Keeper Release Notes

New Features

NHI Tiered Pricing Support — Introduced a tiered pricing model for Non-Human Identities (NHI), allowing enterprises to select from Base, Tier 1, Tier 2, Tier 3, and Enterprise tiers based on the number of NHI resources managed.

Enterprise NHI Metrics Dashboard — Administrators can now track the total number of PAM resources (users, databases, machines, configurations) across the entire enterprise from the Admin Console.

RBI Session Tracking in NHI Metrics — Remote Browser Isolation (RBI) session activity is now included in NHI usage metrics, providing more comprehensive visibility into PAM resource utilization.

Improvements

KA-8151: Added enterprise-wide tracking of PAM resource counts including users, databases, machines, and configurations. Administrators can now view total NHI resource usage across their entire tenant from the Admin Console.

KA-8551: NHI tier information is now accessible through enterprise license APIs. License data now reflects the assigned NHI pricing tier, enabling accurate tier-based reporting and billing.

KA-8609: RBI session start and RBI session recording events are now included in NHI metrics calculations. This ensures all remote browser isolation activity is accurately counted toward NHI usage totals.

Bug Fixes

KA-8603: Improved robustness and error handling for the NHI metrics API. The API now handles edge cases more gracefully, ensuring consistent and reliable metric retrieval.

KA-8622: Fixed an issue where KSM devices were incorrectly counted toward NHI totals when their only activity was during initial provisioning. NHI counts now accurately reflect only actively used resources, excluding provisioning-only device records.

KA-8631: Fixed a Bugcrowd reported issue related to device approval and Biometric/Passkey authentication.

Original source

New Features

NHI PAM Support in Subscriptions

The Subscriptions tab in the Enterprise Admin Console now displays PAM license counts and Non-Human Identity (NHI) tier details, giving administrators a clear view of their current KeeperPAM entitlements and usage cycle in one place.

• PAM license counts — managed, available, and maximum allowed PAM licenses
• NHI usage tracking — current cycle consumption with tier thresholds and near-limit warnings
• KeeperPAM summary — bundled entitlements including KSM API call tier, KCM, Rotation, KEPM, RBI, and Tunneling

Bug Fixes

• EM-8709: Fixed an issue where the Account Recovery and Transfer Policy modals overlapped on the initial login to Admin Console, causing a non-sequential view.
• EM-8711: Fixed a bug where exported ARAM events displayed [Object object] in place of the correct syslog values. Exported ARAM reports now render the expected human-readable syslog data.
• EM-8699, EM-8724: Fixed a layout issue where the node dropdown would incorrectly shrink in width when a root node or a subnode with a short name was selected.

Original source

KeeperDB is a fast, secure, cross-platform database management tool. Use it inside KeeperPAM connections or as a standalone desktop app on Windows, macOS, and Linux.

Query, explore, and operate PostgreSQL, MySQL, SQLite, Microsoft SQL Server, Oracle, and Amazon Redshift from one interface.

KeeperDB is built for engineers and data scientists. It replaces legacy tools like DBeaver, MySQL Workbench, and pgAdmin. In KeeperPAM, it brings core database workflows into a fully managed passwordless experience.

What's New in 2.0.2

Since 1.8.3, we've added multi-host clusters, the Top Queries screen, desktop polish, a searchable connection picker, ER graph tooling, and security hardening.

Multi-host cluster connections

Connect to highly-available PostgreSQL clusters by listing multiple hosts in one connection. KeeperDB now mirrors libpq / Connector/J failover semantics natively in the desktop UI — no more falling back to CSV-in-host strings.

• PostgreSQL — multi-host with target_session_attrs (any / read-write / read-only / primary / standby / prefer-standby) and load_balance_hosts (disable / random)
• Per-driver advanced options — the Advanced... modal under Host+Port is gated on driver

Top Queries (historical query analysis)

A new Top Queries tab inside Monitor surfaces the heaviest historical SQL across each supported engine — total time, mean time, call count, rows, and percent of total — sorted server-side for performance.

• PostgreSQL — pg_stat_statements (cross-version, surfaces an "extension missing" hint when not installed)
• MySQL / MariaDB / Aurora — performance_schema digest analysis, with Aurora-aware consumer diagnostics ("performance_schema is enabled but no digest data — likely consumers are off")
• Oracle — V$SQLSTATS (Enterprise / Standard editions)

Click any row to open the full normalized SQL, jump to EXPLAIN (Postgres/MySQL), or send the statement to KeeperAI for analysis

ER diagram tooling

The schema graph is now usable on real production schemas (hundreds of tables, deep FK chains):

• ↻ Reset Layout — re-runs dagre auto-layout if positions have drifted
• ⊞ Snap-to-grid — toggle, persisted per-user; 20px grid for clean alignment
• ⇩ Export PNG — high-DPI export scoped to the viewport (no toolbar artifacts)
• Hover-highlight — hovering a table fades non-connected tables to 25% so you can trace foreign-key paths at a glance
• Bulk schema fetch — columns and foreign keys load via a single batched query per schema (was N+1 per table); large graphs build dramatically faster
• Configurable table cap — Settings → Editor → Graph View now exposes "Max tables in graph" (default 200, up to 1000)
• Viewport sanity-check — if a saved viewport would leave zero nodes on screen, falls back to fitView automatically

Sidebar table expansion

Click the disclosure triangle (▸/▾) next to any table to expand its columns inline without leaving the current view. This matches the pattern in DBeaver, DataGrip, and TablePlus.

PK and FK badges (text labels, not emoji) appear next to columns. FK rows show the → target.column reference inline. Right and Left arrow keys also expand and collapse rows. Columns load lazily on first expand and reuse the schema-index cache.

Searchable connection picker

Built for desktop users with hundreds of saved connections. It replaces native dropdowns on the login screen, sidebar, and Settings with a fast, keyboard-driven modal:

• Auto-focused multi-keyword search input (whitespace-separated AND-match across name, host, database, type — order-independent)
• ↑/↓ to navigate, ↵ to pick, Esc to close
• Active connection pinned to top
• Same component drives the sidebar mini-switcher, the login-screen "Saved Connections" entry, and Settings → Connections

Desktop quality-of-life

• In-app update notifier — login screen polls a hardened CDN endpoint and surfaces "New version X.Y.Z available — download now" with a download link.
• Desktop zoom — Cmd/Ctrl + / Cmd/Ctrl - zoom the UI (browser keeps native zoom).
• Themes - Graphite / Blue / Emerald / Violet / Rose / Amber and of course Terminal

Editor and grid polish

• Tab key in the Query editor and Notebook SQL cells inserts 4 spaces; Shift-Tab dedents; multi-line selections indent all selected lines
• Tab key in Notebook Markdown cells inserts 4 spaces too; selections indent/dedent line-by-line
• Cmd/Ctrl+C now copies cells in Raw (no escaping) format by default — JSON cells stay as {"k":"v"} instead of being CSV-wrapped. The COPY AS menu adds "Raw" at the top alongside CSV / TSV / JSON
• CodeMirror drawSelection — text-selection backgrounds now respect the editor theme (legible on dark backgrounds)
• Row-detail drawer on Query results — same chip + drawer experience as the Data tab; long type labels no longer overflow; each field has a Copy button with feedback
• Inline edits that end at the original value skip the API round-trip (no-op)
• Type-aware filter values — the Data tab's Filter Rows now generates dialect-correct literals for binary (0xDEADBEEF / X'…' / HEXTORAW(…)), numeric (unquoted), and boolean (TRUE / FALSE or 1 / 0) columns instead of always wrapping in quotes
• Foreign key referential actions — ON DELETE / ON UPDATE (NO ACTION / RESTRICT / CASCADE / SET NULL / SET DEFAULT) now display in the Table Info modal across every driver

Driver improvements

• Oracle — TCPS encryption by default with plain-TCP fallback for SslMode::Prefer (works through keeperdb-proxy without an Oracle Wallet); Easy Connect Plus support; raw TNS connection_string_override for RAC SCAN / EZConnect+ enterprise configurations; every identifier routed through SQL-92 doubling helper
• MSSQL — encryption required and certificate validation enabled by default; Failover Partner support; MultiSubnetFailover stub; GO batch separator handled client-side
• PostgreSQL — multi-host cluster support; SERIAL/BIGSERIAL/SMALLSERIAL detection in get_table_ddl so emitted DDL round-trips cleanly
• MySQL — multi-host cluster support
• Error sanitization — sqlx Protocol error suffixes (e.g. ... (sqlx::error::ProtocolError)) are now stripped before reaching the client

Security and hardening

KeeperDB 2.0.x ships the results of an exhaustive security review:

• MSSQL TLS hardened by default — encrypt=true and certificate validation required out of the box; users can opt out per-connection from the Advanced options
• WebSocket Origin validation on every upgrade
• AI provider base_url allowlist — restricted to vendor hosts (OpenAI, Anthropic, Bedrock, Vertex, Azure).
• Vertex AI location validated to prevent hostname injection
• SQLite path sandbox — defends against filesystem-probe attacks, Windows drive-relative paths (C:Windows...), and Windows lookalike directories
• Metadata-endpoint denylist with canonical host comparison (closes IMDS SSRF)
• CSV / Excel export hardening — formula-prefix neutralization (=, +, -, @), \r injection closed, Content-Disposition filename sanitized
• Saved-connection chokepoint in the SDK now redacts Oracle connection_string_override (which can carry inline credentials) defense-in-depth; never persisted to disk
• Session bearer redacted in audit debug logs; prior session disconnected on every cookie/token-minting handler (only after the new connect succeeds, so a failed connect can't strand existing tabs)
• Atomic handoff redemption closes a TOCTOU race in session token exchange
• Saved connections gated on standalone mode — PAM/Gateway sidecars cannot list or connect to local saved profiles
• Per-user keychain scoping for saved connections on desktop

