Release notes

Learn about new features, enhancements, and fixed issues in 10Duke Enterprise releases.

If you need release notes for other releases, go to the release’s documentation site from the top toolbar.

For release notes for releases prior to 3.23.0, contact the 10Duke Integration Support team.

---

Release 3.30.1

Release date: April 8, 2024

The release includes minor security improvements. We recommend updating to this release.

---

Release 3.30.0

Release date: October 9, 2023

10Duke Login Application

Enhancements:

• 100% localization in all supported languages.

• The base font has been updated to Source Sans 3 (sans-serif).

10Duke OrgAdmin

Enhancements:

• 100% localization in all supported languages.

• The base font has been updated to Source Sans 3 (sans-serif).

---

Release 3.29.1

Release date: September 29, 2023

This release provides backend fixes:

• A fix in event sending: read events were sent even when not enabled in the deployment configuration.

• Releasing a seat reservation now correctly releases also a blocking made for the seat.

---

Release 3.29.0

Release date: September 15, 2023

10Duke Identity Management REST API v1.8.1

Enhancements:

• New configurations to control how user data can be queried from the system:

  • The maximum number of users who can be retrieved with a single query is now configurable. The default limit is 250.

    If the API request’s limit header parameter exceeds the configured value, an error is returned.

  • There is also a configurable maximum user count up to which users can be queried. The default limit is 5000.

    For example, if the API request’s limit header parameter is set to 250 and offset to 4750, the request is allowed, because the last returned user is the 5000th in the sorting order. If you increase the offset value, the last returned user goes past the 5000 limit and an error is returned.

  If you need configuration changes, contact the 10Duke Integration Support team.

• Improvement in the event sending configuration. If event sending is currently enabled in your 10Duke Enterprise deployment, now events will be sent also from the Identity Management REST API.

• API reference documentation improvements

10Duke Entitlement Management REST API v2.8.0

Enhancements:

• A new endpoint /organizations/{orgId}/entitlements/{entId}/licenses/{licenseId}/clients/{clientId}/assignments for managing seat assignments for a device client (assign or release a seat reservation, or block or unblock a license) and for retrieving a device client’s assignments.

  This enables the use of license models with named seats for device clients.

• A new endpoint /clients/{clientId}/available-licenses for retrieving the organization licenses that a device client is authorized to use.

• A new endpoint /clients/{clientId}/license-usage for retrieving the licenses that a device client is currently consuming or has a seat reservation to.

• The following keywords are now supported in path parameters when making API requests for the current user or device client:

  • me in place of a user ID, as in /users/me/available-licenses

  • this in place of a client ID, as in /clients/this/license-usage

• When retrieving the license usage of a user or a device client, the response now also contains the client application version of the license lease.

• Improvement in the event sending configuration. If event sending is currently enabled in your 10Duke Enterprise deployment, now events will be sent also from the Entitlement Management REST API.

10Duke SysAdmin

Enhancements:

• Backend support for device licensing in SysAdmin.

• The users table now also displays the unique ID of the user, which is needed in the API path when calling some of the 10Duke API endpoints. You can show and hide the column from the Columns list, and filter the table based on the ID.

• Improvement in the event sending configuration. If event sending is currently enabled in your 10Duke Enterprise deployment, now events will be sent also from SysAdmin.

10Duke OrgAdmin

Enhancements:

• The OrgAdmin user can now release a user’s license leases for licenses they are currently consuming. If they’re removing a user from the organization using the Remove from organization feature, they can also select whether to release that user’s license leases to the organization’s licenses.

  Releasing a license lease may be useful with seat-based licenses, for example, if there’s a need to make a seat available to other users. With licenses that have either use count or use time credit, releasing an active license lease doesn’t impact the license availability, and no credit is returned.

  In the same way as when releasing a license lease using SysAdmin, the client application is able to continue using the license token until it expires or the client application tries to refresh it. This means another user is able to start consuming the same license seat at the same time.

  The feature requires extra permissions to be defined for the OrgAdmin user.

  The license lease release feature in OrgAdmin is by default disabled in the 10Duke Enterprise configuration. If you want this feature enabled, contact the 10Duke Integration Support team.

