Change logs - Cumulocity documentation

Preview

Introduction

As previously announced, when the Cumulocity MQTT Service transitions from Public Preview to General Availability (GA), the MQTT Service will enforce device isolation. MQTT devices will be able to subscribe to any topic, but will not automatically receive messages published to that topic by other devices. Microservices will be able to explicitly route messages between different devices. In effect, each MQTT client identifier will have its own private topic space that is not shared with other clients, but can be accessed by microservices.

Info

Device isolation is enabled by default for any tenant using the MQTT Service for the first time.

Tenants already using the MQTT Service can continue to use the deprecated tenant isolation approach, but should migrate their applications to work with device isolation as soon as possible. A feature toggle is available to allow these tenants to switch between isolation models while updating their applications.

We are making this change to align the MQTT Service with the behavior of the existing Core MQTT capability, and to improve out-of-the-box security for typical IoT applications where direct inter-device communication is not required.

Device versus tenant isolation

The difference between the two isolation models can be explained using a simple example.

Assume that a tenant has two MQTT clients connected to the MQTT Service, with client identifiers publish-client and subscribe-client, and that subscribe-client has subscribed to the topic my-topic.

Then, publish-client publishes a message to my-topic:

If the tenant is using device isolation, subscribe-client will not receive that message.
If the tenant is using tenant isolation, subscribe-client will receive the message.

A microservice can receive all messages published by all MQTT clients, and choose whether to forward messages to other clients.

Impact on MQTT devices and microservices connecting to the MQTT Service

This is a breaking change and affected applications must be updated to continue working after the GA version of the MQTT Service is deployed.

This change affects any application where MQTT devices exchange messages by publishing and subscribing to the same topics. In particular it affects applications where a Cumulocity microservice connects to the MQTT Service using the MQTT protocol to exchange messages with connected MQTT devices.

Existing microservices that are affected by this change should not immediately migrate to the existing Java client SDK, as this will not be supported in the GA version. Instead, these microservices should wait for the new MQTT Service API to be released and migrate directly to this API. Details of the new API and how to use it in microservices will be announced soon.

Switching between isolation models

Tenants can switch between the device and tenant isolation models using the mqtt-service.tenant.isolation feature toggle.

The feature toggle is set to true by default for tenants that are already using the MQTT Service, to maintain the deprecated tenant isolation behavior. These tenants can use the feature toggle to switch between isolation modes while developing and testing their migration to device isolation.

For all other tenants, the feature toggle is set to false and should not be changed.

To set the feature toggle to false, the following HTTP PUT request must be sent to the tenant. This example uses the curl command, but any equivalent tool that can send HTTP requests can be used:

curl --location --request PUT "https://<TENANT_DOMAIN>/features/mqtt-service.tenant.isolation/by-tenant" \
--header "Authorization: Basic <AUTHORIZATION>" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data-raw '{ "active":false }'

Where <TENANT_DOMAIN> is the domain name of the tenant, for example my-tenant.cumulocity.com, and <AUTHORIZATION> is a Base64-encoded HTTP Basic Authentication token for the tenant, constructed as described in the API documentation.

A similar request can be sent to set the feature toggle back to true:

curl --location --request PUT "https://<TENANT_DOMAIN>/features/mqtt-service.tenant.isolation/by-tenant" \
--header "Authorization: Basic <AUTHORIZATION>" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data-raw '{ "active":true }'

Improvement

Angular has been upgraded to version 19.2.14 and the Web SDK to 1022.4.17. This change may impact plugins that rely on older versions of Angular or the Web SDK.

Preview

Starting from the opcua-device-gateway version 1021.9.0, the OPC UA device gateway can forward data from OPC UA servers to Thin Edge MQTT topics instead of sending it directly to Cumulocity. The primary use case is to utilize Thin Edge also for data forwarding when running in Thin Edge mode. While doing this, the OPC UA device gateway bundles multiple collected measurement/event series into a single measurement/event when they are from the same device protocol and use cyclic reads.

API Change

Introduction

The Public Preview release of the Cumulocity MQTT Service currently enforces tenant isolation. An MQTT device (client) connected to the MQTT Service can subscribe to any topic, and receive messages published by other devices to that topic on the same tenant. That is, there is a tenant-wide topic space shared by all the MQTT devices using the tenant.

When the MQTT Service transitions from Public Preview to General Availability (GA), the MQTT Service will enforce device isolation. An MQTT device will still be able to subscribe to any topic, but it will not automatically receive messages published to that topic by any other MQTT device. However, microservices will be able to explicitly route messages between different devices. In effect, each MQTT client identifier will have its own private topic space that is not shared with other clients, but can be accessed by microservices.