CVE sweep (closes 4 of 6 Dependabot alerts):

• openssl 0.10.79 — HIGH undefined-behavior in X509Ref::ocsp_responders + MEDIUM heap buffer overflow in AES key-wrap-with-padding
• tauri 2.11.1 — MEDIUM Origin Confusion (remote pages invoking local IPC commands)
• postcss 8.5.14 — MEDIUM XSS via unescaped in CSS stringify output

Features

• Cross-platform native app for Windows, macOS and Linux
• PostgreSQL, MySQL, SQLite, Microsoft SQL Server, Oracle, and Amazon Redshift — all from one tool, with consistent UI and behavior across protocols
• Multi-host cluster connections for PostgreSQL and MySQL with read/write target selection and load-balancing modes
• Query editor with SQL autocomplete (Ctrl+Space), multi-statement execution, drawSelection theming, 4-space Tab indent, and a record view toggle
• Data browser with paginated grids, type-aware filtering (binary/numeric/boolean literals), inline editing, row-detail drawer, and CSV/JSON export
• Notebook for combining SQL and Markdown cells into reusable analyses and runbooks
• ER diagram with hover-highlight, dagre auto-layout, snap-to-grid, PNG export, configurable table cap, and "Ask KeeperAI" per table
• Monitor for real-time process activity, blocking chains, locks, server parameters, and one-click process termination — protocol-aware for PostgreSQL, MySQL, MSSQL, and Oracle
• Top Queries historical query analysis tab for PostgreSQL, MySQL, MSSQL, and Oracle
• Searchable saved-connection picker across login, sidebar, and Settings
• In-app update notifier on the desktop login screen

KeeperAI built in

• A context-aware AI assistant that sees your structure and live performance data
• Bring your own AI provider: OpenAI, Anthropic, Google Gemini, AWS Bedrock (commercial + GovCloud), Google Vertex, Azure OpenAI, or any OpenAI-compatible endpoint
• Autonomous agent loop for multi-step tasks like query optimization, error triage, and performance investigation
• "Ask KeeperAI" available directly from the ER diagram and Top Queries panel
• Provider base_url allowlist enforced at save time and at request time

Security and enterprise readiness by default

• Zero-knowledge: session credentials live only in process memory; saved-connection passwords live in the OS-native secret store, never written to disk in plaintext
• MSSQL encryption required by default with certificate validation
• Mandatory confirmation flow for destructive queries (DROP, DELETE without WHERE, etc.) — canonical SQL-safety classifier in the SDK, not duplicated in the frontend
• Backend limit enforcement and pagination on every query — built for enterprise-scale schemas without runaway result sets

Architecture

Built for performance and security. KeeperDB is built as a single self-contained Rust binary — no Java runtime, no Electron, no separate components to install or update. The result is a fraction of the memory footprint of JVM-based tools like DBeaver, near-instant startup, a much smaller security attack surface, and a signed installer that ships as one compact native app instead of a multi-hundred-megabyte distribution.

Credential Storage

KeeperDB Desktop stores credentials in the OS-native secret store on every platform. All entries are stored under the service identifier com.keepersecurity.keeperdb and scoped per-user.

What is stored

• Saved connection passwords — only when you explicitly choose to save a connection in the UI
• AI provider API keys — OpenAI, Anthropic, AWS Bedrock, Google Vertex, Azure OpenAI, etc.

What is not stored on disk

• Live session credentials for the current database connection live only in memory and are never written to disk. If you restart KeeperDB, you must reconnect.
• Oracle connection_string_override (TNS / EZConnect+) is never persisted — TNS descriptors can carry inline credentials. You re-enter the override on each reconnect.
• The next update to Keeper Forcefield will also protect application memory on Windows devices against local malware. It is scheduled for later in May 2026.

Get KeeperDB

The standalone KeeperDB Desktop App is available from our download page:

Desktop installers: macOS DMG (Apple Silicon, signed + notarized), Windows MSI (x64, EV signed), Linux AppImage (any distro). Server packages also available: musl static tarball (Alpine / containers), glibc tarball, RPM (RHEL / Rocky / Amazon Linux), DEB (Debian / Ubuntu).

JSON file containing the latest binaries and sha256 hashes available.

Roadmap

We publish bi-weekly updates based on customer feedback. Send feature requests and bug reports to [email protected], or post on our Reddit community page.

Resources

Links to KeeperDB Documentation, KeeperDB Proxy Documentation, KeeperDB Feature Page, KeeperAI Documentation, and KeeperPAM.

Original source

New Feature

Nested Share Subfolders With Role-Based Folder Permissions

Keeper is redefining how users and teams organize, share and protect their most sensitive records. With the introduction of Nested Share Subfolders with Role-Based Folder Permissions, we’ve rebuilt the vault’s folder, sharing and permissions model from the ground up, delivering a more flexible and scalable experience for every user and team.

During this transition, the new Nested Share Subfolder system will exist alongside the existing Classic folder system and permission model, with two distinct folder icons to help users easily differentiate between them.

This feature is currently available by invitation only. To request access or learn more, please contact your Keeper representative or visit keepersecurity.com/contact.

Organize records and folders up to five levels deep, with no flat structures or workarounds — just logical organization that scales with your team.

Hierarchical Folder & Subfolder Organization

Permissions flow down automatically from a parent folder through all nested subfolders and records within it, so broad access policies apply consistently without manual effort

Role-Based Folder Permissions give administrators granular control over exactly who can view, edit, share and manage content at every level of the folder hierarchy — whether you're an individual user, managing a small team, or operating across a global enterprise.

Creating Folders

Clicking on Create New > Folder creates a folder - no need to decide between a regular or shared folder. If you want to share a folder, click Share.

Rollout Approach

The Nested Share Subfolders feature was a rebuild from the ground up - which includes advanced encryption upgrades in addition to functional upgrades. Therefore, the Classic and Nested Share Subfolder systems must be separated in the vault. When creating a new Folder, you will have the option to use the Classic permission model which will limit sharing to basic access levels and can be used for compatibility with older workflows. Existing workflows remain unaffected while organizations adopt the new experience at their own pace. In the future, we plan to support conversion between the two systems — for now, they remain separate.

Key Features

• Hierarchical organization up to five levels deep — Create folders and subfolders with independent sharing configurations at each level, enabling logical organization that scales with your team structure.
• Role-based folder permissions — Assign granular permissions at both the folder and record level, giving every user exactly the access their role requires. Permissions can be applied through inheritance (flowing automatically from parent to child folders), direct folder assignment, or direct record assignment.
• Permission inheritance with targeted overrides — Broad access policies apply consistently across a folder structure, with the flexibility to make precise exceptions at any level. When multiple permission paths apply, precedence rules ensure the most specific assignment wins — record-level permissions override folder-level ones, which override inherited permissions from a parent.
• Access management controls — Share managers can add users and teams, perform bulk permission changes, and set access expiration dates or revoke access entirely at the folder or record level. Users cannot grant permissions higher than their own access level.

Roadmap

The Nested Share Subfolder feature is available through a "feature flag" that can be enabled by the Keeper support team. Over the coming weeks, we plan to gather customer feedback and roll out critical capabilities which include:

• Vault Transfer Policy
• Deletion and Restore
• Moving records
• Import
• Migration from Classic shared folders
• iOS, Android, Browser Extension end-user application support
• Secrets Manager SDKs and integrations

Commander CLI

The Nested Share Subfolder capabilities are supported with Commander CLI with the new "KeeperDrive Commands" that have the prefix of kd-. The list of commands is below.

KeeperDrive Commands

kd-get Get details of a KeeperDrive record or folder
kd-list List Keeper Drive folders and records
kd-ln Link a record into a KeeperDrive folder (positional)
kd-mkdir Create a KeeperDrive folder
kd-record-add Create a KeeperDrive record
kd-record-details Get record metadata (title, color)
kd-record-permission Modify sharing permissions of records in a folder
kd-record-update Update a KeeperDrive record
kd-rm Remove (delete/unlink) a KeeperDrive record
kd-rmdir Remove a KeeperDrive folder and its contents
kd-rndir Rename a KeeperDrive folder
kd-share-folder Grant/update/revoke folder sharing
kd-share-record Grant/update/revoke record sharing
kd-shortcut Manage KeeperDrive record shortcuts (multi-folder links)
kd-transfer-record Transfer record ownership to another user

Bug Fixes

• VAUL-8619: Various issues with Dark Mode.
• VAUL-8714: Improved Error Messaging for Session Persistence Conflicts.
• VAUL-8748: Resolved test alignment in the Query Log display.

Web Vault Update Instructions

To ensure you're using the latest Web Vault, simply reload the vault login page (or Shift+Ctrl/Cmd+R to force refresh)

Desktop Update Instructions

If you installed Keeper Desktop directly from the Keeper website, download the latest version from: https://www.keepersecurity.com/download.html?t=d

If you installed Keeper Desktop from the Mac App Store or Microsoft Store, visit the store to perform the update.

Original source

Enhancements

• iOS-6910: Introduces a new Session Management interface that puts you in control of your connected devices. View all sessions linked to your account at a glance - including your iPhone, iPad, Mac, web browsers, and Android devices - with details like device model, operating system, and last login time. You can remotely lock any session, log out active ones, or permanently remove old or lost devices to keep your vault secure and your account tidy.

• iOS-7785: Adds manual credential rotation for PAM User records directly from the mobile app. A new "Rotate Now" button on the PAM User record view lets you trigger an on-demand password rotation whenever you need to refresh privileged account credentials. The record view also displays your last rotation date and current status -Success, Failed, or In Progress - so you can monitor the health of your credentials at a glance.

• iOS-7850: Enables Just-In-Time (JIT) access request notifications, allowing you to action PAM workflow requests directly from the iOS Notification Center. When someone requests access to a shared resource, you receive a notification containing their name, justification, any associated ticket number, and the requested access duration, letting you make faster approval decisions on the go.

