We are proud to announce Topicus KeyHub 35. This release brings a variety of smaller and larger improvements throughout the entire suite. One of the most notable changes is the use of a new icon set throughout the application. Of course we also made a lot of other important changes, such as a total overhaul of all permissions related to administration of linked systems and a new release of the browser extension.
TKH-2979
Topicus KeyHub 35 features a whole new icon set. These new icons are much cleaner and better blend in with the rest of the application. Also, this set allowed us to pick better matching icons in several occasions.
TKH-1237
TKH-1498
TKH-1749
TKH-2953
To encourage users to use longer, complex passwords, NIST recommends to allow users to show the password. This allows the user to verify the passwords while typing. This also makes it a lot easier to type a long password on a mobile phone. KeyHub now features a visibility toggle on almost all password fields. Not only does this help to user to type the correct password, it also gives a distinct look to password fields, preventing confusion.
Version 7.1.0 of the browser extension was released for all supported platforms. This version not only features the new iconset, it also includes a few bugfixes and improvements:
TKH-2568
The browser extension can now be used in an incognito window in Google Chrome and other Chromium based browsers.
TKH-2815
When many hits are found for a page, the fill popup now correctly selects the first.
TKH-2990
Input fields with type="text"
and autocomplete="current-password"
are now correctly detected as password fields.
TKH-2850
TKH-2851
TKH-2852
TKH-2853
TKH-2854
TKH-2911
TKH-2929
TKH-2970
TKH-2971
TKH-2972
TKH-2973
TKH-2974
All permissions and pages for administration of linked systems and applications were reviewed and re-aligned. Many small tweaks were made to allow the different roles involved with a linked system to view all data related to that system. Also, add buttons were added to all pages related to groups on systems. The large number of changes should make these pages more predictable and easier to work with.
The following larger and smaller improvements and bug fixes were made:
TKH-2756
TKH-2932
An error was fixed in our tool to generate licenses to better handle licenses with old or without features.
TKH-2807
TKH-2980
Our incoming SCIM endpoint now supports updates and deletes.
TKH-2859
It is now possible to connect groups on systems to access profiles for provisioning.
TKH-2880
Excessive logging in the OpenTelemetry Collector container was fixed.
TKH-2885
Our test infrastructure was improved to cleanup group memberships between tests.
TKH-2891
It is now possible to stream syslog over TLS when the certificate on the receiving end is not globally trusted.
TKH-2892
The group export on the auditing dashboard now also contains information about nested groups.
TKH-2893
The migration of the recovery fallback group to a setting under organisational unit was completed.
TKH-2906
TKH-2912
Many improvements were made to how the appliance managers shows and deals with updates when running in offline mode.
TKH-2910
It is now mandatory to provide the vault recovery key when using the KeyHub Administrator override to add a new manager to a group.
TKH-2927
KeyHub Administrators can no longer change the settings of the root organisation unit when it is owned by a different group.
TKH-2935
When requesting a new group, the placeholder is now correctly set when a user has multiple organisational units.
TKH-2936
The SCIM endpoint now gives correct HTTP status codes for errors.
TKH-2937
Via SCIM created accounts are now placed in a pending accounts directory.
TKH-2941
Vault record metadata (i.e. strength and whether it's a duplicate) is now also shared with auditors for sub organisational units.
TKH-2942
A check was added to prevent duplicate group names when using namespaces.
TKH-2943
Translations were fixed when adding a group to a service account.
TKH-2944
A permission check was fixed that prevented managers from creating launchpad tiles.
TKH-2945
TKH-2985
We now build with and for Java 21.
TKH-2946
It is no longer possible to nest a group directly in itself.
TKH-2949
The AWS integration now uses IMDSv2 for all calls.
TKH-2955
A missing translation was added on the node recovery page.
TKH-2959
An error was fixed in our test cleanup infrastructure.
TKH-2961
Tests were added to ensure all resources are properly filtered on all permission types.
TKH-2967
Notifications about old API versions being used can now be dismissed directly from the dashboard.
TKH-2968
All types of subject alternative names are now displayed for a certificate in the appliance manager.
TKH-2983
Invalid bind credentials will now cause a provisioned system to be reported as offline.
TKH-2984
An error was fixed when unfolding folders on the dashboard in multiple browser tabs at the same time.
TKH-2986
TKH-3009
An error was fixed that would prevent certain old requests from being cleaned up.
TKH-3000
Encrypted backups can once again be restored from during a fresh installation.
TKH-2880
TKH-3005
The opentelemetry collector container no longer spams in uncompressed log files.
TKH-3008
Serviceaccounts that have their password rotation scheme set to 'manual' will no longer be inadvertently rotated if their technical administrator group also administrates automatically-rotating serviceaccounts.
TKH-3017
Configuring the overload protection factor to be higher will now be picked up by the KeyHub application.