Bug fixes:

• A fix in the Remove from organization feature that failed in some cases (depending on the license model), for example, if the user had an active license lease but no seat reservation.

10Duke Login Application

Enhancements:

• You can now request for the authenticated user’s permissions using the new custom scope https://apis.10duke.com/auth/openidconnect/client_permissions, which returns the client_permissions claim in the ID token and the UserInfo response.

• It’s now configurable whether someone is allowed to register as a user in 10Duke Enterprise if their email address belongs to a domain that has been delegated to an external identity provider (with the Assigned Email Domains setting defined for the OIDC or SAML connection). By default, registration is not allowed.

• Optimization in user data queries.

---

Release 3.28.1

Release date: July 7, 2023

This release fixes an issue that prevented configuring permissions for device licensing in organization scope.

---

Release 3.28.0

Release date: July 6, 2023

This release introduces API support for device licensing.

With device licensing, you can allow end users to access your licensed software application without having to register. The license is consumed by the device (a machine or PC) on which the software is running, and the end users using the software don’t need user accounts in the system.

In practice, each device is defined in the system as an OAuth client that belongs to a specific organization and has authentication credentials specific to the device hardware. The device client authenticates itself to 10Duke Enterprise using the OAuth client credentials grant flow to get an access token for authorizing API access.

Device clients are created in 10Duke Enterprise by invitation, and you authorize them to consume licenses using device client groups, in the same way as users are authorized using user groups.

The release also includes minor security improvements addressing false positives. We recommend updating to this release.

10Duke Identity Management REST API v1.8.0

Enhancements:

• New endpoints for managing clients associated with an organization (device clients):

  • /organizations/{organizationId}/clients: Create a new device client and associate it with an organization, retrieve information on device clients, and replace the details of a device client.

  • /organizations/{organizationId}/clients/{clientId}: Retrieve a device client and delete a device client.

  • /organizations/{organizationId}/clients/{clientId}/set-secret: Define the client secret for a device client.

• New endpoints for managing clients not associated with an organization (which you can also manage in SysAdmin), such as client applications and third-party systems:

  • /clients: Create a new client, retrieve clients, and replace the details of a client.

  • /clients/{clientId}: Retrieve a client and delete a client.

  • /clients/{clientId}/set-secret: Define the client secret for a client.

• New endpoints for managing device client groups:

  • /organizations/{organizationId}/client-groups: Create a new device client group for an organization, retrieve an organization’s device client groups, and replace a device client group’s details.

  • /organizations/{organizationId}/client-groups/{groupId}: Retrieve an organization’s device client group and delete one.

  • /organizations/{organizationId}/client-groups/{groupId}/clients: Add and remove device clients to and from a device client group, retrieve device clients that belong to a device client group, and replace the device clients that belong to a device client group.

  • /organizations/{organizationId}/client-groups/{groupId}/clients/{clientId}: Add and remove a device client to and from a device client group, and retrieve a device client that belongs to a device client group.

• New endpoints for managing invitations to device client groups:

  • /organizations/{organizationId}/client-group-invitations: Create a new invitation for a device client to join a device client group, and retrieve invitations to an organization’s device client groups.

  • /organizations/{organizationId}/client-group-invitations/{invitationId}/send: Send an existing invitation to a device client group.

  • /organizations/{organizationId}/client-group-invitations/send: Create and send a new invitation to a device client group.

  • /organizations/{organizationId}/client-group-invitations/{invitationId}/create-token: Create a new token for an invitation to a device client group.

  • /organizations/{organizationId}/client-group-invitations/{invitationId}/revoke: Revoke an invitation to a device client group.

  • /organizations/{organizationId}/client-group-invitations/{invitationId}: Retrieve an invitation to a device client group and delete an invitation.

• New endpoints for accepting and declining invitations to device client groups:

  • /client-group-invitations/accept: Accept an invitation to a device client group.

  • /client-group-invitations/decline: Decline an invitation to a device client group.

10Duke Entitlement Management REST API v2.5.0

Enhancements:

• New endpoints for managing the authorization of device client groups to access licenses in an organization’s entitlements:

  • /organizations/{orgId}/entitlements/{entId}/consuming-client-groups/: Retrieve device client groups that are authorized to access the licenses in an entitlement, and replace the authorized device client groups of an entitlement.

