export functionality for user vaults
- Vaults - Added the ability to select and delete multiple vaults simultaneously, with a confirmation prompt before the action is executed
- Administration - Fixed a delay where binding an IP address to an Application Identity
- Administration - Fixed issue where specific permissions assigned to admin users were not displayed in the permissions UI
- Administration - Fixed the administration section tabs to be visible and accessible on small screens and mobile viewports
- Authentication - Fixed an issue where removing the Force SSO setting via SRM could break hub access
- Dashboard - Fixed an issue where creating a system dashboard widget with the correct permissions incorrectly returned an Access Denied error
- Dashboard - Fixed multiple dashboard widget inconsistencies between RDM and Hub Web
- Dashboard - Fixed multiple dashboard widget issues including synchronization between RDM and Web
- Entries - Added support for configuring entries with single, multiple (fixed count), or unlimited simultaneous checkouts
- Entries - Fixed an issue where the Logs tab showed no entries for users with the Contributor role when viewing a Username and Password credential entry
- Entries - Fixed credentials to display correctly in the entry overview
- Entries - Fixed OTP entries to support the colon (":") character in application and account name fields
- Entries - Fixed the Security Settings tab to be visible for Contributor-role users in the credential entry edit dialog
- Import/Export - Fixed a regression where the scrollbar and action button were missing on the final step of the import wizard, preventing completion
- Import/Export - Fixed the "Create Folder" dialog in the Import window to consistently render icons and accept spaces in folder name input
-
Import/Export - Fixed the
-DeobfuscateSensitivesparameter in the PowerShell CSV export to correctly return passwords in clear text - Licenses - Fixed an incorrect assigned license count
- Licenses - Fixed expired licenses in the Users Dashboard to be clearly visually distinguished from active licenses using a badge or color indicator
- Licenses - Fixed the license assignment list to display both accounts when users are linked
- PAM - Fixed an "Access Denied" error that occurred for users who received checkout or access request notifications for vaults they do not have access to
- PAM - Fixed issue where PAM propagation PowerShell scripts were no longer visible in the configuration view
- PAM - Fixed PAM accounts imported from RDM with "Inherited" account lifecycle policy to correctly display as "Inherited" instead of "Custom"
- PAM - Fixed the Approve and Deny buttons to be correctly grayed out for the requesting user when the "Yes, Unless JIT" option is selected for own checkout approval
- PAM - Fixed the Entry dropdown in the Checkout Requests report to display only PAM account names
- PAM - Fixed the items-per-page display filter in the PAM account import window
- PAM - Fixed the JIT provisioner username length limit to match Active Directory's 64-character limit instead of the previous 20-character cap
- Password - Fixed sorting by occurrence count (descending)
- Password - Fixed the "At Least" field for custom characters in the password generator to act as a minimum threshold, allowing the generator to include more than the specified minimum
- Reports - Fixed the User Reports CSV export to include user tags
- Sessions - Fixed a false "Unable to find the VPN session" error that appeared when selecting a Devolutions Gateway in VPN settings before saving an RDP entry
- Sessions - Fixed an infinite loading state that occurred when entering incorrect credentials when opening a session in the web client
- Sessions - Fixed an issue where deleting an SSH certificate would reappear after saving; deletions now persist correctly
- Sessions - Fixed an issue where opening a session with no password in Hub web incorrectly prompted for a password before connecting
- Sessions - Fixed an issue where SSH sessions failed to launch when credentials were set to "Inherited."
- Sessions - Fixed clipboard redirection restrictions in web-based RDP sessions to properly enforce the disabled clipboard setting
- Sessions - Fixed error that prevented launching a session when the Devolutions Gateway was set to "Inherited" from a parent folder
- Sessions - Fixed session recording to work consistently in the user vault across both Hub Web and Remote Desktop Manager
- Sessions - Fixed the VNC session view to remove the obsolete empty sidebar
- Sessions - Fixed various UI issues in the Open in Web feature
- UI - Fixed severoal translation issues
- Users - Fixed a SCIM group assignment issue
- Users - Fixed a UI bug where an invited user's email appeared twice in the list after sending an invitation
- Users - Fixed connection status icons in the Users administration list to display at a consistent and correct size
- Users - Fixed the Save button remaining grayed out when changing the offline mode field in the user administration edit dialog
- Various bug fixes and improvements
- Various bug fixes and improvements
- PAM - Various bug fixes and improvements for PAM
- Various bug fixes and improvements
- Translation, various bug fixes and improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- UI displays user twice on invite
- Various front end issues with the widget/dashboard
- Core - Added custom vault dashboard widgets with reordering
- Core - Added new Contractors account type with expiration date support
- Licenses - Simplified license assignment
- Core - Added a credential selection prompt when launching a web session configured with "Prompt on connection" for linked vault credentials
- Core - Added support for importing entries from .rdm files and exporting entries to .rdm format
- Core - Added tag inheritance to automatically propagate to all contained entries
- Core - Added the ability to restore soft-deleted hubs directly through Portal
- Core - Added the ability to set a display sort priority on vaults
- Core - Removed the user interface profiles feature
- Core - Update some semantics and translation
- Entries - Added support for SSH key certificates
- Entries - Added support for SSH terminal and SSH port forward connections using credentials stored in linked external vaults
- Entries - Added support for using Linked (External Vault) credentials as an OTP
- Entries - Fixed an issue preventing entries from being opened when credentials were configured through User Specific Settings
- PAM - Added a "Skip TLS validation" option in PowerShell Settings
- PAM - Added an administrator setting to configure the default behavior for automatically checking in a PAM account when an entry is closed
- PAM - Improved PAM checkout failure error messages
- Password Generator - Added an "Exclude ambiguous characters" option to the Password Generator
- Core - Fixed - Administration - Logging option visibility
- PAM - Fixed a validation issue allowing PAM approvers to set a checkout duration below the enforced minimum of 10 minutes
- PAM - Fixed administrators to configure risk levels for Active Directory / roles and groups
- PAM - Fixed an issue preventing additional groups from being added to the JIT list in an OU when a group was already selected
- PAM - Fixed an issue where service failed to start automatically after a machine reboot
- PAM - Fixed an issue where the "Test Connection" button on a PAM provider was disabled
- PAM - Fixed an issue where the JIT group name appeared duplicated in the PAM checkout
- PAM - Fixed an issue where the PAM service token was not being properly enforced when launching sessions via the Gateway using "Open in Web."