• iOS-7916: Adds a Files option to the attachment menu when adding files, photos, or videos to a record. You can now browse and attach files directly from your device's Files app alongside the existing camera, photo library, and video options, giving you more flexibility in how you capture and store attachments.

• iOS-7943: Streamlines the two-factor authentication setup by automatically skipping the duration selection screen when only one option is available. You're now taken directly to the next step, reducing unnecessary taps and getting you to a secured state faster.

• iOS-8000: Replaces all instances of the Keeper coin logo throughout the iOS app with an updated asset, refreshing the visual appearance of your app across login screens, autofill sheets, and throughout the interface.

• iOS-8024: Improves the PAM JIT approval notification flow by ensuring system push notifications work seamlessly. When you tap a PAM access request toast, the app now opens and authenticates you if needed.

• iOS-7933: Implements "Restrict Account Switching" enforcement. When the enforcement is enabled, switching to a restricted account requires fresh authentication rather than instant switching, helping organizations maintain security boundaries.

• iOS-8065: Improves account switching logic by respecting enterprise security policies. When an enterprise account has switching restrictions enabled, the app now prevents unauthorized quick-switching and ensures proper authentication is required.

• iOS-8063: Makes the Payment Card PIN Code field easier to interact with, improving usability when managing payment information in your records.

• iOS-8033: Enhances Session Management by ensuring that when a device removal is initiated remotely, the affected user is properly removed from both the account and the device, keeping your device list in sync with your actual account configuration.

Bugs

• iOS-7447: Addressed a critical issue where the Shared Users screen remained tappable while your device was offline, which could result in silent failures. The app now correctly detects an offline state and presents a clear alert, preventing unintended interactions.

• iOS-7529: Fixed a visual rendering issue with the View button; it now displays correctly across all record views.

• iOS-7958: Resolved a navigation issue where tapping "Import Passwords" from the left drawer incorrectly reset your active record filter back to "All Records"; your selected filter is now preserved when accessing Import Passwords.

• iOS-8022: Fixed a bug where the floating action button (FAB) menu disappeared after canceling out of a File Upload record creation flow; the FAB is now correctly restored after dismissing the creation sheet.

• iOS-8032: Resolved a Session Management issue where performing a lock, logout, or remove action on one linked device did not propagate to all associated linked devices; actions now correctly apply across all devices sharing the same account link.

• iOS-8083: Fixed notification badge alignment in right-to-left languages; the notification count badge now appears in the correct position next to the bell icon.

• iOS-8082: Corrected button alignment in Notification Center on iPad; Deny and Approve buttons now align properly to the left for better usability on larger screens.

• iOS-8079: Fixed a critical issue where the "Done" button would vanish in edit mode after attempting to delete an item and canceling out, which could leave you stuck in edit mode; you can now exit edit mode reliably.

• iOS-8075: Resolved an issue where the Support option on the Login screen was not functioning; you can now access support resources directly from the login screen.

• iOS-8074: Fixed a security issue where clone codes were not being deleted on device reset; your device is now properly cleaned when reset.

• iOS-8068: Resolved an account switching issue where the app would always ask for authentication when switching to an account with a resumable session on the login screen; resumable sessions now work as expected during account switching.

• iOS-8064: Fixed in-app account switching to respect resumable sessions, reducing unnecessary authentication prompts when switching between accounts.

• iOS-8059: Corrected the capitalization of the Manage Session notification title for proper display.

• iOS-8057: Added missing active session icons in the Manage Session section, making it easier to identify which devices are currently active.

• iOS-8055: Fixed the Private PEM Key field display so you can now see the full value when viewing certificate or key records.

• iOS-8053: Improved error messaging when approving or denying workflow requests; you now receive clearer, more accurate feedback on the outcome of your action.

• iOS-8051: Fixed the Manage Sessions list to consistently place your active logged-in session at the top of the device list for easier identification.

• iOS-8050: Resolved a sync progress display issue that occurred after upgrading from a previous version; full-sync progress now displays correctly on the first automatic sync.

• iOS-8035: Fixed a passkey security field issue where a field from the backend was not being preserved correctly in your records.

Original source

New Feature

Nested Share Subfolders With Role-Based Folder Permissions

Keeper is redefining how users and teams organize, share and protect their most sensitive records. With the introduction of Nested Share Subfolders with Role-Based Folder Permissions, we’ve rebuilt the vault’s folder, sharing and permissions model from the ground up, delivering a more flexible and scalable experience for every user and team.

During this transition, the new Nested Share Subfolder system will exist alongside the existing Classic folder system and permission model, with two distinct folder icons to help users easily differentiate between them.

Information

This feature is currently available by invitation only. To request access or learn more, please contact your Keeper representative or visit keepersecurity.com/contact.

Organize records and folders up to five levels deep, with no flat structures or workarounds — just logical organization that scales with your team.

Hierarchical Folder & Subfolder Organization

Permissions flow down automatically from a parent folder through all nested subfolders and records within it, so broad access policies apply consistently without manual effort

Role-Based Folder Permissions give administrators granular control over exactly who can view, edit, share and manage content at every level of the folder hierarchy — whether you're an individual user, managing a small team, or operating across a global enterprise.

Creating Folders

Clicking on Create New > Folder creates a folder - no need to decide between a regular or shared folder. If you want to share a folder, click Share.

Rollout Approach

The Nested Share Subfolders feature was a rebuild from the ground up - which includes advanced encryption upgrades in addition to functional upgrades. Therefore, the Classic and Nested Share Subfolder systems must be separated in the vault. When creating a new Folder, you will have the option to use the Classic permission model which will limit sharing to basic access levels and can be used for compatibility with older workflows. Existing workflows remain unaffected while organizations adopt the new experience at their own pace. In the future, we plan to support conversion between the two systems — for now, they remain separate.

Checkbox for Classic Permission Model

Key Features

Hierarchical organization up to five levels deep — Create folders and subfolders with independent sharing configurations at each level, enabling logical organization that scales with your team structure.

Role-based folder permissions — Assign granular permissions at both the folder and record level, giving every user exactly the access their role requires. Permissions can be applied through inheritance (flowing automatically from parent to child folders), direct folder assignment, or direct record assignment.

Permission inheritance with targeted overrides — Broad access policies apply consistently across a folder structure, with the flexibility to make precise exceptions at any level. When multiple permission paths apply, precedence rules ensure the most specific assignment wins — record-level permissions override folder-level ones, which override inherited permissions from a parent.

Access management controls — Share managers can add users and teams, perform bulk permission changes, and set access expiration dates or revoke access entirely at the folder or record level. Users cannot grant permissions higher than their own access level.

Roadmap

The Nested Share Subfolder feature is available through a "feature flag" that can be enabled by the Keeper support team. Over the coming weeks, we plan to gather customer feedback and roll out critical capabilities which include:

• Vault Transfer Policy
• Deletion and Restore
• Moving records
• Import
• Migration from Classic shared folders
• iOS, Android, Browser Extension end-user application support
• Secrets Manager SDKs and integrations

Commander CLI

The Nested Share Subfolder capabilities are supported with Commander CLI with the new "KeeperDrive Commands" that have the prefix of kd-. The list of commands is below.

KeeperDrive Commands

• kd-get Get details of a KeeperDrive record or folder
• kd-list List Keeper Drive folders and records
• kd-ln Link a record into a KeeperDrive folder (positional)
• kd-mkdir Create a KeeperDrive folder
• kd-record-add Create a KeeperDrive record
• kd-record-details Get record metadata (title, color)
• kd-record-permission Modify sharing permissions of records in a folder
• kd-record-update Update a KeeperDrive record
• kd-rm Remove (delete/unlink) a KeeperDrive record
• kd-rmdir Remove a KeeperDrive folder and its contents
• kd-rndir Rename a KeeperDrive folder
• kd-share-folder Grant/update/revoke folder sharing
• kd-share-record Grant/update/revoke record sharing
• kd-shortcut Manage KeeperDrive record shortcuts (multi-folder links)
• kd-transfer-record Transfer record ownership to another user

Bug Fixes

• VAUL-8619: Various issues with Dark Mode.
• VAUL-8714: Improved Error Messaging for Session Persistence Conflicts.
• VAUL-8748: Resolved test alignment in the Query Log display.

Web Vault Update Instructions

To ensure you're using the latest Web Vault, simply reload the vault login page (or Shift+Ctrl/Cmd+R to force refresh)

Desktop Update Instructions

If you installed Keeper Desktop directly from the Keeper website, download the latest version from: https://www.keepersecurity.com/download.html?t=d

If you installed Keeper Desktop from the Mac App Store or Microsoft Store, visit the store to perform the update.

Original source

Enhancements

• iOS-6910: Introduces a new Session Management interface that puts you in control of your connected devices. View all sessions linked to your account at a glance - including your iPhone, iPad, Mac, web browsers, and Android devices - with details like device model, operating system, and last login time. You can remotely lock any session, log out active ones, or permanently remove old or lost devices to keep your vault secure and your account tidy.

• iOS-7785: Adds manual credential rotation for PAM User records directly from the mobile app. A new "Rotate Now" button on the PAM User record view lets you trigger an on-demand password rotation whenever you need to refresh privileged account credentials. The record view also displays your last rotation date and current status -Success, Failed, or In Progress - so you can monitor the health of your credentials at a glance.

• iOS-7850: Enables Just-In-Time (JIT) access request notifications, allowing you to action PAM workflow requests directly from the iOS Notification Center. When someone requests access to a shared resource, you receive a notification containing their name, justification, any associated ticket number, and the requested access duration, letting you make faster approval decisions on the go.