  • /organizations/{orgId}/entitlements/{entId}/consuming-client-groups/{groupId}: Authorize a device client group to access the licenses in an entitlement, and remove a device client group’s authorization to an entitlement.

  • /organizations/{orgId}/client-groups/{groupId}/consumed-entitlements: Retrieve entitlements that a device client group is authorized to access licenses from, and replace the entitlements that a device client group is authorized to access.

  • /organizations/{orgId}/client-groups/{groupId}/consumed-entitlements/{entId}: Add authorization to an entitlement for a device client group, and remove the authorization to an entitlement from a device client group.

• Additions and changes related to deactivating (suspending) and activating licenses:

  • For organization licenses:

    • The /organizations/{orgId}/license-transactions/{transactionId}/cancel endpoint has been replaced with /organizations/{orgId}/license-transactions/{transactionId}/suspend-licenses, which deactivates the organization licenses that were created with a specific transaction.

    • A new endpoint /organizations/{orgId}/license-transactions/{transactionId}/resume-licenses is available for for activating the suspended organization licenses related to a specific transaction.

  • For personal licenses:

    • The /users/{userId}/license-transactions/{transactionId}/cancel endpoint has been replaced with /users/{userId}/license-transactions/{transactionId}/suspend-licenses, which deactivates the personal licenses that were created with a specific transaction.

    • A new endpoint /users/{userId}/license-transactions/{transactionId}/resume-licenses is available for for activating the suspended personal licenses related to a specific transaction.

Bug fixes:

• User profile data has new validFrom and validUntil fields that indicate the validity of a user profile.

• Querying the user’s license usage now correctly returns also the user’s email address.

Other:

• The version query parameter has been removed from the /users/{userId}/available-licenses endpoint for querying a user’s available licenses, because it is not yet fully supported.

10Duke SysAdmin

Enhancements:

Bug fixes:

• Creating a new client role no longer fails with an error.

• Other minor fixes.

10Duke OrgAdmin

Enhancements:

• There’s a new configurable filter options menu available in the user, invitation, and license tables for filtering items by status. All the filters can be configured to be on or off by default, or filters can be disabled to remove them from the view.

• The invitation table has new columns that display the start and end dates of the invitation validity. Like other columns, they can be configured to be shown or hidden by default, or disabled to remove them from the view.

• A new status “Expired” is now used for invitations that are no longer valid and haven’t been accepted, declined, or revoked.

Bug fixes:

• The license table now correctly shows the total number of seats as unlimited when applicable, instead of showing an empty value.

• Fixed resolving the license model as floating or named.

• Improved the data loading of licenses.

• Minor fixes.

10Duke Login Application

Bug fixes:

• Overriding flow default setting for grant refresh token allowed confidential clients to refresh token without providing the client secret.

---

Release 3.27.2

Release date: June 27, 2023

10Duke Login Application

Bug fixes:

• User agreement acceptance bug fixes.

• Other minor fixes.

---

Release 3.27.1

Release date: June 9, 2023

The release includes minor security improvements. We recommend updating to this release.

10Duke Entitlement Management REST API v2.3.0

Bug fixes:

• License seat assignments are now correctly returned when retrieving a user’s available licenses (GET /users/{userId}/available-licenses).

10Duke OrgAdmin

Bug fixes:

• Minor fixes.

10Duke Login Application

Bug fixes:

• Changing the language no longer requires the user to accept user agreements again.

---

Release 3.27.0

Release date: June 5, 2023

10Duke Identity Management REST API v1.7.0

Enhancements:

• When retrieving a user’s user groups (GET /users/{userId}/organization-groups), you can use the new query parameter organizationId to limit the query to a specified organization’s user groups.

• The API operation for retrieving permissions (GET /permissions) provides a new query parameter domain. By specifying domain=organization, you can limit the query to permissions that are used in the organization domain and can be managed by 10Duke OrgAdmin users.

• API reference documentation improvements

Bug fixes:

• Minor fixes.