- PAM - Fixed an issue where the password stored in a PAM Propagation Configuration could not be viewed after the configuration was saved
- PAM - Fixed JIT group selection to include groups located in the Active Directory Built-in organizational unit
- PAM - Fixed Linux privilege sets section not appearing for local user SSH providers
- PAM - Fixed PAM task endpoint permissions (infinite loading or access denied errors)
- PAM - Fixed service updates on Docker to use a simple container restart instead of requiring the Devolutions Agent service
- PAM - Fixed the default checkout policy indicator not appearing in the PAM accounts list column
- PAM - Fixed the default checkout policy not being automatically pre-selected in checkout policy
- PAM - JIT Provisioner account improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- Various bug fixes and improvements
- Administration - Resolve logging icon visibility issue
- Licenses - Correct license labels that could cause confusion
- Various bug fixes and improvements
- Minor bug fixe and improvement
- Core - Added a Verify Account option in the account chooser for improved account management
- Core - Moved the reset favorites button to the footer for improved user interface organization
- Core - Removed the User Interface Profiles feature from the application
- Entries - Add entry tags inheritance from system settings, root to entries
- Entries - Deprecate entry - Deprecated the Crypto Wallet entry type from the system
- PAM - Added admin configuration option to set the default behavior for automatically checking in PAM accounts when closing entries
- Entries - Fixed an issue where entries could not be opened when credentials were set from User Specific Settings
- PAM - Fixed missing TriggerType value in webhook payloads for PAM events
- Various bug fixes and improvements
- Better error handling occurs in certain localization validations
- Breaking changes Unlicensed Hubs now start a 30-day trial automatically and will downgrade to Free (single user) if a license is not added before the trial ends
- Core - Added ability to export vault data to encrypted JSON format protected by master password
- Licenses - Added license purchase functionality within Hub
- Core - Removed automatic creation of application services to provide more manual control
- Entries - Added documentation link in webhook creation dialog for easier access to help
- Entries - Added hierarchical tag inheritance system from system settings through root to entries
- Entries - Removed unnecessary certificate password field from X.509 certificate configuration
- Gateway - Removed unnecessary Vaults/Groups/Users tabs from virtual gateway interface
- Various bug fixes and improvements
- Core - Fixed "select all" button not saving selected users when assigning permissions
- Core - Fixed checkout prompt errors and functionality when prompt is enabled
- Core - Fixed error occurring when editing root-level permissions
- Core - Fixed privileged account information not being saved in user-specific settings
- Core - Fixed session recorders not terminating correctly after sessions are closed
- Entries - Fixed incorrect LDAPS default port changed from 389 to correct port 636
- Gateway - Fixed gateway token generation to check if force virtual gateway setting is enabled first
- Gateway - Fixed SSH credentials not auto-filling when opening sessions through gateway with linked SSH keys
- Gateway - Fixed virtual gateway not linking to physical gateway in Remote Desktop Manager when added through Hub web interface
- PAM - Fixed PAM providers incorrectly appearing in account selection for credentials
- PAM - Fixed PAM vault count not displaying correctly in the dashboard vault widget on web client
- PAM - Fixed users with "Manage PAM providers" system permission unable to access PAM section
- Password Generator - Fixed missing space in passphrase generator when appending character to last word
- Better error handling occurs in certain concurrence situations
- Better error handling occurs in certain concurrence situations
- Core - Better management of the Client secret expiration date
- Core - Default Require Valid Hub Key Hash to true
- Core - Update some semantics and translation
- Entries - Add "Allow Any port" option in WebSite entry type
- Entries - Added "Automatically log off when disconnecting" as a user-specific setting
- Licenses - Better liences management
- Password Generator - Added characters limit
- Password Generator - Added special characters in passphrase
- Password generator - Added symbol to the default template
- Password management - Added compromised check logic
- Core - App identity failure based on the name used
- Core - Can edit PAM account when checkout
- Core - Missing folder structure for some import models
- Entries - Show custom-fields on Document type entry
- Fixed Various bug fixes and improvements
- Auth - Application identities authentication
- Core - Issue creating the Application Service
- Core - Update some semantics and translations
- Licenses - Improved free and trial license workflows
- Entries - Checkout message does not update in real time
- Entries - SSH connection fail when private key as a password override
- Gateway - Encountering a 500 error when accessing a recording from RDM
- PAM - Checkout banner don't update automatically
- PAM - Checkout policy for a root providers with root inherited breaks
- PAM - Incorrect privileged access permission check
- PAM - RDP recordings prompt incorrect error
- PAM - Session not launching in web when using privileged account credentials
- Various bug fixes and improvements
- Fix an issue related to geolocation IP restriction
- Fixed issue where users were being locked out of the web client due to an invalid favorite entry
- Gateway - Added live session shadowing
- Administration - Fixed a UI issue when cancelling confirmation
- Core - Hub region is now visible next to the version
- Entries - Improve the OTP code color based on time remaining
- Entries - Improved password readability in dashboard overview and edit form
- Gateway - Updates can be started directly from the web
- Administration - Force disable GeoIP if no MaxMind account is set
- Devolutions Send - Fixed not being able to share a link without editing the form
- Entries - Fixed a missing screen setting field with ARD entries
- Entries - Fixed an SSH key prompt when no key is selected
- Entries - Fixed default port for ARD entries
- Entries - Fixed gateway not editable on entry creation
- Entries - Fixed missing custom field tab in website entries
- Entries - Fixed opening in web with user-specific settings
- Entries - Fixed redirection from the gateway administration page to the entry's page
- Entries - Fixed user specific settings not showing when jump is enabled
- Gateway - Fixed launching sessions with an inherited gateway and host
- Gateway - Fixed virtual gateway defaut port and status