• iOS-7916: Adds a Files option to the attachment menu when adding files, photos, or videos to a record. You can now browse and attach files directly from your device's Files app alongside the existing camera, photo library, and video options, giving you more flexibility in how you capture and store attachments.

• iOS-7943: Streamlines the two-factor authentication setup by automatically skipping the duration selection screen when only one option is available. You're now taken directly to the next step, reducing unnecessary taps and getting you to a secured state faster.

• iOS-8000: Replaces all instances of the Keeper coin logo throughout the iOS app with an updated asset, refreshing the visual appearance of your app across login screens, autofill sheets, and throughout the interface.

• iOS-8024: Improves the PAM JIT approval notification flow by ensuring system push notifications work seamlessly. When you tap a PAM access request toast, the app now opens and authenticates you if needed.

• iOS-7933: Implements "Restrict Account Switching" enforcement. When the enforcement is enabled, switching to a restricted account requires fresh authentication rather than instant switching, helping organizations maintain security boundaries.

• iOS-8065: Improves account switching logic by respecting enterprise security policies. When an enterprise account has switching restrictions enabled, the app now prevents unauthorized quick-switching and ensures proper authentication is required.

• iOS-8063: Makes the Payment Card PIN Code field easier to interact with, improving usability when managing payment information in your records.

• iOS-8033: Enhances Session Management by ensuring that when a device removal is initiated remotely, the affected user is properly removed from both the account and the device, keeping your device list in sync with your actual account configuration.

Bugs

• iOS-7447: Addressed a critical issue where the Shared Users screen remained tappable while your device was offline, which could result in silent failures. The app now correctly detects an offline state and presents a clear alert, preventing unintended interactions.

• iOS-7529: Fixed a visual rendering issue with the View button; it now displays correctly across all record views.

• iOS-7958: Resolved a navigation issue where tapping "Import Passwords" from the left drawer incorrectly reset your active record filter back to "All Records"; your selected filter is now preserved when accessing Import Passwords.

• iOS-8022: Fixed a bug where the floating action button (FAB) menu disappeared after canceling out of a File Upload record creation flow; the FAB is now correctly restored after dismissing the creation sheet.

• iOS-8032: Resolved a Session Management issue where performing a lock, logout, or remove action on one linked device did not propagate to all associated linked devices; actions now correctly apply across all devices sharing the same account link.

• iOS-8083: Fixed notification badge alignment in right-to-left languages; the notification count badge now appears in the correct position next to the bell icon.

• iOS-8082: Corrected button alignment in Notification Center on iPad; Deny and Approve buttons now align properly to the left for better usability on larger screens.

• iOS-8079: Fixed a critical issue where the "Done" button would vanish in edit mode after attempting to delete an item and canceling out, which could leave you stuck in edit mode; you can now exit edit mode reliably.

• iOS-8075: Resolved an issue where the Support option on the Login screen was not functioning; you can now access support resources directly from the login screen.

• iOS-8074: Fixed a security issue where clone codes were not being deleted on device reset; your device is now properly cleaned when reset.

• iOS-8068: Resolved an account switching issue where the app would always ask for authentication when switching to an account with a resumable session on the login screen; resumable sessions now work as expected during account switching.

• iOS-8064: Fixed in-app account switching to respect resumable sessions, reducing unnecessary authentication prompts when switching between accounts.

• iOS-8059: Corrected the capitalization of the Manage Session notification title for proper display.

• iOS-8057: Added missing active session icons in the Manage Session section, making it easier to identify which devices are currently active.

• iOS-8055: Fixed the Private PEM Key field display so you can now see the full value when viewing certificate or key records.

• iOS-8053: Improved error messaging when approving or denying workflow requests; you now receive clearer, more accurate feedback on the outcome of your action.

• iOS-8051: Fixed the Manage Sessions list to consistently place your active logged-in session at the top of the device list for easier identification.

• iOS-8050: Resolved a sync progress display issue that occurred after upgrading from a previous version; full-sync progress now displays correctly on the first automatic sync.

• iOS-8035: Fixed a passkey security field issue where a field from the backend was not being preserved correctly in your records.

Original source

Keeper Browser Extension version 17.9.0 includes several security and usability improvements such as Privileged Access Management (PAM) record launch, password strength algorithmic hardening, a "What's New" section, Snapshot Tool (report an autofill issue) enhancements, Master Password reveal option, various UI/UX improvements and bug fixes.

Currently in preview and staged rollout in production

New Features

Launch PAM Sessions From the Browser Extension

You can now launch Privileged Access Management (PAM) sessions including Machine, Database, and Browser record types directly from the browser extension via a "Launch" button, which redirects to the web app to initiate the session.

To learn more about setting up PAM connections in order to launch them from the browser extension, please follow the documentation links below.

Password Strength Computational Algorithm Update

As you create or save passwords, the extension instantly evaluates their strength against millions of real-world patterns catching deceptively weak passwords that typical rules miss. Instead of arbitrary complexity rules, you get a meaningful security score and plain-language guidance that actually helps you create harder-to-crack passwords.

"What's New" Section

Integrated a "What's New" section into the Options menu, giving users a chronological overview of the latest features with direct links to the corresponding release notes.

Master Password Reveal Option at Login

We've added a master password visibility toggle that lets you temporarily reveal your masked password as you type, helping you catch and correct typos before submitting. Simply click on the eye icon at login to reveal the master password you entered.

Improvements

BE-7361: Keeper's Snapshot Tool (for reporting autofill issues) now supports "Change Password" and "Registration" form pages. To learn more about the Snapshot Tool click here.

Bug Fixes

BE-6403: After clicking Upgrade Now on an expired account, user is taken to the checkout page without any user details prefilled.

BE-6420: After creating a record, Search fails to reduce results as more characters are entered.

BE-6429: Form filler's fade in animation is broken.

BE-6454: Generator history - can't clear Search with keys.

BE-6457: "Launch" from detailed view on record B fills credentials from record A if A has Autofill ON.

BE-6464: Unmasking a password in history causes the generator to get stuck/cached with same password.

BE-6468: Secure login issues when switching to vault web login in the middle of a browser extension login.

BE-6472: Entering Edit into a record with no password, generates one automatically.

BE-6475: The Show TOTP Prompt appears in a wrong position.

BE-6497: TypeError reading "dataset" property breaks lock injection on some sites.

BE-6500: Password generator view in the form filler, collapses when users navigate to the generator in toolbar window.

BE-6519: Autofill does not use matching records routine in some edge cases.

BE-6528: Right-click to TOTP fill doesn't work on Microsoft form field.

BE-6682: Certain input fields do not expand to fill the full width of Record View page in the toolbar window.

BE-6683: QoL feature's copy button misplaced in the RTL mode.

BE-6817: Password Generator - Generated password lost or replaced when BE window closes before saving.

BE-6849: Font for the "Turn On Anyway" and "Cancel" buttons does not have matching text.

BE-7069: Autofill for 3-field-registration screen (username, password, password confirmation) does not autofill properly.

BE-7086: After authenticating using a passkey, the user must click the focus into the textbox for master password to continue to login.

BE-7107: Account Switching search results do not clear.

BE-7133: Record data fails to update when a child record is removed from a user folder.

BE-7144: Favorites button throttled without user facing throttle message.

BE-7146: Account Switching filter selection sticks across accounts.

BE-7241: Investigate autofill issue on singular website.

BE-7245: Masked Fields - mask/unmask icon cut-off.

BE-7285: TypeError in getFieldType() prevents AI Autofill labeling in Firefox and Safari.

BE-7290: Record data fails to update when a child record is removed from a shared folder.

BE-7297: Adjust sort order of 'Suggested Records' based on full URL of vault record and current web page.

BE-7303: Text key "device_account_locked" appears in login screen.

BE-7343: Copy field value in prompt Edit Record not working.

BE-7360: Secure Note record type when viewed in Browser Extension popup is not showing full text.

BE-7367: AutoFill fails to trigger when Passkey prompt appears first.

BE-7380: Safari - The buttons in the Two-Factor Modal on Safari are unresponsive.

BE-7383: Add to Keeper prompt pops up even with correct credential population.

BE-7392: Approval code mask/unmask eye icon misaligned and not working.

BE-7393: Expired account page - eye icon is present.

BE-7395: Master Password unmasking. Accessibility "Tabbing" is not highlighting the icon (Safari).

BE-7396: Screen readers announcement of the password visibility icon (Chrome, Firefox only) part 1 of 2.

BE-7402: PAM support - design mismatches.

BE-7406: Improve UX for disable built-in password manager, when another extension controls passwordSavingEnabled setting.

BE-7407: Add record overlapping with filter option.

BE-7409: Password generator - generated password does not actively adjust when user changes the password length slider.

BE-7411: Password generator - generated passwords/phrases do not transfer to record edit form.

BE-7421: Landscape Mode - Options list is cut off.

BE-7422: Verify Mode - Custom Elements are being missed for checking.

BE-7430: 'Add To Keeper' button too big - adjust the size to be smaller and more ergonomic.

BE-7450: Cannot dismiss 'Add To Keeper' button; remains persistent.

BE-7452: Suppress automatic popup of 'Add to Keeper'.

BE-7454: Click to Fill - Launching root domain when record has passkey instead of the full URL.

BE-7474: PAM record fails to sync to on BE after password rotation.

BE-7478: When clicking "full sync", the icon should animate spinning & Dark Mode button has incorrect text color.

BE-7486: User unable paste into a password field (on Web Vault) when BE is active.

Original source

Breaking changes

• get_folders() no longer consumes the SecretsManager instance — the signature is now &mut self. If you added .clone() as a workaround, you can safely remove it.
• CustomPostFunction is now thread-safe — the type alias is now Arc<dyn Fn(...) + Send + Sync>. Most call sites will compile without changes; if you're storing the type alias directly, wrap your function with Arc::new(...).