10Duke Entitlement Management REST API v2.2.0

Enhancements:

• New API operations for retrieving information on product packages:

  • GET /products for retrieving product packages. You can filter the query based on the full or partial name of the product package.

  • GET /products/{productId} for retrieving a product package based on the product package ID.

• Retrieving the licensed items in a product package (GET /products/{productId}/product-items) now also returns the names of the licensed items. The fields that contain information on the allowed versions of the client application have also been renamed as allowedVersions and allowedVersionsDescription.

• A new operation GET /users/{userId}/license-usage/ is available for querying the license usage of a specific user. The response contains information on the licenses that the user is currently consuming or has a seat reservation for.

Bug fixes:

• When retrieving a user’s available licenses (GET /users/{userId}/available-licenses), the onlyValidLicenses query parameter now correctly filters out also invalid licenses.

• Updated permissions required for calling GET /users/{userId}/available-licenses/ to query a user’s available licenses.

• Session anchors are now correctly returned in the response when retrieving the current usage of a license (GET /organizations/{orgId}/entitlements/{entId}/licenses/{licenseId}/usage).

10Duke SysAdmin

Enhancements:

• You can now define a connection to a client application using the OAuth client credentials grant flow with the new Client Credentials Grant option in Allowed OAuth 2.0 flow.

  See how to define a connection in SysAdmin and how to implement the connection in your client application using this flow.

  For background, see information on the supported authentication flows.

• When you add licensed items to a product package, they are now by default set to use the same license model as the product package. Like before, you can select a different license model per licensed item in their advanced settings.

  Editing the product package also provides a new feature where changing the license model at the product package level prompts you to choose whether to apply the same license model change to all the licensed items as well.

• The Entitlement dashboard has a new look and feel and the displayed data has been updated.

• In IDENTITY > Organizations, you can now search an organization’s invitations by the recipient email.

• In IDENTITY > Organizations, the obsolete Settings tab for an organization has been removed.

Security:

• The version includes minor security improvements. We recommend updating to this version.

Bug fixes:

• When you’re granting use time for a license in seconds, the granted time is now calculated correctly in seconds instead of milliseconds.

• In ROLES AND PERMISSIONS > Organization roles, the search now works correctly when using uppercase letters.

• In IDENTITY > Federation, the client key in the table now has the correct label Client key.

• Other minor fixes.

10Duke OrgAdmin

Enhancements:

• The OrgAdmin user can now hide inactive and invalid licenses in views that list licenses.

• The OrgAdmin user can now also specify the allowed software version when they download a license token. If you want this feature enabled, contact the 10Duke Integration Support team.

• The license management view now shows a license with status “Scheduled” if the validity start date is in the future.

• OrgAdmin now autodetects the user’s language based on the browser settings, if the language isn’t requested as part of the URL and the user hasn’t selected a preferred language in OrgAdmin. The autodetection is by default enabled in your 10Duke Enterprise configuration. Contact the 10Duke Integration Support team if needed.

  OrgAdmin also now stores the user’s selection of the preferred language in the browser and remembers the selection for future sessions.

• Improved the error message when the OrgAdmin user tries to release a seat reservation and the license model doesn’t allow it.

Security:

• Breaking: The OAuth flow used for OrgAdmin access has been changed from the implicit grant flow to the authorization code grant flow with Proof Key for Code Exchange (PKCE).

  Note: Make sure to update the authentication flow of your OrgAdmin client application in SysAdmin: if Allowed OAuth 2.0 flow is set to Implicit Grant, change the value to Authorization Code Grant with PKCE.

Bug fixes:

• Consumption data is now correctly displayed for licenses that are being consumed.

• Other minor fixes.

10Duke Login Application

Enhancements:

• Support added for using the OAuth client credentials grant flow when connecting to client applications. You can use this flow when your client application doesn’t involve any user, for example, with integrations or device-based licensing.

  See how to define a connection to a client application on the SysAdmin side and how to implement the connection in your client application using this flow.

  For background, see information on the supported authentication flows.

• Support added for sending events to AWS Kinesis Firehose.

Bug fixes:

• Minor fixes.