- PAM - Fixed account discovery destination vault showing deleted vaults
- PAM - Fixed edit permission showing a blank dialog
- Password Generator - Fixed an invalid error message when generating from custom mode
- Search - Fixed search list vanishing when including all fields
- Users - Fixed UI issues with the filters
- Gateway - Added virtual gateway support; requires RDM 2025.3.16+
- PAM - Conditional policies based on elevation (JIT); requires PAM Service 2025.3.1+
- Core - Owners can now delete the Hub from the Administration screen
- Entries - New lowercase username format support
- Security - Fixed where managing scheduled reports weren't accessible even if the permission was granted
- Users - Fixed user filters and sorting
- Core - Fixed an issue with passphrase dictionaries not opening the right screen
- Entries - Fixed an issue where vault migration was stuck
- Entries - Fixed prompt for comment on reveal credentials needed a full page refresh to view again
- Entries - Removed the lock for edit on root entries causing the vault to load indefinitely
- PAM - Fixed privileged account credentials not working when set to inherited
- Breaking changes Administration - Encryption service now ignores IP allowlist configured; use Enable IP restriction from the application service to enforce a given IP
- Entries - Added host in entry overview when configured
- Entries - Spaces are now automatically removed from OTP codes
- PAM - Added a custom end time for checkout requests
- PAM - Support different username format on PAM accounts
- Vaults - Standardize vaults order in the application
- Entries - Fixed a linking issue between a host and subentry of type RDP when using a gateway
- Entries - Fixed an error when using passphases
- Entries - Fixed an issue when opening an entry in the web with a the operator role set on the user
- Entries - Fixed an issue where the edit screen was locked after a password validation warning
- Entries - Fixed creating folders when importing
- Entries - Fixed OTPs from Password List not linkable to other entries
- Entries - Fixed popular entries not showing up in the entry picker dialog
- Entries - Fixed secure notes not being editable in the web
- Entries - Fixed user specific settings not available on website entries
- Licenses - Fixed an issue where licenses might be automatically assigned to an admin after a manual refresh
- PAM - Fixed an issue with some users not being able to accept another user's checkout request
- PAM - Fixed checkout message disappearing until a full page refresh is done
- PAM - Fixed checkout policy inheritance ignoring root value
- PAM - Fixed edit being locked after a heartbeat
- PAM - Fixed global providers not being shown correctly
- Various bug fixes and improvements
- Added license name when confirming the deletion of a license
- Fixed inconsistent sorting of vaults
- Fixed missing invite user button when using SSO without SCIM
- Fixed password history not logging every time a previous password is viewed
- Various bug fixes and improvements
- Fixed system dictionaries generating passphrases in English no matter the chosen language
- Fixed the button to activate the encryoption service
- Core - Added support for custom dictionary
- Core - Added support for Linked (external vault) as credential source in entries
- Core - Added webhooks for automation
- Send - Passphrase can now be made mandatory via system settings
- Core - Application identities can now be disabled and re-generated
- Core - Password templates has been renamed to password policies
- Core - Password templates now support an expiration policy
- Core - Password viewed now logs even when previously viewed
- Various bug fixes and improvements
- Fixed entry creation in specific scenarios
- Fixed entry creation in specific scenarios
- Reporting an issue can be sent to entire user groups
- Send messages to entire user groups
- Various bug fixes and improvements
- Visual UI improvements to the Add Entry dialog
- Fixed capitalization issues in the passphrase generator when using French dictionary
- Breaking changes Core - Offline mode is now enabled by default for new users
- Breaking changes Our EULA and TOS are now combined into a single master agreement and include our new solution packages
- Core - Sessions can now use credentials from the linked host
- Core - User specific settings are now editable in the web client
- Gateway - Added storage usage in the administration view
- PAM - Added a domain/AD scan filter on a given domain container
- PAM - New provider for Amazon Web Service (AWS) Identity and Access Management (IAM)
- PAM - New provider for PostgreSQL
- Core - Revamp what's new and release notes
- Various bug fixes and improvements
- Resolved an issue causing entry corruption during batch edits from RDM
- Various bug fixes and improvements
- Added a "Last Used Device" column to the Users page, displaying the product name, platform, version, and last used date
- Added a "Test Script" button to AnyIdentity templates
- Added an "Auto-assign" column to the Licenses page, displaying each license's automatic assignment status
- Export: Shortcuts will no longer be exported
- Fixed issues related to Custom Fields when changing from Text to Sensitive
- Open in Web: Username is now resolved when using private key SSH connections
- Various bug fixes and improvements
- Added "Have I Been Pwned" report to the Reporting Service
- Added biannual prompt for Hub owners to redownload or validate their emergency kit
- Fixed error preventing users with view permissions from using Devolutions Send or revealing passwords
- Password Generator: Fixed issue where an uppercase letter was incorrectly added after an accented character in French passphrases
- PowerShell: Fixed issue where user vaults were not exported despite "Access User Vaults" being enabled
- Various bug fixes and improvements
- Resolved an issue with Workspace
- Automatically assign licenses only to specific user groups, streamlining license management for administrators
- PAM: Configure PAM accounts with no checkout/check-in required, simplifying workflows for automatic password rotations
- Periodic reminders ensure Hub Owners securely re-download or validate their emergency kit every 6 months
- Simplified session launching: one unified tiered menu button replaces multiple launch buttons, automatically selecting Web, RDM, or Launcher based on your licenses
- Devolutions Gateway reports now clearly indicate recorded sessions
- PAM: Azure AD account discovery in Hub now supports filtering by user groups and roles for quicker management
- Various bug fixes and improvements
- PAM: Session recording in RDM
- Limit checkout time to maximum checkout time
- Optimized import entries for improved performance
- PAM: Added a fallback icon for PAM entries
- PAM: Added a new checkbox to force gateway token generation in PAM Application Service
- PAM: Added a new Synchronization section in settings
