Announcement

FIXES Various bug fixes and improvements

FIXES Various bug fixes and improvements

IMPROVEMENTS [Entry] - Added a new entry type for storing Public Domain Name Registrar information [PAM] - Added a pending checkout icon in the tree view to make pending accounts easier to identify [PAM] - Added optional multi-factor authentication (MFA) on checkout [PAM] - Changed the Enable Password Field control on PAM accounts from plain text to a proper button [PAM] - Restored the loading indicator that displays while a heartbeat is running [PowerShell] - Updated the Hub client package in the PowerShell module so users can now disable and configure Force SSO through scripting [Session] - Added the ability to prompt for a VPN/SSH/Gateway connection at session launch FIXES [Dashboard] - Fixed long custom widget names overflowing their container in the web client [Dashboard] - Fixed missing outline around movable widgets when editing the dashboard in light theme so frames now appear consistently across all themes [Entry] - Fixed an Invalid data error when editing an existing attachment on an entry [Entry] - Fixed an issue preventing website entries from being updated when their name contained characters that are actually valid [Entry] - Fixed inconsistent logo sizing in the Brandfetch image selection so logos display at a uniform size [PAM] - Fixed a regression causing password reset and heartbeat checks to time out when the server and PAM Service used mismatched subdomain configurations [PAM] - Fixed a regression where automatic check-in was no longer performed by the PAM Service at the end of a checkout [PAM] - Fixed an invalid data error when saving a custom heartbeat or password rotation schedule with a frequency exceeding 60 minutes or 24 hours [PAM] - Fixed the global Password policy mode setting not being saved [PAM] - Fixed the JIT default group field showing a perpetual loading state in production where the feature is not supported [Password Management] - Fixed the Update button remaining greyed out when modifying a password policy [Reports] - Fixed the Provisioning Logs page failing to load with an Invalid data error and returning no results [Security] - Fixed an issue in the IP Allowlist where a single IP could not be added alongside the user's own IP [UI] - Fixed color and visual inconsistencies [User Management] - Fixed an infinite loading spinner that prevented non-admin users with delegated permissions from managing users and invitations [User Management] - Fixed non-admin users intermittently receiving an Access Denied prompt when accessing the Administration tab [User Management] - Fixed the Delete and Reinvite buttons not appearing for certain users [User Management] - Fixed the disabled Send invite button on the License step of the Invite Users wizard so invitations can be completed [Vault] - Fixed an issue where the Default Vault setting would not stick when toggled [Web Sessions] - Fixed several session close lifecycle issues for RDP, VNC, and ARD desktop web sessions [Web Sessions] - Fixed VNC and ARD web sessions becoming stuck on a frozen frame when a gateway or server connection was abruptly terminated

FIXES PAM - Fixed PAM service no longer automatically checkin Users - Fixed delete and reinvite user buttons may not be visible in certain circumstances Users - Fixed error when non-administrator users with delegation permissions try to manage invitations and users

IMPROVEMENTS Various bug fixes and improvements

IMPROVEMENTS Various bug fixes and improvements FIXES Entries - Can't update Website entry in certain circumstances Licenses - Correct label message when adding a license PAM - Fixed Password reset and Heartbeat check issue