---

Release 3.26.0

Release date: May 2, 2023

10Duke Login Application

Enhancements:

• Support added for the OIDC login_hint parameter for client applications and external identity provider redirects.

  This allows the party requesting authentication to provide the user’s email address in the login_hint parameter, and the system providing the authentication service can use it to automatically populate the email address field so the user doesn’t have to fill it in again.

  The parameter is not available for JWT bearer token authorization grant and password grant flows. The parameter can also be used by client applications authenticating using SAML.

• Support added for a flow parameter for client applications requesting authentication using OIDC and SAML. (Not available for the JWT bearer token authorization grant and password grant flows.)

  This allows the client application to request whether to open the login or registration page for the user. If not specified, the login page is opened.

Bug fixes:

• Fixed a client login redirect loop when the client application’s OIDC connection in SysAdmin has an incorrectly configured login callback URL.

• If the user has logged in with SAML using an external identity provider, and they are then logged out from the identity provider as part of a single logout (SLO) process started from the client application, the user is now correctly redirected back to the client after the logout instead of the 10Duke Enterprise login page.

• Fixed the performance of agreement handling in larger user databases.

---

Release 3.25.1

Release date: April 19, 2023

10Duke Login Application

Bug fixes:

• A fix related to the login session not being cleared correctly when removing authentication by an external identity provider.

---

Release 3.25.0

Release date: April 14, 2023

10Duke Identity Management REST API v1.6.3

Enhancements:

• The recipientIsNewUser field in user invitations has been deprecated. The memberStatus field is used instead to indicate if the user is a new user.

10Duke Entitlement Management REST API v2.0.0

Enhancements:

• Breaking: The schema of effectiveLicenseModel has changed. If the includeEffectiveModel parameter is included on the client side, the schema must be regenerated for client-side validation.

• The includeEffectiveModel query parameter can be used to include license model details in the response for the following operations that return licenses:

  • Get the licenses available to a user (GET /users/{userId}/available-licenses)

  • Get the current usage of a license (GET /organizations/{orgId}/entitlements/{entId}/licenses/{licenseId}/usage)

  • List the licenses in an entitlement (GET /organizations/{orgId}/entitlements/{entId}/licenses)

  • Move a license to another entitlement (PUT /organizations/{orgId}/entitlements/{entId}/licenses/{licenseId}/move/{destEntId})

• GET /users/{userId}/available-licenses also provides a new onlyValidLicenses query parameter for filtering out expired and invalid licenses.

Security:

• The version includes minor security improvements. We recommend updating to this version.

Bug fixes:

• Minor fixes.

10Duke SysAdmin

Enhancements:

• The Identity dashboard has a new look and feel and the displayed data has been updated.

Bug fixes:

• Minor fixes.

10Duke OrgAdmin

Enhancements:

• Updated to take into use the Entitlement Management REST API v2.0.0.

10Duke Login Application

Enhancements:

• The user cannot skip optional agreements anymore, they have to either accept or decline them.

• If you have implemented your own custom Login Application, you can now request data from 10Duke Enterprise on how the user has handled the user agreements. For information on custom implementations, contact the 10Duke Integration Support team.

• When external identity providers are used for user authentication, your client application is now able to request which specific external identity provider the authentication request should be redirected to. This requires an update in your system configuration. Contact the 10Duke Integration Support team for more information.

Security:

• The version includes minor security improvements. We recommend updating to this version.

Bug fixes:

• The JWT bearer token authorization grant flow didn’t allow multiple values in the ID token’s aud claim.

• Fixes related to user agreements.

---

Release 3.24.4

Release date: March 21, 2023

10Duke Login Application

Enhancements:

• Support added for prompting the user to accept required and optional agreements (for example, terms and conditions, or a newsletter preference) as part of the registration flow.

• Support added for prompting the user to accept new, updated, or pending agreements as part of the login flow.

• Support added for end users to view and manage their consent to agreements in the User Profile views.

• Added an I have already validated my email button to enable the user to continue from the the email validation screen. This is to better support use cases where the user validates their email address, for example, using a different browser from the one where they started the registration and email validation process.

• When customizing the Login Application UI, you can now enable or disable all animations.

