NEW FEATURES
Rebranding - New Look, to reflect "Devolution Cloud" name change
Rebranding - Rebranding, from Hub to Devolutions Cloud
IMPROVEMENTS
Administration - Added an "Enforce clear clipboard after copy" setting in System Settings for Workspace clients, with a configurable timeout period
Administration - Improved the Administration and Reports navigation and a cleaner overall UI layout
Administration - Moved high-risk destructive actions (including "Delete Hub") to a dedicated "Danger Zone" tab under System Settings to reduce the risk of accidental execution
Authentication - Added social login support for Hub accounts
Authentication - Added support for configuring multiple Single Sign-On (SSO) providers for a single Hub
Dashboard - Updated the dashboard UI to use consistent and clear terminology for custom widgets and default dashboards
Entries - Added the "Allow password in variable" security option for Username and Password credential
Entries - Improved the entry view so that the simplified view toggle remembers the user's last-used setting between sessions
Entries - Removed the inapplicable "Use Linked Host Credential" credential type option from host-type entries
Hub - Added support for reserved names in Hub Personal, allowing hubs to be accessed via a named URL path
Hub - Added the ability to reserve a unique hub name and subdomain across regions
Import/Export - Added the ability to export entries to an encrypted JSON file with a master password, including a deobfuscate option
Logs - Added the platform and product version as a field in Hub log entries, improving diagnostic capability
Logs - Added the platform and product version to the audit information displayed in the entry overview, making it easier to trace version-specific issues
PAM - Added an option on SSH PAM providers to use the provider account credentials for heartbeat connections, supporting environments where privileged accounts have SSH access disabled
PAM - Added checkout duration and requested JIT groups to the PAM checkout request email sent to approvers
PAM - Added multi-factor authentication (MFA) verification when launching sensitive entries
PAM - Added PAM support for the contractor user type
PAM - Added support for Devolutions Gateway rule sets on PAM providers
PAM - Added the ability for PAM operators to select group assignments from discovered accounts in scan results and automatically populate the JIT Elevation configuration
PAM - Added the JIT Authorization tab to Active Directory and Azure PAM entries to display the configured JIT groups for each entry
PAM - Improved the PAM checkout request message for approvers to display full checkout details with inline Approve and Deny actions
PAM - Improved the performance of EntraID account discovery when searching large groups
PAM - Restored a missing toggle switch in the PAM JIT account configuration
Password - Updated the Password Analyzer to remove the password strength bar and show only the occurrence count
Reports - Added a Contractor Users report page in the Reports section
Sessions - Added session recording support for PowerShell sessions
UI - Applied various minor UI improvements and polish across the application
UI - Restricted the file types allowed for insertion in documentation attachments to supported formats (PDF, GIF, images)
Users - Added an Authentication Type column to contractor reports
Users - Added automated email notifications sent to administrators when user or contractor accounts expire
Users - Added sorting and filtering by the "Last Used Device" field in the Users administration table, and improved the CSV export to include this field
Users - Improved the contractor user type with a user type column in the user list
Users - Improved the user table layout and responsiveness for small screen sizes
Various bug fixes and improvements
Vaults - Added an administrator-controlled setting to disable the export functionality for user vaults
Vaults - Added the ability to select and delete multiple vaults simultaneously, with a confirmation prompt before the action is executed
FIXES
Administration - Fixed a delay where binding an IP address to an Application Identity
Administration - Fixed issue where specific permissions assigned to admin users were not displayed in the permissions UI
Administration - Fixed the administration section tabs to be visible and accessible on small screens and mobile viewports
Authentication - Fixed an issue where removing the Force SSO setting via SRM could break hub access
Dashboard - Fixed an issue where creating a system dashboard widget with the correct permissions incorrectly returned an Access Denied error
Dashboard - Fixed multiple dashboard widget inconsistencies between RDM and Hub Web
Dashboard - Fixed multiple dashboard widget issues including synchronization between RDM and Web
Entries - Added support for configuring entries with single, multiple (fixed count), or unlimited simultaneous checkouts
Entries - Fixed an issue where the Logs tab showed no entries for users with the Contributor role when viewing a Username and Password credential entry
Entries - Fixed credentials to display correctly in the entry overview
Entries - Fixed OTP entries to support the colon (":") character in application and account name fields
Entries - Fixed the Security Settings tab to be visible for Contributor-role users in the credential entry edit dialog
Import/Export - Fixed a regression where the scrollbar and action button were missing on the final step of the import wizard, preventing completion
Import/Export - Fixed the "Create Folder" dialog in the Import window to consistently render icons and accept spaces in folder name input
Import/Export - Fixed the `-DeobfuscateSensitives` parameter in the PowerShell CSV export to correctly return passwords in clear text
Licenses - Fixed an incorrect assigned license count
Licenses - Fixed expired licenses in the Users Dashboard to be clearly visually distinguished from active licenses using a badge or color indicator
Licenses - Fixed the license assignment list to display both accounts when users are linked
PAM - Fixed an "Access Denied" error that occurred for users who received checkout or access request notifications for vaults they do not have access to
PAM - Fixed issue where PAM propagation PowerShell scripts were no longer visible in the configuration view
PAM - Fixed PAM accounts imported from RDM with "Inherited" account lifecycle policy to correctly display as "Inherited" instead of "Custom"
PAM - Fixed the Approve and Deny buttons to be correctly grayed out for the requesting user when the "Yes, Unless JIT" option is selected for own checkout approval
PAM - Fixed the Entry dropdown in the Checkout Requests report to display only PAM account names
PAM - Fixed the items-per-page display filter in the PAM account import window
PAM - Fixed the JIT provisioner username length limit to match Active Directory's 64-character limit instead of the previous 20-character cap
Password - Fixed sorting by occurrence count (descending)
Password - Fixed the "At Least" field for custom characters in the password generator to act as a minimum threshold, allowing the generator to include more than the specified minimum
Reports - Fixed the User Reports CSV export to include user tags
Sessions - Fixed a false "Unable to find the VPN session" error that appeared when selecting a Devolutions Gateway in VPN settings before saving an RDP entry
Sessions - Fixed an infinite loading state that occurred when entering incorrect credentials when opening a session in the web client
Sessions - Fixed an issue where deleting an SSH certificate would reappear after saving; deletions now persist correctly
Sessions - Fixed an issue where opening a session with no password in Hub web incorrectly prompted for a password before connecting
Sessions - Fixed an issue where SSH sessions failed to launch when credentials were set to "Inherited."
Sessions - Fixed clipboard redirection restrictions in web-based RDP sessions to properly enforce the disabled clipboard setting
Sessions - Fixed error that prevented launching a session when the Devolutions Gateway was set to "Inherited" from a parent folder
Sessions - Fixed session recording to work consistently in the user vault across both Hub Web and Remote Desktop Manager
Sessions - Fixed the VNC session view to remove the obsolete empty sidebar
Sessions - Fixed various UI issues in the Open in Web feature
UI - Fixed severoal translation issues
Users - Fixed a SCIM group assignment issue
Users - Fixed a UI bug where an invited user's email appeared twice in the list after sending an invitation
Users - Fixed connection status icons in the Users administration list to display at a consistent and correct size
Users - Fixed the Save button remaining grayed out when changing the offline mode field in the user administration edit dialog