We are making this change to align the MQTT Service with the behavior of the existing Core MQTT capability, and to improve out-of-the-box security for typical IoT applications where direct inter-device communication is not required.

Impact on MQTT devices and microservices connecting to the MQTT Service

This is a breaking change and affected applications must be updated to continue working after the GA version of the MQTT Service is deployed.

This change affects any application where MQTT devices exchange messages by publishing and subscribing to the same topics. In particular it affects applications where a Cumulocity microservice connects to the MQTT Service using the MQTT protocol to exchange messages with connected MQTT devices.

Microservices that are affected by this change should not immediately migrate to the existing Java client SDK, as this will not be supported in the GA version. Instead, these microservices should wait for the new MQTT Service API to be released and migrate directly to this API. See the next section for more details of the new API.

Impact on microservices using the MQTT Service client SDK

The existing Java client SDK for the MQTT Service will not be supported in the GA version. It will be replaced by a new language-neutral API giving direct access to the Cumulocity Messaging Service topics used by the MQTT Service. Details of the new API and how to use it in microservices will be announced soon.

Microservices that are affected by device isolation, and that are not currently using the client SDK, should wait for the new API to be available before starting their migration activity.

Microservices that are already using the Java client SDK may continue to do so until the new API is available.

Roll-out plan

To allow customers to plan a managed migration to the new device isolation behavior, it will be rolled out in several phases, as described below.

Dates refer to when the change will reach the eu-latest environment; other environments will be updated later following the usual CD deployment schedule.

Phase 1: Introduction of device isolation

On or soon after August 4, 2025:

Tenants currently using the MQTT Service will continue to have tenant isolation by default.
Tenants not currently using the MQTT Service will have device isolation enabled if they later start to use the MQTT Service.
A public feature toggle will be introduced, allowing tenants to be switched between tenant and device isolation under user control.

Phase 2: Migration during Public Preview

Tenants starting to use the MQTT Service for the first time should develop their applications to work with device isolation.
Tenants already using the MQTT Service should update their applications to work with device isolation. The feature toggle will allow these tenants to switch between isolation modes while developing and testing changes to their applications.

Phase 3: General Availability

The General Availability date for the MQTT Service is not yet confirmed, but will be no earlier than December 1, 2025.

When the MQTT Service becomes Generally Available:

All tenants will be switched to use device isolation.
Existing applications that have not migrated by this time may not function correctly.

Further announcements will be published before the start of phases 1 and 3.

Feature

It is now possible to add software and firmware repository items without a URL. When uploading software and firmware versions, a new option for the binary is available called Provided. If this option is selected, the device is expected to resolve the binary itself.

Preview

Feature preview

This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.

The Analytics rules plugin extends the Analytics Builder capabilities within Streaming Analytics by enabling users to create and manage the Analytics Builder model instances directly from device and group contexts within applications such as Device Management and Cockpit. You can activate the feature using the Manage preview features option in the user menu.

For more details about the Analytics rules plugin, refer to Analytics rules plugin.

Improvement

EPL plug-ins written in Python now have configurable isolation modes. This allows a plug-in to be loaded to use the main interpreter rather than a sub-interpreter, which is required for certain common third-party libraries that don’t support sub-interpreters, such as numpy. You can also run plug-ins with even more isolation, and use a separate Global Interpreter Lock (GIL) to the parent interpreter. This means that two different plug-ins can be executed in parallel.

Additional information can be seen in the corresponding Apama change log.

Announcement

Automated persistence for measurement values under the c8y_PreviousMeasurements fragment has been introduced. This allows for storing and querying the second most recent measurement values based on arrival time.

For details on how to enable the feature and how it works, refer to Managing data.

Breaking change: The Inventory API c8y_PreviousMeasurements fragment was added to the restricted properties list.

The c8y_Previous Measurements fragment is reserved for internal system use only and may not be used by external users.

Any request containing restricted properties will have those properties ignored by the platform — they will not be applied or saved.

Example:

If a user sends a request like the following::

{
    "name": "testDevice",
    "owner": "device_654321",
    "c8y_IsDevice": {},
    "c8y_PreviousMeasurements": {
        "c8y_Temperature": {
            "value": 25.4,
            "unit": "C"
        }
    }
}

With this release, the c8y_PreviousMeasurements fragment in the request will be ignored and will not be saved.

API Change

To improve the user experience when searching the inventory by a particular property, the Cumulocity platform changes its behavior for searches by filter with wildcards. Queries using the query language with wildcards now behave case-insensitive. Previously, such queries were processed with a case-sensitive strategy.