- Unified launch button with smart profile-based selection and fallback options
- Various bug fixes and improvements
- Resolved an issue preventing the removal of items from the IP AllowList
- Resolved an issue where entries could be flagged as unhealthy in certain scenarios
- Added support to store My personal credentials and My personal credentials in Hub
- AnyIdentity Support in PAM: Manage identities from almost any source using PowerShell scripts for account discovery, heartbeats, and password resets (RDM 2025.1.1 - March 10th)
- Gateway Farms: Group multiple Devolutions Gateway instances into farms with weighted distribution and session draining support
- License Revamp: Simplified licensing for a more flexible and streamlined experience
- PAM Scheduled reports: Automatically email expired entry, expiring entry, and password analyzer reports
- Portable licenses: Assign time-limited licenses to specific data sources, ideal for MSPs managing multiple Hub instances
- VPN Connection Option: Automatically connect to a VPN if an HTTP request fails based on the specified status code
- Dashboard Certificates Widget: Now includes X.509 certificates for a more complete web certificate count
- Door & Alarm Codes: Now supports Devolutions Send for secure sharing
- Secure Messages: Disabled users are now clearly identified
- System Settings: Added tooltips next to Inactivity Logout to clarify it applies only when the web page is open
- Automatically removes the trailing slash when adding a Devolutions Gateway URL
- Credentials now autofill when using a Gateway with a linked SSH key
- Open in Web: Fixed error when opening with linked credentials using "Find by name (User Vault)."
- Reports: Fixed issue where exports displayed "Object Object" instead of the correct data
- Unsupported entries now display a basic overview in the detail view instead of being empty (e.g., Mikrotik Winbox)
- Various bug fixes and improvements
- Fixes other cases that made entering a new license unavailable once the Hub is disabled
- Fixed an issue when exporting to CSV using Devolutions.PowerShell Module
- Fixed an issue saving folders by non-admin users in RDM
- Fixed Devolutions Send window not re-prompting after a cancel or close
- Fixed image URLs in the Hub creation email
- Fixed the synchronized user icon not correctly showing up in the user list
- Fixes an issue that made entering a new license unavailable once the Hub is disabled
- Breaking changes Added new APIs for PAM Service (update to 2024.3.100 required for the PAM Service)
- Breaking changes PowerShell cmdlet "Get-HubEntriesForExport" format is now compatible with the import function
- Administrators can now set a system message that will be prompted upon login
- Added more recommendations in the security dashboard
- User vaults can now be disabled per users instead of systemwide only
- Fixed create shareable link via Devolutions Send not prompting the link
- Fixed document creation's save button not behaving correctly after a change
- Fixed folder creation via PowerShell (previously created as unhealthy)
- Various bug fixes and improvements
- Added more duration options when sending a password via Devolutions Send
- Fixed custom user & group permission not showing correctly in the Web UI
- Various bug fixes and improvements
- Breaking changes An updated PAM service (2024.3) is required for PAM features
- Core - Added an inspect session button in logs to see the log in the context of a user session
- Reports - Added a new group report to list and export all users of a group
- Core - Added new fields to driver's license entry
- Core - Custom fields #4 and #5 can now also be set as sensitive
- Web - Added a duration option to Devolutions Send secure links
- Web - Added favicons to Passkey entries
- Web - Added new recommendations to the security dashboard
- Web - Added passphrase generation to the password generator
- Web - Added support for custom images on entries
- Web - Added support for editing new types of entries (AnyDesk, ARD, FortiClient VPN, SonicWall VPN)
- Web - Improved SSH key entry support
- Fixed an invalid error message when terminating a gateway session from the web
- Opening a web session will now prompt for credentials when none were provided
- Various bug fixes and improvements
- Added high priority messages in secure messages
- Added support of RDM variables in the web client
- Added a system setting to manage the default value of "Allow send messages"
- Added new fields to Passport entry
- Added support of custom colors on entry icons
- ARD entries can now be viewed in the web client
- Fixed the infinite loading issue when going into the Licenses management page
- Fixes a visual issue where the entry list would sometimes show no entries
- Fixes an issue where a Secure Note entry could not be saved
- Fixes an issue where editing a new user or a new application identity could cause an unauthorized error
- Fixed add button not updating its disabled state when selecting a new entry in the tree view
- Fixed linked credentials and search in user vault credentials not resolving correctly in the overview
- Fixed visually unchecked linked accounts when editing a product license
- Various bug fixes and improvements
- Breaking changes Gateway license is now per user instead of per Gateway; you can install and use as many Gateways as you wish
- Linked accounts allow user managers to link two accounts together for licensing purposes
- Vault content types allow vault owners to limit which entry types can be created in a vault
- Improved search entries performance
- Opened sessions are now shown in the navigation menu instead of new browser tabs
- PAM license is now per user instead of systemwide; users, even administrators, must be assigned to the license to have access to PAM features
- Fixed custom entry colors in the web tree view
- Fixed ongoing temporary access requests for deleted users
- Fixed unsupported format of secure notes
- Office documents will be downloaded when trying to preview instead of showing raw characters
- Various bug fixes and improvements
- Fix the refresh button in the user activity report not refreshing with the new criteria
- Fix user activity report not showing data when the "all users" option is selected
- Fix an issue with the search by name not showing all results
- SSO - Fixed the test connection timing out too fast
- Various bug fixes and improvements
- PAM - New checkout approval policies
- PAM - New password rotation policies
- Web - Added support for mass delete entries in the web client
- Added a system setting to enforce biometric lock on Workspace mobile apps
- Added support for PowerShell entry in the web client
- Disabled users are now excluded from Hub's license count
- Improve vault loading performance in the web client
- Switch labels from title case to sentence case
- Various bug fixes and improvements
- Fixed application identities not able to authenticate with the server