Bug Fixes

• KSM-886: File and thumbnail downloads no longer fail inside async runtimes — resolved a "builder error" that occurred when downloads were called from within a tokio runtime.

Security updates

• reqwest 0.12 → 0.13.3 (KSM-922): Resolves four rustls-webpki advisories; TLS backend migrated to aws-lc-rs, the required foundation for FIPS 140-3 support.
• openssl 0.10.75 → 0.10.78: Resolves CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681 (CVSS 9.1–9.8, Critical).

Links:

• Crates.io package
• docs.rs

Original source

Breaking changes

• get_folders() no longer consumes the SecretsManager instance — the signature is now &mut self. If you added .clone() as a workaround, you can safely remove it.
• CustomPostFunction is now thread-safe — the type alias is now Arc<dyn Fn(...) + Send + Sync>. Most call sites will compile without changes; if you're storing the type alias directly, wrap your function with Arc::new(...).

Bug Fixes

• KSM-886: File and thumbnail downloads no longer fail inside async runtimes — resolved a "builder error" that occurred when downloads were called from within a tokio runtime.

Security updates

• reqwest 0.12 → 0.13.3 (KSM-922): Resolves four rustls-webpki advisories; TLS backend migrated to aws-lc-rs, the required foundation for FIPS 140-3 support.
• openssl 0.10.75 → 0.10.78: Resolves CVE-2026-41676, CVE-2026-41677, CVE-2026-41678, CVE-2026-41681 (CVSS 9.1–9.8, Critical).

Links:

• Crates.io package
• docs.rs

Original source

New Features

Shared Nested Folder Management — Create, nest (up to 5 levels), rename, color-code, remove, and permanently delete shared nested folders with role-based permission enforcement.

Independent Folder Sharing & Permission Overrides — Nested subfolders support independent sharing permissions that can differ from their parent. Inherited permissions can be overridden at any level without affecting sibling or ancestor folders.

Folder & Record Access Management — View which users and teams have access to a folder or record, and grant, revoke, or modify access with role-based permission checks.

Record Lifecycle in shared nested subfolders — Create, view, edit, remove, and permanently delete records at the vault root and within shared nested folders, all governed by role-based permissions.

Record Ownership Transfer — Record owners and managers can transfer ownership of a record to another user who then receives full ownership capabilities.

Contextual Create — Creating a record or folder while inside a SharedFolder or shared nested folder automatically applies the correct permission model for that context.

Keeper Secrets Manager (KSM) in shared nested folders — Users with KSM privileges can create and share KSM applications at the vault root or within shared nested folders.

Passkey Platform Enforcement — Administrators can now limit which passkey platforms are accepted at the time of use, based on enforcement policies.

Information

Nested Folders are available with v18.0 of Vault client applications. Contact your customer success manager at Keeper to activate this feature on your tenant.

Improvements

KA-7317: Improved error handling during passkey registration to return more detailed and actionable error messages when an invalid friendly name is provided. Users now receive clear feedback identifying the specific issue with their input, making it easier to correct and complete passkey setup.

KA-8247: Users can now create a shared nested folder at the vault root level. Folder creation is restricted to users with the appropriate role-based permission.

KA-8248: Users can create nested subfolders within the vault folders up to a maximum depth of five visible levels.

KA-8249: Nested subfolders can have different sharing permissions than their parent folder. Changes to a parent folder's access do not overwrite direct overrides set on child or grandchild folders.

KA-8250: Users with access-management permission can override inherited permissions on a subfolder to create a unique access configuration. The override is preserved even when the parent folder's permissions change.

KA-8251: Users with the appropriate permission can edit a shared nested folder's title and color. This keeps the folder hierarchy clearly organized and visually distinct.

KA-8252: Users with remove permission can remove a shared nested folder from its parent. The folder and its contents are not permanently deleted by this action.

KA-8253: Users with delete permission can permanently delete a shared nested folder and all of its contents. Unauthorized roles are blocked from performing this action.

KA-8254: Users can view the subfolder structure within a shared nested folder according to their access level. Only folders the user is permitted to see are displayed.

KA-8255: Users can view record titles within a shared nested folder when they have the appropriate permission. Records outside the user's access scope are not shown.

KA-8256: Users can view which other users and teams have access to a specific shared nested folder, along with their assigned roles. All roles with folder access are visible to permitted users.

KA-8257: Users with access-management permission can grant, revoke, or modify folder access for other users and teams. Unauthorized roles are correctly denied from making access changes.

KA-8259: Users with view-records permission on a shared nested folder can view and decrypt record content within that folder. Users without sufficient permission are denied access to record content.

KA-8260: Users with edit-records permission on a shared nested folder can edit record content within that folder. Edits propagate to all users with access; view-only and unauthorized roles cannot alter content.

KA-8270: Users can create a new record at the vault root level. The record is created with shared nested permissions when the feature is enabled.

KA-8271: Users with add permission can create a new record directly within a selected shared nested folder. The record is automatically linked to that folder's permission model.

KA-8261: Users with remove permission can unlink a record from a specific shared nested folder without permanently deleting it. The record remains accessible in other locations where it is stored.

KA-8262: Users with delete permission can permanently delete a record from within a shared nested folder. Unauthorized roles are blocked from performing deletion.

KA-8263: Users with record-level delete permission can permanently delete a record regardless of its folder location. Only users with the appropriate role may perform this action.

KA-8269: Users with the appropriate permission can view record titles. Only titles within the user's access scope are visible.

KA-8264: Users with view permission can view the full content of a record, including login, password, and notes fields. Users without sufficient permission are denied access.

KA-8265: Users with edit permission can modify record content including title, login, password, and notes fields. Changes are visible to all users who have access to the record.

KA-8266: Users can view which other users and teams have access to a specific record, along with their assigned roles. All roles with record access are visible to permitted users.

KA-8267: Users with access-management permission can grant, revoke, or update access to a record for other users and teams. Unauthorized roles are correctly denied from making access changes.

KA-8268: Record owners and managers can transfer ownership of a record to another user. The new owner receives full ownership capabilities; unauthorized roles are blocked from initiating a transfer.

KA-8272: When a legacy SharedFolder is selected, creating a new record or folder uses the legacy permission model. Items created in this context follow legacy SharedFolder behavior.

KA-8273: When a shared nested folder is selected, creating a new record or subfolder uses the shared nested permission model. Created resources are linked to the selected folder and follow shared nested access rules.

KA-8274: The system prevents nesting legacy SharedFolders inside shared nested folders and vice-versa. Moving or copying folders across permission models is blocked.

KA-8275: Users with KSM privileges can create a Keeper Secrets Manager application at the vault root. The KSM application is created as a shared nested folder folder.

KA-8276: Users with KSM share privileges can share a KSM application with other users or teams using role-based access. The shared user receives the designated role on the KSM application.

KA-8277: Users with KSM privileges and add permission can create a KSM application within an existing shared nested folder. The application is attached to the selected folder context.

KA-8278: All shared nested folder functionality is controlled by a feature flag. Only enterprises with the feature flag enabled can access shared nested folder functionality.

KA-8297: Shared nested folders and legacy SharedFolders operate as completely isolated permission systems. Resources cannot be moved or copied between folder types that use different permission models.

Bug Fixes

KA-8523: Strengthened access control validation for sub-node administrators requesting enterprise user data by node. vSub-node administrators are now properly restricted to only access data within their own node and authorized child nodes with cascading permissions.

KA-8516: Resolved an issue where BreachWatch was not detecting or displaying dark web breach alerts for newly created records. Breach monitoring now correctly processes and reports alerts across all account types including consumer, enterprise, and shared records.

KA-8475: Fixed an issue where PAM active seat count did not update when an invited user assigned to a PAM role accepted their invitation. The seat count change event now correctly fires upon user activation, ensuring accurate PAM license tracking.

KA-8491: Fixed an issue where record details were not accessible to users with View Only sharing permissions on non-shared nested folder accounts. Shared record information is now properly displayed for recipients with direct share View Only access.

KA-8539: Resolved an error where MSP administrators received an "object already exists" error when attempting to create a new Managed Company. MSP administrators can now successfully create Managed Companies without encountering duplicate object errors.

KA-275: Fixed an issue where the backup restore list did not include backups created after the restore verification code was sent. All available backups now display correctly regardless of when they were created relative to the restore code request.

KA-8564: Addressed security vulnerabilities by upgrading underlying networking dependencies to their latest patched versions. This update resolves known CVEs and strengthens the overall security posture of the application.

Original source

New Features

Shared Nested Folder Management — Create, nest (up to 5 levels), rename, color-code, remove, and permanently delete shared nested folders with role-based permission enforcement.

Independent Folder Sharing & Permission Overrides — Nested subfolders support independent sharing permissions that can differ from their parent. Inherited permissions can be overridden at any level without affecting sibling or ancestor folders.

Folder & Record Access Management — View which users and teams have access to a folder or record, and grant, revoke, or modify access with role-based permission checks.

Record Lifecycle in shared nested subfolders — Create, view, edit, remove, and permanently delete records at the vault root and within shared nested folders, all governed by role-based permissions.

Record Ownership Transfer — Record owners and managers can transfer ownership of a record to another user who then receives full ownership capabilities.

Contextual Create — Creating a record or folder while inside a SharedFolder or shared nested folder automatically applies the correct permission model for that context.

Keeper Secrets Manager (KSM) in shared nested folders — Users with KSM privileges can create and share KSM applications at the vault root or within shared nested folders.

Passkey Platform Enforcement — Administrators can now limit which passkey platforms are accepted at the time of use, based on enforcement policies.

Information

Nested Folders are available with v18.0 of Vault client applications. Contact your customer success manager at Keeper to activate this feature on your tenant.

Improvements

KA-7317: Improved error handling during passkey registration to return more detailed and actionable error messages when an invalid friendly name is provided. Users now receive clear feedback identifying the specific issue with their input, making it easier to correct and complete passkey setup.