Example request:
GET /inventory/managedObjects?query=name+eq+'my-device*
can now return devices with names equal 'my-device01' or 'My-Device02'.

Queries without a wildcard character remain unchanged and use the exact match for optimal performance. This means that the example request:
GET /inventory/managedObjects?query=name+eq+'My-device01'
will not return a device with a name equal 'my-device01'.

Feature

To provide an overview of the device parameters, a new Parameters tab has been added to the device details. This tab lists all parameters reported by the device in a table format, including the parameter title, key, value and type.

Improvement

A new SmartREST template has been added. Using the template ID 408, it is now possible to create device parameter update events. The events created always have the type c8y_ParameterUpdateEvent. The template has a change detection functionality, so that events are only created if the given state in the event was not already known at the time.

Feature

The audit log of the Cumulocity DataHub application has been moved to the audit log of the Cumulocity Administration application, which provides central access to the tracking of all user operations.

Feature

Support of automated persistence of measurement values under the c8y_LatestMeasurements fragment, which has previously been introduced as a preview feature, is now generally available. If a measurement is created with a series that matches the configuration the device managed object is updated with the last series sent to the platform.

For details on how to enable the feature and how it works, refer to Managing data.

Feature

To provide more flexibility in displaying asset data, it is now possible to configure custom columns in the asset grid which can include nested properties. For example, if an asset has a nested property “c8y_Hardware.model”, it can now be displayed in a separate column in the grid. This allows users to view asset data based on specific nested properties without the need to view the full asset details.

Feature

In data grid views, when adding a custom column, you can now search through a list of asset property definitions when the Digital Twin Manager (DTM) asset API is available. The column header and path are filled in automatically. If the DTM service cannot be reached, the application falls back to the previous dialog, so existing workflows continue to work.

Feature

New advanced settings have been introduced in the OPC UA server configuration in the Device Management application, which provide the option to enable auto-scan with either full or partial address space scan capabilities. Refer to Connecting the gateway to the server for more details. This feature requires version 1021.7.0 or higher of the opcua-device-gateway and opcua-mgmt-service components.

Feature

The Data grid component has been updated to support hierarchical data structures. This enables a tree grid view where rows can be expanded to reveal nested child rows.

Key features include:

Expand/collapse functionality for parent rows
Indented row rendering for visual hierarchy
Support for server-side and client-side data

This update enables clearer representation of parent-child relationships in datasets, such as device hierarchies and asset hierarchies.

Improvement

The version of Python used in Cumulocity Streaming Analytics has been upgraded to version 3.13. Customers with extensions containing Python code should test that they are still working as expected. Virtual environments used to provide additional Python libraries may need to be recreated. If possible make these changes before the corresponding build gets rolled out to production SaaS environments.

See online resources such as the Python What’s New for detailed information about breaking changes and new features in Python 3.13. Additional information can also be seen in the corresponding Apama change log.

Improvement

The “LWM2M Device Send” event was logged alongside the “Received Message” event, although both events contained identical information. This update removes the redundant “LWM2M Device Send” event. Only the “Received Message” event now logs the resource data received from the LWM2M service in the VERBOSE logging level.

Feature

The “Map” widget has been enhanced with a new feature that allows to fit all assets on a map. This includes either all selected assets for the widget or all available assets if none are explicitly selected. This functionality is available in two places:

Widget configuration: Allows to adjust the map’s center and zoom level to include all relevant assets.
Widget view: Allows users to fit all assets into the view during normal dashboard usage.

This feature improves the usability by ensuring all tracked assets are visible with a single action.

Feature

For the new data point graph and data explorer, which can be enabled via the preview feature toggle, a new configuration option has been added that allows for limiting the number of decimal places. Users can now set a maximum number of decimal places, making it easier to interpret measurement values at a glance.

Announcement

Previously, uploading older microservice versions was restricted to development builds that contained the -SNAPSHOT suffix in the version. This constraint has now been removed.

It is now possible to upload older versions of a microservice, provided that the uploaded image matches the one already stored in the Docker registry.

For microservices in development with the -SNAPSHOT suffix in the version, there are no restrictions on the image content. Older versions with the same or different image content can be deployed.

This improvement allows you to rollback to a previously used version of the microservice. So far it was necessary to either delete the microservice application and re-upload the earlier version, or rebuild and re-upload the same binaries with an incremented version number.

Feature

A new filter option for entries created by DataHub has been added to the audit logs list. Previously, the audit logs list did not allow filtering of DataHub-related entries specifically.