- Added a confirmation when deleting messages
- Improved the contact entry with additional data
- Fixed importing Bitwarden JSON files when no folders are present in the file
- Fixes Launcher buttons not visible on supported entry types (such as VPN)
- Fixes user tags not assignable when adding or inviting users
- Various fixes and improvements
- Fixed an infinite loop after creating a new Hub Business
- Added a confirmation prior to deleting messages
- Added an option to open websites in a private window (applies to websites open with RDM or Launcher only)
- Fixed custom fields not saving when showing advance options
- Fixed encryption service URL not editable
- Various fixes and improvements
- WBEX - Fixed missing entries on autofill for users without view password (WBEX updated to 2024.1.0.4 required)
- Fixed a lack of SCIM synchronization when IP allow list are enabled
- Various fixes and improvements
- Gateway sessions can now be terminated from the Web interface
- Added an azure template to ease the deployment of our new encryption service
- Allow deleting synchronized users
- Gateway's configuration can be re-pushed from the Web interface
- Gateway's configuration can now be auto-detected to ease setup
- Vaults are now shown in the left navigation bar by default
- Various fixes and improvements
- Added optional IP restrictions on application identities
- Fixes a compatibility issue with the upcoming RDM 2024.1 release
- Various fixes and improvements
- Fixes possible issue with authentication servers
- Added a what's new announcement tab on the release news dialog
- Added additional importation types when importing from the web client
- Added an optional expiration date on users
- Added support to open SSH and Telnet sessions in the web client
- Integrated Devolutions Send to send messages and passwords to external users
- Added a user setting to show all vaults in the side menu
- Renamed Access Code entry to Secret
- Renamed application users to application identities
- Revamped PAM task execution to be immediately run instead of regular intervals
- Revamped user interface look and feel
- Simplified popular entry dialogs for users with their usage profiles set to Business Users
- Fixed an issue with excluded characters in generated passwords
- Fixed potential users not removed correctly once removed from SSO provider
- Various fixes and improvements
- SSO - Added multiple domain verification support
- Various fixes and improvements
- Set the minimal RDM version to 2023.3.24 (Windows only)
- Various fixes and improvements
- Core - Renamed vault managers to vault owners; no changes to permission themselves
- Fixed access denied error when viewing a document without view password
- Fixed empty security tab on entries
- Fixed missing VPN tab on root entries
- Fixed password analyzer report not loading data correctly on vault changes
- Fixes missing view entries permission on custom roles
- Pushed back SSO domain verification to the 28th of November
- Various fixes and improvements
- Core - Favorites entries support
- Core - New restricted role can view vault without viewing all entries
- Core - Open PowerShell sessions in the Web via Devolutions Gateway (Preview)
- Core - Open RDP sessions in the Web via Devolutions Gateway (Preview)
- RDM - Added a system setting to force an application password on RDM
- Security - New setting to enforce number matching push notifications via Devolutions Workspace
- User settings - Added new user interface settings to hide expired, archived, or disabled entries
- Web - Added support for Access Code, Firearm and Vehicle entry types
- Web - Root entry is now editable and can contain attachments and documentation
- Authentication - SCIM synchronization date now reflects the actual synchronization date with the identity provider
- Authentication - SSO/SCIM configuration has been simplified and extracted the Domain Verification process to a separate tab
- Performance - Added batching for mass invite calls
- Performance - Improve drop-down loading times
- Adding an entry template in the system vault will no longer prompt a migration
- Adding or editing a license will now only allow uppercase
- Editing an entry will no longer always redirect to the overview tab
- Fixed missing view entries permission on custom roles
- Password Generator input in certain use cases would not allow entering numbers from the keyboard
- Various fixes and improvements
- Fixed PAM checkout errors when dates were formatted in ISO 8601
- Fixed temporary access with the new privilege operator role not providing the correct permission
- Various fixes and improvements
- Fixed filter and tags in the tree view not working
- Added domain validation prior to enabling SSO authentication
- Added support for plain text documentation pages
- Added a listing of entries upon clicking on vault dashboard counters
- Added a new privilege operator that can connect (execute) and view passwords
- Added a notification for unverified domains when using SSO
- New owner (large crown) and admin (small crown) icons
- New setting on vault dashboard widgets that automatically hide widgets without data
- Fixed a migration issue due to a faulty default value
- Fixed multiple issues with request or grant temporary access
- Increased the minimum compatible version of RDM to 2023.2.1
- Various fixes and improvements
- Fixed memory leak involving user cache
- Show Privilege Access section in Administration instead of hiding it without a license
- Core - Fixed generated password not being saved in entries
- Core - Fixed invalid data error when approving or denying temporary access requests
- Core - Ignored deleted entries from temporary access linked entries
- Fixed an issue where the status would remain in the 'Pending' state indefinitely when setting up Single Sign-On (SSO)
- Various performance improvements
- Fixed restoring deleted user vaults
- Added a system vault to share with everyone your contacts, VPNs, macros, scripts & tools
- Added user profiles to simplify the interface; choose between Business User and IT Professional
- Privileged access management (PAM) module which support resetting password on Azure Active Directory (Beta)
- Single Sign-On (SSO) with Okta now supported (SCIM coming soon)
- Users can see owners and request access to vaults via browse all vaults
- Vault managers can now grant temporary access to a user
- Redesigned the vault dashboard
- Submit a support ticket can now be restricted to administrators
- Temporary access request now detects linked entries automatically
- Temporary access request now supports a custom timeframe
- Correctly ignore application users in license count
- Correctly update the count of user invitation required after deleting an invitation
- Fixed entry dependency detection when moving an entry to another vault
- Fixed entry templates not shown in entry selector on first load