IMPROVEMENTS Various bug fixes and improvements

NEW FEATURES Rebranding - New Look, to reflect "Devolution Cloud" name change Rebranding - Rebranding, from Hub to Devolutions Cloud IMPROVEMENTS Administration - Added an "Enforce clear clipboard after copy" setting in System Settings for Workspace clients, with a configurable timeout period Administration - Improved the Administration and Reports navigation and a cleaner overall UI layout Administration - Moved high-risk destructive actions (including "Delete Hub") to a dedicated "Danger Zone" tab under System Settings to reduce the risk of accidental execution Authentication - Added social login support for Hub accounts Authentication - Added support for configuring multiple Single Sign-On (SSO) providers for a single Hub Dashboard - Updated the dashboard UI to use consistent and clear terminology for custom widgets and default dashboards Entries - Added the "Allow password in variable" security option for Username and Password credential Entries - Improved the entry view so that the simplified view toggle remembers the user's last-used setting between sessions Entries - Removed the inapplicable "Use Linked Host Credential" credential type option from host-type entries Hub - Added support for reserved names in Hub Personal, allowing hubs to be accessed via a named URL path Hub - Added the ability to reserve a unique hub name and subdomain across regions Import/Export - Added the ability to export entries to an encrypted JSON file with a master password, including a deobfuscate option Logs - Added the platform and product version as a field in Hub log entries, improving diagnostic capability Logs - Added the platform and product version to the audit information displayed in the entry overview, making it easier to trace version-specific issues PAM - Added an option on SSH PAM providers to use the provider account credentials for heartbeat connections, supporting environments where privileged accounts have SSH access disabled PAM - Added checkout duration and requested JIT groups to the PAM checkout request email sent to approvers PAM - Added multi-factor authentication (MFA) verification when launching sensitive entries PAM - Added PAM support for the contractor user type PAM - Added support for Devolutions Gateway rule sets on PAM providers PAM - Added the ability for PAM operators to select group assignments from discovered accounts in scan results and automatically populate the JIT Elevation configuration PAM - Added the JIT Authorization tab to Active Directory and Azure PAM entries to display the configured JIT groups for each entry PAM - Improved the PAM checkout request message for approvers to display full checkout details with inline Approve and Deny actions PAM - Improved the performance of EntraID account discovery when searching large groups PAM - Restored a missing toggle switch in the PAM JIT account configuration Password - Updated the Password Analyzer to remove the password strength bar and show only the occurrence count Reports - Added a Contractor Users report page in the Reports section Sessions - Added session recording support for PowerShell sessions UI - Applied various minor UI improvements and polish across the application UI - Restricted the file types allowed for insertion in documentation attachments to supported formats (PDF, GIF, images) Users - Added an Authentication Type column to contractor reports Users - Added automated email notifications sent to administrators when user or contractor accounts expire Users - Added sorting and filtering by the "Last Used Device" field in the Users administration table, and improved the CSV export to include this field Users - Improved the contractor user type with a user type column in the user list Users - Improved the user table layout and responsiveness for small screen sizes Various bug fixes and improvements Vaults - Added an administrator-controlled setting to disable the export functionality for user vaults Vaults - Added the ability to select and delete multiple vaults simultaneously, with a confirmation prompt before the action is executed FIXES Administration - Fixed a delay where binding an IP address to an Application Identity Administration - Fixed issue where specific permissions assigned to admin users were not displayed in the permissions UI Administration - Fixed the administration section tabs to be visible and accessible on small screens and mobile viewports Authentication - Fixed an issue where removing the Force SSO setting via SRM could break hub access Dashboard - Fixed an issue where creating a system dashboard widget with the correct permissions incorrectly returned an Access Denied error Dashboard - Fixed multiple dashboard widget inconsistencies between RDM and Hub Web Dashboard - Fixed multiple dashboard widget issues including synchronization between RDM and Web Entries - Added support for configuring entries with single, multiple (fixed count), or unlimited simultaneous checkouts Entries - Fixed an issue where the Logs tab showed no entries for users with the Contributor role when viewing a Username and Password credential entry Entries - Fixed credentials to display correctly in the entry overview Entries - Fixed OTP entries to support the colon (":") character in application and account name fields Entries - Fixed the Security Settings tab to be visible for Contributor-role users in the credential entry edit dialog Import/Export - Fixed a regression where the scrollbar and action button were missing on the final step of the import wizard, preventing completion Import/Export - Fixed the "Create Folder" dialog in the Import window to consistently render icons and accept spaces in folder name input Import/Export - Fixed the `-DeobfuscateSensitives` parameter in the PowerShell CSV export to correctly return passwords in clear text Licenses - Fixed an incorrect assigned license count Licenses - Fixed expired licenses in the Users Dashboard to be clearly visually distinguished from active licenses using a badge or color indicator Licenses - Fixed the license assignment list to display both accounts when users are linked PAM - Fixed an "Access Denied" error that occurred for users who received checkout or access request notifications for vaults they do not have access to PAM - Fixed issue where PAM propagation PowerShell scripts were no longer visible in the configuration view PAM - Fixed PAM accounts imported from RDM with "Inherited" account lifecycle policy to correctly display as "Inherited" instead of "Custom" PAM - Fixed the Approve and Deny buttons to be correctly grayed out for the requesting user when the "Yes, Unless JIT" option is selected for own checkout approval PAM - Fixed the Entry dropdown in the Checkout Requests report to display only PAM account names PAM - Fixed the items-per-page display filter in the PAM account import window PAM - Fixed the JIT provisioner username length limit to match Active Directory's 64-character limit instead of the previous 20-character cap Password - Fixed sorting by occurrence count (descending) Password - Fixed the "At Least" field for custom characters in the password generator to act as a minimum threshold, allowing the generator to include more than the specified minimum Reports - Fixed the User Reports CSV export to include user tags Sessions - Fixed a false "Unable to find the VPN session" error that appeared when selecting a Devolutions Gateway in VPN settings before saving an RDP entry Sessions - Fixed an infinite loading state that occurred when entering incorrect credentials when opening a session in the web client Sessions - Fixed an issue where deleting an SSH certificate would reappear after saving; deletions now persist correctly Sessions - Fixed an issue where opening a session with no password in Hub web incorrectly prompted for a password before connecting Sessions - Fixed an issue where SSH sessions failed to launch when credentials were set to "Inherited." Sessions - Fixed clipboard redirection restrictions in web-based RDP sessions to properly enforce the disabled clipboard setting Sessions - Fixed error that prevented launching a session when the Devolutions Gateway was set to "Inherited" from a parent folder Sessions - Fixed session recording to work consistently in the user vault across both Hub Web and Remote Desktop Manager Sessions - Fixed the VNC session view to remove the obsolete empty sidebar Sessions - Fixed various UI issues in the Open in Web feature UI - Fixed severoal translation issues Users - Fixed a SCIM group assignment issue Users - Fixed a UI bug where an invited user's email appeared twice in the list after sending an invitation Users - Fixed connection status icons in the Users administration list to display at a consistent and correct size Users - Fixed the Save button remaining grayed out when changing the offline mode field in the user administration edit dialog