KA-8247: Users can now create a shared nested folder at the vault root level. Folder creation is restricted to users with the appropriate role-based permission.

KA-8248: Users can create nested subfolders within the vault folders up to a maximum depth of five visible levels.

KA-8249: Nested subfolders can have different sharing permissions than their parent folder. Changes to a parent folder's access do not overwrite direct overrides set on child or grandchild folders.

KA-8250: Users with access-management permission can override inherited permissions on a subfolder to create a unique access configuration. The override is preserved even when the parent folder's permissions change.

KA-8251: Users with the appropriate permission can edit a shared nested folder's title and color. This keeps the folder hierarchy clearly organized and visually distinct.

KA-8252: Users with remove permission can remove a shared nested folder from its parent. The folder and its contents are not permanently deleted by this action.

KA-8253: Users with delete permission can permanently delete a shared nested folder and all of its contents. Unauthorized roles are blocked from performing this action.

KA-8254: Users can view the subfolder structure within a shared nested folder according to their access level. Only folders the user is permitted to see are displayed.

KA-8255: Users can view record titles within a shared nested folder when they have the appropriate permission. Records outside the user's access scope are not shown.

KA-8256: Users can view which other users and teams have access to a specific shared nested folder, along with their assigned roles. All roles with folder access are visible to permitted users.

KA-8257: Users with access-management permission can grant, revoke, or modify folder access for other users and teams. Unauthorized roles are correctly denied from making access changes.

KA-8259: Users with view-records permission on a shared nested folder can view and decrypt record content within that folder. Users without sufficient permission are denied access to record content.

KA-8260: Users with edit-records permission on a shared nested folder can edit record content within that folder. Edits propagate to all users with access; view-only and unauthorized roles cannot alter content.

KA-8270: Users can create a new record at the vault root level. The record is created with shared nested permissions when the feature is enabled.

KA-8271: Users with add permission can create a new record directly within a selected shared nested folder. The record is automatically linked to that folder's permission model.

KA-8261: Users with remove permission can unlink a record from a specific shared nested folder without permanently deleting it. The record remains accessible in other locations where it is stored.

KA-8262: Users with delete permission can permanently delete a record from within a shared nested folder. Unauthorized roles are blocked from performing deletion.

KA-8263: Users with record-level delete permission can permanently delete a record regardless of its folder location. Only users with the appropriate role may perform this action.

KA-8269: Users with the appropriate permission can view record titles. Only titles within the user's access scope are visible.

KA-8264: Users with view permission can view the full content of a record, including login, password, and notes fields. Users without sufficient permission are denied access.

KA-8265: Users with edit permission can modify record content including title, login, password, and notes fields. Changes are visible to all users who have access to the record.

KA-8266: Users can view which other users and teams have access to a specific record, along with their assigned roles. All roles with record access are visible to permitted users.

KA-8267: Users with access-management permission can grant, revoke, or update access to a record for other users and teams. Unauthorized roles are correctly denied from making access changes.

KA-8268: Record owners and managers can transfer ownership of a record to another user. The new owner receives full ownership capabilities; unauthorized roles are blocked from initiating a transfer.

KA-8272: When a legacy SharedFolder is selected, creating a new record or folder uses the legacy permission model. Items created in this context follow legacy SharedFolder behavior.

KA-8273: When a shared nested folder is selected, creating a new record or subfolder uses the shared nested permission model. Created resources are linked to the selected folder and follow shared nested access rules.

KA-8274: The system prevents nesting legacy SharedFolders inside shared nested folders and vice-versa. Moving or copying folders across permission models is blocked.

KA-8275: Users with KSM privileges can create a Keeper Secrets Manager application at the vault root. The KSM application is created as a shared nested folder folder.

KA-8276: Users with KSM share privileges can share a KSM application with other users or teams using role-based access. The shared user receives the designated role on the KSM application.

KA-8277: Users with KSM privileges and add permission can create a KSM application within an existing shared nested folder. The application is attached to the selected folder context.

KA-8278: All shared nested folder functionality is controlled by a feature flag. Only enterprises with the feature flag enabled can access shared nested folder functionality.

KA-8297: Shared nested folders and legacy SharedFolders operate as completely isolated permission systems. Resources cannot be moved or copied between folder types that use different permission models.

Bug Fixes

KA-8523: Strengthened access control validation for sub-node administrators requesting enterprise user data by node. vSub-node administrators are now properly restricted to only access data within their own node and authorized child nodes with cascading permissions.

KA-8516: Resolved an issue where BreachWatch was not detecting or displaying dark web breach alerts for newly created records. Breach monitoring now correctly processes and reports alerts across all account types including consumer, enterprise, and shared records.

KA-8475: Fixed an issue where PAM active seat count did not update when an invited user assigned to a PAM role accepted their invitation. The seat count change event now correctly fires upon user activation, ensuring accurate PAM license tracking.

KA-8491: Fixed an issue where record details were not accessible to users with View Only sharing permissions on non-shared nested folder accounts. Shared record information is now properly displayed for recipients with direct share View Only access.

KA-8539: Resolved an error where MSP administrators received an "object already exists" error when attempting to create a new Managed Company. MSP administrators can now successfully create Managed Companies without encountering duplicate object errors.

KA-275: Fixed an issue where the backup restore list did not include backups created after the restore verification code was sent. All available backups now display correctly regardless of when they were created relative to the restore code request.

KA-8564: Addressed security vulnerabilities by upgrading underlying networking dependencies to their latest patched versions. This update resolves known CVEs and strengthens the overall security posture of the application.

Original source

KeeperDrive

This is a major release headlined by KeeperDrive — a brand-new command suite for managing folders, records, sharing, and permissions through the Keeper API. It also adds KCM/Guacamole import for PAM, JSON output for rotation status, automation modes for tunnels, and a new way to add KSM tokens to existing applications.

A new kd-* command family for working with KeeperDrive folders, records, sharing, and permissions. All commands require authentication and a synced vault. Visibility is gated behind a feature flag so the commands appear only for permitted users.

The full reference is in KEEPER_DRIVE_COMMANDS.md.

Permission roles

The five sharing roles supported across folder and record commands:

Role Description viewer Read-only access shared-manager Can manage access grants content-manager Can add / edit records content-share-manager Can add / remove / edit records and manage access full-manager Full control

Folder commands

• kd-mkdir — create a folder. Supports --color {none,red,orange,yellow,green,blue,gray} and --no-inherit for permission inheritance. // escapes a literal / inside a folder name.
• kd-rndir — rename a folder, change its color, or toggle permission inheritance (--inherit / --no-inherit). -q suppresses the confirmation message.
• kd-list — list KeeperDrive folders and records from the local cache. --folders / --records filters, --format {table,csv,json} and --output FILE for export. Each row reports share status and accessor count.
• kd-rmdir — remove folders. Always shows an impact preview before prompting. Modes: folder-trash (default, recoverable) or delete-permanent (irreversible). Supports --force, --dry-run, --quiet, max 100 folders per invocation.
• kd-share-folder — grant or remove access (-a {grant,remove}) to one or more folders for one or more recipients (-e is repeatable). @existing / @current targets all current users in the folder. Time-limited shares via --expire-at or --expire-in <30d|6mo|1y|24h|30mi|never>.

Record commands

• kd-record-add — create a record. Required: -t TITLE, -rt TYPE. Optional: -n NOTES, --folder. Fields use type=value or type.label=value notation; run with --syntax-help for the full grammar.
• kd-record-update — update title, type, notes, or field values for one or more records (-r is repeatable).
• kd-rm — remove records with an impact preview. Operations:
  • owner-trash (default) — move to owner's trash, recoverable.
  • folder-trash — remove from a folder and trash.
  • unlink — remove from a specific folder only (requires --folder). Supports --force, --dry-run, max 500 records per invocation.
• kd-ln — link a record into a folder (kd-ln ) without removing it from its current location.
• kd-shortcut list / kd-shortcut keep — manage records that appear in more than one folder. list shows multi-folder records with --format {table,csv,json} and --output; keep retains a record in one folder and unlinks it from all others, with -f to skip the confirmation prompt.

Sharing commands

• kd-share-record — single command for grant / revoke / transfer-ownership via -a {grant,revoke,owner}. Required: -e EMAIL (repeatable), -r ROLE for grant. Supports -R/--recursive for bulk sharing across a folder tree, --contacts-only, --force, --dry-run, and --expire-at / --expire-in. -a grant on an already-shared record updates the existing role.
• kd-record-permission — bulk update sharing across all records in a folder (and optionally sub-folders with -R). Required: -a {grant,revoke}, -r ROLE for grant. Always shows a change plan before executing. Supports --force and --dry-run.
• kd-transfer-record — transfer ownership of one or more records to another user. Irreversible — you lose access after the transfer.

Inspection commands

• kd-record-details — batch metadata (title, type, version, revision) for one or more records. --format {table,json}.
• kd-get — full details for a record or folder (fields, notes, access list). --format {detail,json}, -v/--verbose for a per-permission flag breakdown per accessor, --unmask to reveal masked values like passwords.

Cross-type validation (#2008)

Commands now validate that the target's type matches the operation (e.g. record-only commands reject folder UIDs, and vice versa) so a mistyped UID gets a clear error instead of a silent no-op.

PAM

pam project export (new)

Walks the vault graph for a given PAM project configuration UID and emits a JSON document directly re-importable by pam project import.

• Output schema matches PROJECT_IMPORT_JSON_TEMPLATE exactly (project, shared_folder_users, shared_folder_resources, pam_configuration, pam_data.{resources,users}).
• Resource UIDs derive deterministically from Keeper record UIDs, so re-imports across tenants are idempotent.
• sort_keys=True produces deterministic JSON suitable for git diffs.
• --output FILE writes to disk; omitting prints to stdout.
• tool_version: "commander-export-1.0" is emitted to enable generator-aware behavior on the import side.
• Registered as the shortcut x under pam project.

pam project kcm-import / pam project kcm-cleanup (new)

Import connections directly from a KCM / Guacamole database into Keeper PAM.