• The user can now toggle the visibility of their password input in different views, for example, during registration or when resetting their password.

Bug fixes:

• Minor fixes

---

Release 3.24.3

Release date: March 9, 2023

The release includes minor security improvements. We recommend updating to this version.

10Duke Identity Management REST API v1.6.2

Enhancements:

• If you create a new organization role using the createOrganizationRole operation (POST /organizations/{organizationId}/organization-roles) and use impliedOrganizationRoleId to grant permissions based on an implied role, you can now also specify an organization role ID, and not only a template ID.

10Duke SysAdmin

Enhancements:

• You can now also include the software version information before downloading a license token.

• When changing the allowed versions for an organization’s license, the dialog also now allows editing the display name for the versions.

Bug fixes:

• You can no longer create a product package with a name or display name that only contains whitespaces. Any leading and trailing whitespaces are also now removed from the values.

• Other minor fixes

---

Release 3.24.2

Release date: February 28, 2023

10Duke Login Application

Enhancements:

• When the user logs out in one browser window, they’re now automatically logged out also in the other windows they have open.

• Updated UI translations to fully cover all supported languages.

10Duke OrgAdmin

Enhancements:

• When the user logs out in one browser window, they’re now automatically logged out also in the other windows they have open.

• The option to download a license token is now enabled for all valid licenses and users. Earlier the logic that determined when a license token download can be attempted was linked to license seat availability, which includes seat reservations. This meant that when no seats were available, you were unable to download a license token for a user who had a seat reservation.

• If a user group is deleted, a user’s seat reservations are now released for the licenses they lose access to.

• Updated UI translations to fully cover all supported languages.

Bug fixes:

• Fixed issues with updating user listings after a user has been removed from an organization as a result of an API call.

• Small bug fixes, and some updates related to deprecated dependencies.

---

Release 3.24.1

Release date: February 3, 2023

10Duke SysAdmin

Bug fixes:

• This release fixes a number of small bugs

---

Release 3.24.0

Release date: January 26, 2023

10Duke Identity Management REST API v1.6.1

Enhancements:

• Extended the /organizations/organization-setup operation to support the creation of a default Entitlement and related LicenseConsumerRelations.

Bug fixes:

• A success response not specified for the getOtpCredential operation.

• QR code expansion fails with the createOtpCredential operation.

• Updating the email value of an existing user using the /users/import operation with the parameter "allowUpdateExisting": "true" returns "error": "resource_already_exists". The error response has been updated to "error": "invalid_argument" with "error_description": "Cannot change email address using this API", because this operation doesn’t allow updating the user’s email. Use the user operation /user/changeEmail instead.

10Duke Entitlement Management REST API v1.3.0

Security:

• The release includes minor security improvements. We recommend updating to this version.

10Duke SysAdmin

Bug fixes:

• Editing the name of an organization group on the entitlements page cause the group to be deleted.

---

Release 3.23.4

Release date: January 18, 2023

10Duke SysAdmin

Bug fixes:

• Fixed a multiselect error on the organization licenses page.

---

Release 3.23.3

Release date: January 11, 2023

10Duke Login Application

Bug fixes:

• Fixed an issue with an unconfigured redirect URI error handling for the PKCE flow.

---

Release 3.23.2

Release date: January 4, 2023

10Duke SysAdmin

Bug fixes:

• Fixed how the partial search works on the users page.

---

Release 3.23.1

Release date: January 2, 2023

10Duke Login Application

Enhancements:

• Updated the build target from Java 8 to Java 11.

• The insufficient_authentications error allows continuing the user login after authentication has been completed.

• Added OpenAPI info.

• Disabling the access token request rate limiter doesn’t work. Improved the parsing of invalid redirect URIs when using wildcards for the port number.

• Update json-path to version 2.7.0.

• Added support for alternative emails and changing the login email.

• Added version information to build output.

• Added a runtime API version compatibility check.

• Added a spinner for external redirects.

• Added error handling to login.

• Added configurable auto logout for idle users.

• Blocked external redirects for login processes where the browser is switched mid-process.

• Improved the usability in email validation.

• Updated the configuration version and added configuration version migration.

• Updated the German translation.