IMPROVEMENTS Various bug fixes and improvements

IMPROVEMENTS Various bug fixes and improvements for PAM

FIXES PAM - Various bug fixes and improvements for PAM

FIXES Various bug fixes and improvements

Tell us what you think! For external users who only need limited, time-bound access, the Contractor user type offers a simpler way to get them connected without treating them like regular internal users. In Devolutions Hub Business , contractors can be invited by email, start with a temporary password, and use a lighter web interface, the compact mode , to open sessions quickly and securely. How are you handling contractor or vendor access today? Would this fit your needs, or is something missing? Try it out and share your thoughts in the comments! [image]

IMPROVEMENTS Translation, various bug fixes and improvements

IMPROVEMENTS Various bug fixes and improvements

IMPROVEMENTS Various bug fixes and improvements

FIXES Various bug fixes and improvements

FIXES Various bug fixes and improvements

FIXES UI displays user twice on invite Various front end issues with the widget/dashboard

NEW FEATURES Core - Added custom vault dashboard widgets with reordering Core - Added new Contractors account type with expiration date support Licenses - Simplified license assignment IMPROVEMENTS Core - Added a credential selection prompt when launching a web session configured with "Prompt on connection" for linked vault credentials Core - Added support for importing entries from .rdm files and exporting entries to .rdm format Core - Added tag inheritance to automatically propagate to all contained entries Core - Added the ability to restore soft-deleted hubs directly through Portal Core - Added the ability to set a display sort priority on vaults Core - Removed the user interface profiles feature Core - Update some semantics and translation Entries - Added support for SSH key certificates Entries - Added support for SSH terminal and SSH port forward connections using credentials stored in linked external vaults Entries - Added support for using Linked (External Vault) credentials as an OTP Entries - Fixed an issue preventing entries from being opened when credentials were configured through User Specific Settings PAM - Added a "Skip TLS validation" option in PowerShell Settings PAM - Added an administrator setting to configure the default behavior for automatically checking in a PAM account when an entry is closed PAM - Improved PAM checkout failure error messages Password Generator - Added an "Exclude ambiguous characters" option to the Password Generator FIXES Core - Fixed - Administration - Logging option visibility PAM - Fixed a validation issue allowing PAM approvers to set a checkout duration below the enforced minimum of 10 minutes PAM - Fixed administrators to configure risk levels for Active Directory / roles and groups PAM - Fixed an issue preventing additional groups from being added to the JIT list in an OU when a group was already selected PAM - Fixed an issue where service failed to start automatically after a machine reboot PAM - Fixed an issue where the "Test Connection" button on a PAM provider was disabled PAM - Fixed an issue where the JIT group name appeared duplicated in the PAM checkout PAM - Fixed an issue where the PAM service token was not being properly enforced when launching sessions via the Gateway using "Open in Web." PAM - Fixed an issue where the password stored in a PAM Propagation Configuration could not be viewed after the configuration was saved PAM - Fixed JIT group selection to include groups located in the Active Directory Built-in organizational unit PAM - Fixed Linux privilege sets section not appearing for local user SSH providers PAM - Fixed PAM task endpoint permissions (infinite loading or access denied errors) PAM - Fixed service updates on Docker to use a simple container restart instead of requiring the Devolutions Agent service PAM - Fixed the default checkout policy indicator not appearing in the PAM accounts list column PAM - Fixed the default checkout policy not being automatically pre-selected in checkout policy PAM - JIT Provisioner account improvements Various bug fixes and improvements

IMPROVEMENTS Various bug fixes and improvements

FIXES Administration - Resolve logging icon visibility issue Licenses - Correct license labels that could cause confusion Various bug fixes and improvements

FIXES Minor bug fixe and improvement

IMPROVEMENTS Core - Added a Verify Account option in the account chooser for improved account management Core - Moved the reset favorites button to the footer for improved user interface organization Core - Removed the User Interface Profiles feature from the application Entries - Add entry tags inheritance from system settings, root to entries Entries - Deprecate entry - Deprecated the Crypto Wallet entry type from the system PAM - Added admin configuration option to set the default behavior for automatically checking in PAM accounts when closing entries FIXES Entries - Fixed an issue where entries could not be opened when credentials were set from User Specific Settings PAM - Fixed missing TriggerType value in webhook payloads for PAM events Various bug fixes and improvements

FIXES Better error handling occurs in certain localization validations