• Docker auto-detect.
• Group filtering.
• Adaptive throttling.
• 150+ parameter mappings across SSH, RDP, VNC, Telnet, HTTP, MySQL, PostgreSQL, Oracle, SQL Server, LDAP, and Kubernetes protocols.
• Round-trip support: KCM-imported records reference users by title in pam_settings.connection.launch_credentials / administrative_credentials.
• pam project export now resolves title-shaped values against a per-export title-to-UID index built once from record_cache, so exporting and re-importing a KCM project preserves the user list. 22-character UID-shaped values are still accepted as direct UIDs for back-compat with hand-edited records.

pam tunnel automation modes (#1993)

Non-interactive tunnel modes for CI/CD, systemd, and scripts, plus a cross-process session registry so pam tunnel list / pam tunnel stop work across Commander processes.

PAMTunnelStartCommand:

• --foreground — run in the current process; exit on Ctrl-C or --timeout.
• --background — spawn a detached child; the parent returns immediately.
• --run "" — start the tunnel, run the command, tear the tunnel down on exit.
• --timeout / --pid-file for lifecycle control.
• Mutual-exclusivity checks; safe defaults when no TTY (batch mode).

PAMTunnelListCommand / PAMTunnelStopCommand:

• Surface tunnels owned by other processes via the file registry.
• stop sends SIGTERM (Unix) / TerminateProcess (Windows) and cleans the registry row.

New keepercommander/commands/tunnel_registry.py:

• Atomic JSON writes at /keeper-tunnel-sessions/.json.
• Stale-entry cleanup, duplicate-bind detection (host/port aware).
• 0o700 directory permissions on POSIX.

pam launch improvements (#2009)

• Surfaces involuntary terminations to the user. KeeperAI close prints a red Session terminated by KeeperAI.; admin close prints a yellow Session terminated by administrator.; other involuntary reasons print a single Session ended (). info line; normal/client-initiated closes remain silent.
• Distinct exit codes in batch mode. keeper pam launch UID raises SystemExit(40) for KeeperAI termination and SystemExit(41) for admin termination so callers can branch. In the interactive shell, the prompt is restored without tearing the shell down.
• Fixed close-reason name table in python_handler — previously only mapped codes 0-6 (with the wrong name for code 0) and missed every reason added since, including the two we now act on.
• Fuzzy record resolution. Falls back to a case-insensitive substring match on PAM record titles and any host / pamHostname field when UID / path / exact-title yield nothing. Multiple matches show a numbered picker (or list-and-exit on non-TTY).

pam rotation info --format=json (KC-1230)

Adds JSON output to PAMRouterGetRotationInfo via the shared json_output_parser (--format {table,json}, --output FILE).

JSON fields when online: status, ready_to_rotate, pam_config_uid, node_id, gateway_name, gateway_uid, admin_resource_uid, password_complexity, password_complexity_detail, schedule_type, schedule_data, disabled, script_name

Non-online: status, ready_to_rotate=false. Same pattern applied to discoveryrotation_v1.py for parity.

Secrets Manager

secrets-manager token add (new)

A thin wrapper around the existing client add flow so operators and automation scripts can add one-time access tokens to an existing KSM application without recreating it. Closes the gap where the only token-generation path was app creation.

Supported flags (same as client add): --count, --unlock-ip, --first-access-expires-in-min, --access-expire-in-min, --name, --config-init, --return-tokens

Implementation delegates entirely to KSMCommand.add_client() — no new API surface.

Fixes

• pam project import rejects duplicate UIDs. process_data now collects all UID values assigned to resources and nested users after the UID-normalization loop and aborts with a clear error if any UID appears more than once. Duplicate UIDs produced an ambiguous dependency graph and led to silent link errors during record creation. Externally supplied valid UIDs that are unique continue to work unchanged.

Original source

KeeperDrive

This is a major release headlined by KeeperDrive — a brand-new command suite for managing folders, records, sharing, and permissions through the Keeper API. It also adds KCM/Guacamole import for PAM, JSON output for rotation status, automation modes for tunnels, and a new way to add KSM tokens to existing applications.

A new kd-* command family for working with KeeperDrive folders, records, sharing, and permissions. All commands require authentication and a synced vault. Visibility is gated behind a feature flag so the commands appear only for permitted users.

The full reference is in KEEPER_DRIVE_COMMANDS.md.

Permission roles

The five sharing roles supported across folder and record commands:

Role Description viewer Read-only access shared-manager Can manage access grants content-manager Can add / edit records content-share-manager Can add / remove / edit records and manage access full-manager Full control

Folder commands

• kd-mkdir — create a folder. Supports --color {none,red,orange,yellow,green,blue,gray} and --no-inherit for permission inheritance. // escapes a literal / inside a folder name.
• kd-rndir — rename a folder, change its color, or toggle permission inheritance (--inherit / --no-inherit). -q suppresses the confirmation message.
• kd-list — list KeeperDrive folders and records from the local cache. --folders / --records filters, --format {table,csv,json} and --output FILE for export. Each row reports share status and accessor count.
• kd-rmdir — remove folders. Always shows an impact preview before prompting. Modes: folder-trash (default, recoverable) or delete-permanent (irreversible). Supports --force, --dry-run, --quiet, max 100 folders per invocation.
• kd-share-folder — grant or remove access (-a {grant,remove}) to one or more folders for one or more recipients (-e is repeatable). @existing / @current targets all current users in the folder. Time-limited shares via --expire-at or --expire-in <30d|6mo|1y|24h|30mi|never>.

Record commands

• kd-record-add — create a record. Required: -t TITLE, -rt TYPE. Optional: -n NOTES, --folder. Fields use type=value or type.label=value notation; run with --syntax-help for the full grammar.
• kd-record-update — update title, type, notes, or field values for one or more records (-r is repeatable).
• kd-rm — remove records with an impact preview. Operations: owner-trash (default) — move to owner's trash, recoverable; folder-trash — remove from a folder and trash; unlink — remove from a specific folder only (requires --folder). Supports --force, --dry-run, max 500 records per invocation.
• kd-ln — link a record into a folder (kd-ln ) without removing it from its current location.
• kd-shortcut list / kd-shortcut keep — manage records that appear in more than one folder. list shows multi-folder records with --format {table,csv,json} and --output; keep retains a record in one folder and unlinks it from all others, with -f to skip the confirmation prompt.

Sharing commands

• kd-share-record — single command for grant / revoke / transfer-ownership via -a {grant,revoke,owner}. Required: -e EMAIL (repeatable), -r ROLE for grant. Supports -R/--recursive for bulk sharing across a folder tree, --contacts-only, --force, --dry-run, and --expire-at / --expire-in. -a grant on an already-shared record updates the existing role.
• kd-record-permission — bulk update sharing across all records in a folder (and optionally sub-folders with -R). Required: -a {grant,revoke}, -r ROLE for grant. Always shows a change plan before executing. Supports --force and --dry-run.
• kd-transfer-record — transfer ownership of one or more records to another user. Irreversible — you lose access after the transfer.

Inspection commands

• kd-record-details — batch metadata (title, type, version, revision) for one or more records. --format {table,json}.
• kd-get — full details for a record or folder (fields, notes, access list). --format {detail,json}, -v/--verbose for a per-permission flag breakdown per accessor, --unmask to reveal masked values like passwords.

Cross-type validation (#2008)

Commands now validate that the target's type matches the operation (e.g. record-only commands reject folder UIDs, and vice versa) so a mistyped UID gets a clear error instead of a silent no-op.

PAM

pam project export (new)

Walks the vault graph for a given PAM project configuration UID and emits a JSON document directly re-importable by pam project import.

• Output schema matches PROJECT_IMPORT_JSON_TEMPLATE exactly (project, shared_folder_users, shared_folder_resources, pam_configuration, pam_data.{resources,users}).
• Resource UIDs derive deterministically from Keeper record UIDs, so re-imports across tenants are idempotent.
• sort_keys=True produces deterministic JSON suitable for git diffs.
• --output FILE writes to disk; omitting prints to stdout.
• tool_version: "commander-export-1.0" is emitted to enable generator-aware behavior on the import side.
• Registered as the shortcut x under pam project.

pam project kcm-import / pam project kcm-cleanup (new)

Import connections directly from a KCM / Guacamole database into Keeper PAM.

• Docker auto-detect.
• Group filtering.
• Adaptive throttling.
• 150+ parameter mappings across SSH, RDP, VNC, Telnet, HTTP, MySQL, PostgreSQL, Oracle, SQL Server, LDAP, and Kubernetes protocols.
• Round-trip support: KCM-imported records reference users by title in pam_settings.connection.launch_credentials / administrative_credentials.
• pam project export now resolves title-shaped values against a per-export title-to-UID index built once from record_cache, so exporting and re-importing a KCM project preserves the user list. 22-character UID-shaped values are still accepted as direct UIDs for back-compat with hand-edited records.

pam tunnel automation modes (#1993)

Non-interactive tunnel modes for CI/CD, systemd, and scripts, plus a cross-process session registry so pam tunnel list / pam tunnel stop work across Commander processes.

PAMTunnelStartCommand:

• --foreground — run in the current process; exit on Ctrl-C or --timeout.
• --background — spawn a detached child; the parent returns immediately.
• --run "" — start the tunnel, run the command, tear the tunnel down on exit.
• --timeout / --pid-file for lifecycle control.
• Mutual-exclusivity checks; safe defaults when no TTY (batch mode).