- Fixed PFX file that couldn't be saved as an attachment
- Various fixes and improvements
- Fixed template section being empty upon loading add new entry dialog
- Fixed grant temporary access showing all users instead of vault users
- Fixed no users available in some dropdowns when listing users
- Fixes an issue with user having no name after logging in
- Fixes an issue with wrong username shown when granting temporary access on an entry
- Fixes an issue with software license entry save button disabled
- Credit Card Entry, type of card validated by the numbers
- Credit Card entry: Possibility to add the card owner from a list of contact entries
- Entry information Tab: Hide Health and View Raw Data in triple dots (more)
- Entry Permissions - Now possible to add manager role that includes Temporary access approver and Force checkin
- Import - support file from Hub Personal
- Improved look & feel of entries status banners (Status message is now shown when hovering)
- Improved performance with high number of user groups
- Manage Vaults - Add an option to migrate all vaults if required
- SSO/Organization: Deleting a user Invitation, the synch user will be automatically return as a suggested invitation
- Web interface : Added options to Website URL right click : open link in new tab, in new window, in incognito window
- Comment on credential view - will not prompt when check HaveIbeenpwned
- Documentation - When copy/drag image straight into dialog can't see image after updating
- Entry Dashboard - Attachment tab count
- Fixes report an issue & request temporary access in other entry information tabs
- Grant Permissions - When add/edit, user/group can only be set in one role
- Make message clearer when license doesn't cover the qty of users
- Password Generator - Password length considers all fields even when they are disabled
- Password List - When a password is expired, shouldn't have flag/banner
- Powershell - Permissions - User don't appear in summary
- Powershell - Several fix's : New Entry add in root. Added Observer Role. View sensitive handle properly
- Report an issue - Disabled when user is not allowed to send messages (Fixes the access denied)
- Search - Include all field check - Fix in light theme
- Minor performance improvements with groups
- Migration - Fixed vault managers being saved as custom while migrating vaults
- Dashboard - Broken entries count was inaccurate; some entries were ignored
- Entries - Can't report an issue on entries without recipients anymore
- Entries - Fixed a blank security tab when a user was part of two or more groups
- Entries - Flag as closed after X days now updates the entry states too
- Licenses - Fixed an issue when registering new Hub Business licenses
- Vaults - Fixed adding a brand new vault as default vault
- Migration - Fixed hidden entry history item due to migration
- Migration - Fixed hidden password history item due to migration
- Migration - Fixed password keys being lost on rare occasions while migrating entries
- Tool - Multiple fixes with the new export / import tool
- An issue on an entry can now be reported to notify administrators
- New logs setting on entries to prompt for comment on credential viewed
- Web - New tool - Export data in a Devolutions JSON file
- Web - New tool - Import data from Devolutions JSON file
- *IMPORTANT CHANGE: For those who are SSO: we moved the OpenID and SCIM configuration directly in Hub Business. No more notion of Organization in Devolutions portal
- Custom fields hidden are now sensitive. User need'' View sensitive'' permission to reveal
- Disable user are now highlighted in grey
- Entry overview reorganize Information in tabs ( Document , Attachment, etc...)
- Handle better Error message when the Machine time is not sync with server
- Improved the dashboard to be customizable
- Sending Secure message will sent email notification to recipient
- SSO - Invitation code will be auto-filled when clicking on the invitation link
- SSO - Invitations can now be sent to a synchronized group
- SSO - User Invitation count is now updated as the user accept invitation as they log in the first time
- Web - Entry status are now editable from the entry overview
- Web - Improved various listing filters for better user experience
- Web - New release notes are now shown at first login
- Web - Password Template enforcement now show the template criteria's
- Web - Users can now change language from the user profile side menu
- Web - When moving or coping entries the parent destination focus automatically on the current vault
- Invitations list can now be filtered by clicking on columns
- Summary permission did not show right permission of user when out of his group
- Tool tip of Sync User group show actual group name
- Web - Software entry license expired now show in Expired list in dashboard
- Gateway Installation with PS script, certificate error when use .pfx at the end
- PowerShell - When export script, getting 423 error if checked out entries in vault
- Improve data dog logs with host and user agent
- Fix when disable Workspace/DWL option on Invitation Organization user
- Security Fix Fixed potentially risk of users with system wide permission could view other user vault
- We now support SSO Azure with provisioning
- Possible error when account has no name
- Intergrade Devolutions Gateway . A secure & just in time session access for RDM users
- User option to disable access with companion tools: Devolutions Workspace and Workspace browser extension
- Deprecate Password Hub Desktop, added a warning. Please use Devolutions Workspace Desktop
- Disable deleted user from SSO sync
- Filter search in current vault now shows child entries of folders
- Secure message UI improved. Add option, Mark as unread
- SSO sync with Azure AD issue with users not being link in their group
- Add an haveibeenpwned check in the entry overview password field
- Export PowerShell script now uses the RDM PowerShel Module
- New Status in User management - Re-Invitation required when User does a Forget password or Lost phone
- Error when sync with SSO provider due to IP allow list
- Get -SiemLogs with PowerShell
- Temporary Access approved detail, now view Requested duration and Authorized duration
- Various minor fix's
- Security issue that may cause an Error 403
- To improve performance on Entry search, default to search in name field. Added Advance search option to search in all fields
- Fix a nowrap text fields
- Fix a possible loosing View sensitive permission
- RDM License - Save license from "old" RDM to Hub server
- New Report : Temporary access request list per vault in all status
- Rename Sub connection to Sub entry. It is now a real entry and is now supported in Web interface
- SSO sync Azure User & User Group- (Beta feature)
- Edit user in User group tab, extend display
- Entry Documentation added new editor WYSIWYG
- Entry search include all full text in all entries.(username, description, tag. etc..)