• Moved the monospace font to the branding CSS.

Security:

• The release includes minor security improvements. We recommend updating to this version.

Bug fixes:

• Logout from the profile page with a federated login if no single sign-out URL has been configured.

• A GET request to resource owner password grant exposes the stack trace.

• NPE with invalid device_code when accessing the OAuth 2.0 token endpoint.

• Fixed the UI for resetting the password when already logged in.

• Fixed an issue with a page not found route.

• Fixed issues with sourcemaps.

• Fixed page transition animations.

• Fixed issues with invitations.

---

Release 3.23.0

Release date: January 2, 2023

10Duke Identity Management REST API

Enhancements:

• Support for reservation cleanup when deleting organization groups.

• jaxb-api dependency convergence (Java 11 update).

• Updated the build target from Java 8 to Java 11.

• Updated the user-group connection deleting operations to return a flag if no more groups within the organization are left.

• Invitations were unusable if validFrom was left out of invitations.

Security:

• The release includes minor security improvements. We recommend updating to this version.

Bug fixes:

• Empty sections by tag in the OpenAPI spec.

• Updating the user’s phone number with /organizations/{organizationId}/users/import failed.

10Duke Entitlement Management REST API

Enhancements:

• jaxb-api dependency convergence (Java 11 update).

• Updated the build target from Java 8 to Java 11.

Security:

• The release includes minor security improvements. We recommend updating to this version.

Bug fixes:

• DELETE /api/entitlement/v1/management/permission-cache was broken.

• Updating the user’s phone number with /organizations/{organizationId}/users/import failed.

10Duke SysAdmin

Enhancements:

• Updated the build target from Java 8 to Java 11.

• Updated the Personal Entitlements label to singular form.

• Changed the applicable dialogs to modal.

• Fixed inconsistencies in error messages and certain UI items.

• Added a warning message when changing Name of a licensed item.

• Renamed the internal role GinOverGin to Super Admin in the SysAdmin configuration setup.

Bug fixes:

• The organization invitation dialog doesn’t shown a confirmation after saving.

• Fixed the select all text alignment in the invite member dialog.

• Incorrect character in the select internal roles dialog.

• The code dialog shakes on error.

• A duplicate error on the licensed items page.

• The organization group create dialog doesn’t show an error inside the dialog.

• Multiple error messages were shown when editing OIDC provider.

• A floating license model opens on the last page when creating a model for the second time.

• The create organization role dialog closes on error.

• The organization role template dialog closes on error.

• The organization entitlements/set allowed versions dialog doesn’t work.

• Corrected the dialog title when adding use count to a license.

• A duplicate error message when adding an organization role template with an empty name.

• Clear selection count is not cleared after removing licensed items.

• Exception when trying to create a licensed item with an already existing name under a product package.

• The Title field is empty for other OIDC/SAML providers if emptying the field and changing the provider.

• Activation Code Configuration - Assign Organization dialog sizing enhanced.

• The Name field is empty for other packages if emptying the field and changing the package.

• Error when changing an internal role’s name to an already existing name.

• Error when changing a product package name to an already existing name.

• Error when changing a licensed item’s name to an already existing name.

• Error when adding an internal role with an already existing name.

• Error when trying to create a product package with an already existing name.

• Error when adding an organization custom property twice with the same key.

• Error when adding a user custom property twice with the same key.

• Error when trying to add a client role that already has been added.

• Enforce product package validity when it comes to granting licenses.

• Don’t allow only whitespace in the licensed item name and display name.

• Deleting all organization user groups fails.

• The organization name link in organization_manage_groups view not working as expected.

• The product packages/change license model doesn’t clear references.

• The Product Configuration > License Models > Create/edit license model dialog doesn’t scroll.

• The organization creation should use a different service.

• A seat remains reserved when an organization group is removed.

• Organization Role details - Organization field should be read-only.

• The details view not closed when saving an edited licensed item.

• An organization cannot be deleted if it has at least one device group.

• Cannot filter or sort client app roles in the User > Client App Roles > Add view.

• The date picker widget moves down from the input field when navigating from one month to another.

• Switch to use allowedVersions defined in license credit.