PAMTunnelListCommand / PAMTunnelStopCommand:

• Surface tunnels owned by other processes via the file registry.
• stop sends SIGTERM (Unix) / TerminateProcess (Windows) and cleans the registry row.

New keepercommander/commands/tunnel_registry.py:

• Atomic JSON writes at /keeper-tunnel-sessions/.json.
• Stale-entry cleanup, duplicate-bind detection (host/port aware).
• 0o700 directory permissions on POSIX.

pam launch improvements (#2009)

• Surfaces involuntary terminations to the user. KeeperAI close prints a red Session terminated by KeeperAI.; admin close prints a yellow Session terminated by administrator.; other involuntary reasons print a single Session ended (). info line; normal/client-initiated closes remain silent.
• Distinct exit codes in batch mode. keeper pam launch UID raises SystemExit(40) for KeeperAI termination and SystemExit(41) for admin termination so callers can branch. In the interactive shell, the prompt is restored without tearing the shell down.
• Fixed close-reason name table in python_handler — previously only mapped codes 0-6 (with the wrong name for code 0) and missed every reason added since, including the two we now act on.
• Fuzzy record resolution. Falls back to a case-insensitive substring match on PAM record titles and any host / pamHostname field when UID / path / exact-title yield nothing. Multiple matches show a numbered picker (or list-and-exit on non-TTY).

pam rotation info --format=json (KC-1230)

Adds JSON output to PAMRouterGetRotationInfo via the shared json_output_parser (--format {table,json}, --output FILE).

JSON fields when online: status, ready_to_rotate, pam_config_uid, node_id, gateway_name, gateway_uid, admin_resource_uid, password_complexity, password_complexity_detail, schedule_type, schedule_data, disabled, script_name

Non-online: status, ready_to_rotate=false. Same pattern applied to discoveryrotation_v1.py for parity.

Secrets Manager

secrets-manager token add (new)

A thin wrapper around the existing client add flow so operators and automation scripts can add one-time access tokens to an existing KSM application without recreating it. Closes the gap where the only token-generation path was app creation.

Supported flags (same as client add): --count, --unlock-ip, --first-access-expires-in-min, --access-expire-in-min, --name, --config-init, --return-tokens

Implementation delegates entirely to KSMCommand.add_client() — no new API surface.

Fixes

• pam project import rejects duplicate UIDs. process_data now collects all UID values assigned to resources and nested users after the UID-normalization loop and aborts with a clear error if any UID appears more than once. Duplicate UIDs produced an ambiguous dependency graph and led to silent link errors during record creation. Externally supplied valid UIDs that are unique continue to work unchanged.

Original source

New Features

EM-7833: Added support for Quantum-Resistant Cryptography (QRC) using the Kyber Hybrid KEM algorithm to strengthen encryption for enterprise environments.

EM-8319: Added bulk endpoint support for adding and removing users from teams, enabling administrators to manage team membership at scale.

EM-7117: Added the ability to filter by node when managing Teams, making it easier to navigate large enterprise structures.

EM-8495: Added new ARAM audit events for PAM Workflow activity, including workflow session start (checkout) and end (check-in and expiration), as well as approval request approved, denied (with reason), and escalated events, enabling administrators to conduct thorough audits of all PAM approval activity.

EM-8435: Removed the product scrolling display from the initial onboarding/login flow to simplify the first-run experience.

EM-8289: Added additional Keeper 101 training videos to the Getting Started section to help new administrators onboard more effectively.

EM-7984: Improved the Security Audit page with sortable columns and percentage-based scoring for clearer visibility into enterprise security posture.

EM-5942: Improved the Manage Roles and Teams modal accessed through the Manage User interface for a more consistent and streamlined experience.

EM-8478: Improved KEPM agent sorting in the Deployments view so that enabled agents are listed first and disabled agents appear at the bottom, with alphabetical ordering applied within each group.

EM-8529: Made PAM Discovery ARAM events visible in the Reporting & Alerts section, including Discovery Job Started and Discovery Job Completed event types.

EM-8105: Improved KEPM agent registration reliability by treating agents that register without basic inventory data (such as computer name or OS type) as failed registrations.

EM-8299: Added real-time Device Management push handling so that when a mobile device sends a logout, lock, or removal action, the Admin Console responds immediately — logging the user out or enforcing device lock — rather than waiting until the next login.

EM-8317: Added bulk endpoint support for adding users from roles, complementing the existing bulk team management capability.

EM-7927: Added node information to the Teams module as an improvement, providing additional context when managing teams across enterprise nodes.

EM-8519: Improved the display of escalated and expired approval request statuses in ARAM to correctly reflect the changed approval request status event.

EM-7862: Removed the legacy RSA SecurID integration option from the 2FA section for enterprises that do not have it enabled, reducing unnecessary configuration noise.

EM-6791: Added an option for enterprises using SSO to opt out of including two-factor authentication (2FA) in Security Audit scoring, providing more accurate scoring for SSO-enforced environments.

EM-8376: Added "Users Without Transfer Policy Acceptance" and "Users Without Roles" metrics to the Risk Management Dashboard for improved enterprise risk visibility.

Enforcement Policies

EM-5430: Added a new Role Enforcement Policy for Wi-Fi Login, allowing enterprises to enforce Wi-Fi credential access policies.

EM-8169: Separated the Web Vault/Browser Extension and Admin Console logout Role Enforcement Policies into distinct controls, giving administrators more granular control over inactivity timeout settings per client type.

EM-7867: Added a new Role Enforcement Policy to restrict account switching, preventing users from instantly switching between linked business and personal accounts and requiring them to log out and sign back in instead.

EM-8284: Added a Snapshot Tool for Role Enforcement Policies, allowing administrators to capture and review configurations.

EM-7963: Added save confirmation prompts for Role Enforcement Policy changes to prevent accidental data loss.

EM-7964: Added an "unsaved changes" warning when navigating away from pages with pending edits.

EM-7965: Added a "saved changes" confirmation indicator to provide clear feedback when changes have been successfully committed.

EM-8444: Updated field icons within Role Enforcement Policies for improved visual clarity and consistency.

EM-8546: Removed the legacy Record Type field from Role Enforcement Policies to streamline the policy configuration experience.

EM-8233: Added a new Role Enforcement Policy for PAM Workflow, allowing administrators to control whether users can manage workflow settings for shared folders and PAM records within the Privileged Access Manager section.

Bug Fixes

EM-8659: Fixed an issue where opening the 14-day free trial URL in a browser with another account signed in would incorrectly pre-fill that account's email on the trial registration form.

EM-8657, EM-8584, EM-8585: Fixed multiple layout issues where node drop-downs and long node names were truncated or overflowed their designated areas in Teams and Roles views.

EM-8101: Fixed ARAM audit log events for approval request status changes incorrectly displaying raw UIDs instead of human-readable names.

EM-8647: Fixed text overlap occurring on the Roles > Enforcement Policies > Vault Features page when the browser window was reduced to a smaller screen width.

EM-8646: Fixed teams and roles with long names not fitting within their designated display areas in the User Details and Add User to Team/Role modals.

EM-8617, EM-8602: Fixed issues where KEPM approval configuration inputs could unexpectedly reset or refresh while a user was actively editing them.

EM-8616: Fixed layout rendering issues for smaller screen widths that were not resizing correctly throughout the Admin Console.

EM-8615: Fixed unwanted extra lines appearing in enforcement policy list styling.

EM-8614: Fixed an error that occurred when updating approval configuration collections in KEPM.

EM-8611: Fixed an incorrect error message shown in the user modal when no roles were found for invited users during role assignment.

EM-8593: Fixed the Edit button being visually shifted out of alignment on the Single Sign-On with SSO Connect® Cloud configuration page.

EM-8589: Fixed the default Logout Timer for iOS and Android apps in Account Settings incorrectly showing 30 minutes instead of the configured enterprise default.

EM-8571: Fixed enterprise upgrade buttons in several areas sending users to an incorrect checkout URL.

EM-8536: Fixed KEPM collection counts displaying inconsistent or fluctuating values.

EM-8473: Improved visual alignment of elements on the KEPM dashboard.

EM-8460: Fixed visual misalignment of icons within dropdown selectors that display icons alongside options.

EM-8457: Fixed a failure in set_enterprise_key_pair when an MSP was launched into an EC-only managed company.

EM-8395: Fixed an issue where the Vault Transfer Policy appeared as enabled on the login page when it should not have been.

EM-8358: Fixed the default Logout Timer Role Enforcement not being applied correctly in the Admin Console.

EM-8356: Fixed an error preventing administrators from setting a transfer account on an admin role in ECC mode within a managed company.

EM-8161: Fixed a white screen appearing when loading KEPM data.

EM-8142: Updated the KSM and KCM subscription UI to be visually consistent with the PAM requirements section.

EM-8368: Fixed ARAM audit events not displaying the approval_request_removed event correctly.

EM-7917: Fixed the PAM Session Recording Downloaded ARAM event displaying its message incorrectly.

EM-8096: Fixed push notifications not working for elevation requests in KEPM.

EM-7774: Updated the logic for handling missing ECC team keys to improve reliability in affected enterprise environments.

EM-8453: Fixed an issue where teams added as KEPM approvers were incorrectly counting members who do not have KEPM admin permissions toward the approver count.

EM-8301: Fixed an issue where attempting to transfer a user with corrupted keys would prevent the transfer from completing.

EM-8151: Fixed UI colors in the Provisioning section.

EM-8097: Fixed an issue where read-only collections were not being included when exporting KEPM collections.

EM-7900: Fixed a GovCloud console white screen caused by a "key" error.

EM-8618: Fixed incorrect language for PAM user counts in the Subscriptions section.

EM-8563: Fixed an issue where invalid KEPM policies imported from Commander would cause the KEPM policy tab to crash.

EM-8190: Improved the performance and optimization of the Omnisearch feature in the Admin Console.

Original source