- In web you can now set priority sorting display. Go to properties/ User interface
- Password list, alow copy host, username, domain
- Permissions - Added the view icon to display rights of each roles
- Report :Users Permissions can be also be for User groups
- Security Dashboard new UI
- UI adjustments
- Vault selector drop down display Default vault, Favorites & Recent if more then 10 vaults
- Vault selector- New submenu : set as default, set as favorite, Edit vault, Add new vault
- Fix Password Generator with custom fields not respected
- Security Fix with Application user
- Add a description field to the users and groups
- Add color on nb of user limits, to see when the limit is reached/soon reached
- Add icon View ( eye) near the Role when you assign permissions, In vault, system permission & entries
- As a Temporary access approver, you can change the duration before accepting the request
- Custom Fields - In raw data, add copy to clipboard / reveal button
- Deprecated "Website" type has been renamed "Website (legacy)", and "Web Browser" to "Website". Now only one type. Change the Setting of the Browser Extension for a dropdown
- Desktop App . Remember last chosen Hub
- Entry / Description, some entries missing expires section
- Reports - Deleted entry, label ''On'' will be replaced by "Deleted On"
- Safety Deposit entry - Missing box number in overview
- System Setting / SSO Authentification Add a Help link
- Temporary access banner, add Time remaining when its approved
- Vault selector UI - Single view with favorite , & recently viewed vaults when total vaults is more then 10
- Copy/Move - When creds linked in the same folder, cant move it to another vault
- Powershell - New-HubUser error
- Reports - Activity Logs/User Activity/Admin Logs/Deleted Entries, Fix user sort case sensitive
- Temporary Access - Approver list not sorted in alpha order
- When scroll up/down when assign Permission. user dropdown follows
- New permission: View Sensitive information, that is included in all Roles, except the new Role : Observer
- New Web UI
- Support ''FTP third party'' entry in the web
- Temporary access : User can request permission on an entry for a period of time . Approved by Admin User and any users that has the right of Approving temporary access
- Vault dashboard panel list in the root/vault only when has content
- Vault Dashboard- Expiring entries count change color + list entry in Expired entry List
- Warning added when Sensitive info is in clipboard memory . Question ask : Do you want to keep it
- Add a banner and flag to indicate the status of the entry. (Locked, Disabled, Warning, Expired)
- Add an expiration date to message sent with a default value of 7 days
- Improve the UI of custom fields to clarify the hidden vs text behavior
- Improve tree view navigation with keyboard arrows
- Improved sorting of lists so that the sorting is case insensitive without accents
- In the entry overview added the folder path information
- Release notes available in Tools
- Removed User vault from Vault selector in new UI
- Show users & user groups count under Roles in System, Vault, & Entry Permissions
- User Options - Allow Send mesasges - Added the OnlineHelp link
- Adding a private key fix
- Door Code value considered Password . Missing icon in entry overview
- Endpoint "Delete all entries permanently" returns null
- Entries imported from RDM shows password history in password analyzer report
- Entry History/Logs - When user swap from those sub-section to another vault without permission, access denied error
- Entry in Disabled status should not be "openable"
- Fix Software purchase date & Renewal date in Overview
- Missing Options with SSH Private Keys
- Password Analyzer report potential issue
- Reports - In users permissions, page customization / export
- Added security question in Website & Web Browser entries type
- Can now select multiple users or groups when assigning roles in System permission, Vaults & Entries
- Force SSO - When enabling, add a validate dialog that all users logged via dev account will be logged out
- In the Vault Permissions report, now shows user groups on the given vault
- System Setting Re-organization display
- UX change- Send Messages - Read Messages
- Add new user Email doesn't provide temporary password
- Assign product licenses. Check all user - error
- Emergency Kit PDF- Emergency Code wrong title
- Few labels not translated from English to French
- Add Administrator - After entering Email allow to click Enter to validate
- Export User Vault via PowerShell
- In permission summaries, show administrators as part of a group "Administrators"
- Pagination size selector for reports & tables. Kept in memory per device
- Password List - Add orange key beside ''Password '' Colum
- Server - Delete an opened entry server call should return 200 instead of 404
- User Activity report is now available to all users that has a User vault
- Web - Add a copy button for Website field
- Web - Entry expired status is now red
- Web -Add the list of Devolutions Account in the profile/user screen so that a user can switch account easily
- Web -Web Browser entry - Add ''Open in Launcher / RDM '' buttons
- Web - Copy an entry , fix change name
- Web -Remove Orange key icon from custom fields in overview
- Web -Sessions - When is running by you, should be able to flag as close
- Change the sender name in the invitation emails
- PowerShell - Handle "System Vault Permission" and '' Force SSO''
- SSO- For new user onbording, new storage method of there private key in a QR code format
- Add user & Invite Organization -User case sensitive on email validation if already exist
- Error If user have view password on entry but not on the inherited folder for OTP-
- Lock on Edit - When cancel edit, stays lock until refresh
- Password History - Error when trying to reveal sensitive
- Search Entry - When go to an entry via search, if its in the same vault you dont have any permissions
- Various OTP code view on entries
- In Edit User - Rename option - Allow offline in RDM
- Invite user rename to Add users
- New Add administrator user option
- SSO - Invite organization users - Validate if user already exist in Hub
- Support OTP config and display on session type entries in web
- Support OTP on Credential entry
- Vault dashboard - Add list of checkouts entries
- Activity report / Administration logs fix UI issue when select all messages
- Display the user group in System vault permission when assign
- Loop log on when Force SSO login option is set
- Password Analyzer - When selecting other vault for the first time, bring you back to User Vault
- Password Generator - generate button doesn't work
- Show OTP code of Web Browser entry type in overview
- Support OTP Mode and Handle source mode like in RDM
- Unsupported entries from RDM add the RDM icon to edit
- Users Permissions - Missing application users in list
- Add checkout / check-in feature on entries & lock when edit
- New Report ''User Permission'' global view per vault
- Multiple minor UI improvements
- PowerShell - Handle new properties - Send Message - System setting - SSO
- SSO - New Setting Enforce login with SSO
- SSO - Organization User invite, added a list of the Invitation sent
- Support FTP session entry on the Web Interface
- Can't save a document with Url or File mode
- Password History - When updating do not add log if not Password related
- PowerShell - Add server check to handle isAdministrator property
- SSO authentication with Azure AD through Devolutions account to access your Password Hub Business
- Support for entry type "Other (custom)"
- Can now copy an entry via Drag & Drop on the Copy icon or use keyboard key ''ctrl'' Drag and drop
- Create an entry from a template
- Define entry template from the current Add entry dialog. Choose "Save as Template"
- Desktop App - now select Hub URL before login
- New layout in the Add entry form. Organize by entry type + a search
- New link to access user account profile
- New sort of Tags in the dashboard and in the tag dialog. It is now alphabetical
- When Add entry double click on the Entry type to automatically open Edit form
- Created by the Application User use with PowerShell not set or visible on entry
- Entry Permissions - When manage permissions, be able to select users of the groups that have access
- Entry search should auto-focus in textbox
- Error when add RDM license in Password hub
- Breaking changes Validate Devolutions Launcher license usage
- Add a link in Vault management to go to System Vault permission
- Add button to View roles definition everywhere that you can assign roles
- Added OTP value validation
- System permissions has two specific rights: Manage Password Hub License & Manage Product license
- Fix secure message that is very long
- Fix Vault permission reports that shows invalid permissions link to a group setup
- Licenses Password Hub should not be authorize in the Product Licenses
- Password Hub PowerShell Module Improve & Fixes
- Various fixes and improvements
- New in System Permission. A system wide Vault permission applies to all vaults
- You can now change the Hub Ownership to an other administrator in User management
- You can now register your Password Hub Business License in the administration/Licenses menu
- Add new system permissions : Manage Product licenses + Manage Password Hub Licence
- Added a "Submit a support Ticket" button in user profile
- Added the export option for Licenses
- Search field must click ''X'' twice to exit dialog
- Manage RDM, RDM Modules & Launcher license in the Administration section
- Added an indicator to identify Hub Owner in the User management
- Show entry templates in administration (templates manage in RDM )
- Entry logs now show the move action with the vault name
- Possible issues from the Import process
- Corrected failed migration entry
- Move folder can't be in same folder
- Other minor fix's
- Add a system setting ''Force prompt login '' when re-accessing Hub
- Add an emergency key version number so that clients knows which one to pick
- Reduce permissions requirement to view reports : Entry security analyzer and Password analyzer. Just need '' View Password'' right
- Error 502- can't load Vault
- Mass Invite - When handling password, ''copy to clipboard'' buttons
- When generating password, wrong encryption key use
- Breaking changes Removed Tag & Category display
- Breaking changes Removed the setting ‘'Extended sessions'' since login sessions are kept within the browser with a device key
- Breaking changes Replaced SIEM (Syslog) setting with a PowerShell module function to fetch logs daily, weekly, monthly or simply all
- New permissions on entries by roles in Advanced view
- New tool to export vault content with PowerShell
- Permission view per entry
- Report: Entry health
- Report: User activity logs
- Security dashboard which scores your Hub settings in the Administration menu
- Added new filters in all reports and management screens
- Hub sessions will be kept on unless you manually lock the access to Hub: Added a device key
- Improved mass invite process flow
- Improved move entry with drag and drop + drag to trash
- Improved user invitation; Indicate if user has a Devolutions account or not
- Improved vault selector with Favorites & Recently used
- Login flow with device keys
- Many actions added in Activity logs + in which platform
- Performance
- RDM - Support shortcut entries
- System Setting: Enforce 2-step verification upon unlocking the access
- System Setting: Setting to disallow user vault
- Web - Support more entry types
- Web - Tools improved UI
- Web - UI multiple changes
- Desktop app - document fix
- RDM - Several adjustments when connected to Hub Business
- Web - Several other minor fixes
- Added a warning to monthly subscribers: Deprecating in September 2021, need to contact our sales team to change to yearly licenses
- Healthz calls are allowed even with IP restrictions enabled
- Minor fix to block entries with no name when imported
- Better message of access denied when user did a Forget password- need to be re invited
- Error when Import large entry
- License related issues
- Password Analyzer reports available to all users for there own user vault
- Saving entry from a message sent
- New credential type Azure Service Principal
- New system setting for Inactivity logout time
- New Yearly billing by licensing available
- Document entry a new View button in the overview
- For Website/Web Browser - view/copy OTP in overview
- New report Password Analyser vs Entry Security Analyser
- New setting in API key: Tenant ID
- Various minor fix's and improvements
- New : Offline mode feature with RDM
- New information entry type - Door code
- New Report- Password Analyzer
- New sessions entries supported in Hub Web SCP & SFTP
- Add "SSH Gateway (Jump Host)" to scp/sftp Sessions
- Add a reply feature in message received
- Add an entry status in the advance Entry information proprety
- Credentials - Add field for "one time use codes"
- Improved message in Activity logs
- Improved navigation tools : add a clear ( x) in filter & rename setting gear to ''Display Settings''
- Improved OTP visibility (Copy Username / Copy Password)
- Improvement - One Time Password UI
- Indicator sent to RDM where there are content in Attachment and Documentation link to Entry
- New icon (key) to identify Password vs Sensitive date
- Re-organize entry properties side menu: advance option at bottom
- Rename section in Website & WebBrowser Autofill for Custom controls
- UI - Add HTML Elements section in the Website & Web Browser session window
- All users with minimum permission are allow to reveal Sensitive data
- Fix permission: manage attchement and document is force when has Edit or Add entry permission
- Fix possible issue with User Invite
- Fix reveal issue with sessions private key included
- Fix some display issues in Vault Permissions