Feature

Previously, the Remote access tab in the device details showed all available protocols, even if the device did not support them. This could lead to confusion for users trying to remotely access devices.

With this change, the Remote access tab only shows the protocols that are actually supported by the selected device. This makes the interface clearer and improves the user experience by providing accurate information on each device’s remote access capabilities.

If no supported protocols are specified, all options will still be shown to maintain compatibility. Any invalid or duplicate entries in the list will be ignored.

Find more information on specifying supported protocols via MQTT static templates.

Preview

The Streaming Analytics microservices now supports reliable delivery of notifications and resilience of smart rule state against scheduled restarts. These features are in Public Preview and can be enabled with the feature flags streaming-analytics.messaging and streaming-analytics.resilience.smartrules. These features are enabled for all tenants on the eu-latest cluster now, and will be automatically rolled out to production zones over the next few weeks. Tenant administrators can override the default on a given environment by setting the feature flags appropriately. The messaging feature must be enabled in order to enable the resilience feature.

Preview

Feature preview

This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.

To determine whether the feature is available for your tenant, open the Administration application and navigate to Ecosystem > Microservices. If you see the Messaging-management microservice subscription for your tenant, the feature is already available to be activated as described below. Otherwise, please contact product support to request the microservice subscription for your tenant.

The Messaging Service, the messaging component embedded in the Cumulocity platform, has been enhanced by a new monitoring and management feature which allows users to monitor and manage the usage of the Messaging Service resources. This new feature is currently in Public Preview. You can activate it in the platform UI via the Manage preview features option in the user menu. Find out more about the feature in its user documentation.

Improvement

A new toggle, strongConsistency, has been introduced. When set to true, it prevents late-arriving measurements from being shown as the most recent data for a device, regardless of their actual arrival time.

For details on how to enable it and how it works, refer to Managing data.

API Change

The Notifications 2.0 SDK deleteByFilter() method takes a NotificationSubscriptionFilter parameter that specifies which subscriptions should be deleted. Previously, it was possible to create a filter that would result in more subscriptions being deleted than was intended.

To resolve this issue, extra safeguards have been added to reject filters that should not be processed by the underlying platform API. In addition, the deleteByFilter() method has been deprecated and clients should use the existing delete(), deleteById() and deleteBySource() methods instead.

Feature

Support has been added for operating behind an HTTP proxy. This enhancement allows the Cumulocity OPC UA gateway to be used in environments where an HTTP proxy is required, improving flexibility and compatibility with various network configurations.

Improvement

A new SmartREST template has been added. Using the template ID 600, it is now possible to read the platform version with SmartREST, in order to evaluate API interface compatibility and expected request behaviour.

Feature

The preview features functionality allows you to manage all features that are currently in Public Preview in one place. With a simple toggle interface you can easily discover, enable, and experiment with upcoming functionality. This helps you stay ahead of new developments while providing our team with valuable insights to improve the final product through your early feedback.

To access the preview features toggle interface, click the user icon at the top right and select Manage preview features in the right drawer.

API Change

In earlier versions of EPL Apps, using = instead of := resulted in a warning. This has now been promoted to an error. Loading will be rejected until the line is fixed or removed.

Improvement

Previously, integrating the subassets plugin from Digital Twin Manager with other tab-based plugins led to errors during tab switching. This issue has been resolved. The path to access subassets has been changed from /asset/:id/subassets to /group/:id/subassets.

Improvement

The subassets and asset tree contexts have been changed from /asset/:id to /group/:id to align with the Digital Twin Manager´s registered context. The previous asset/:id context was not recognized globally, leading to issues such as broken tab switching, especially when external plugins were integrated. Switching to the group/:id context ensures reliable routing, consistent context handling, and seamless plugin compatibility across the platform.

Announcement

The Apama Analytics Builder Block SDK and Apama EPL Apps Tools are no longer supported natively on Windows environments.

The new approach is to use the community-maintained Apama Extension for Microsoft Visual Studio Code which provides a productive development environment for writing EPL, including a workflow for starting Apama application on Windows using a Dev Container using WSL (Windows Subsystem for Linux).

Alternatively, in the short term, it is possible to continue using Apama 10.15 and the rel/y2025 branch of the respective repositories; however, customers are encouraged to transition to the new approach when possible.

Announcement

Starting with version 1022.0.0, the Web SDK no longer includes built-in login functionality in each application. Instead, a separate login application now manages all authentication flows. Web applications developed using Web SDK version 1022.0.0 or later will automatically redirect users to this standalone login application whenever authentication is needed.

This change benefits customers creating their own UI applications, as they no longer need to implement custom login flows. They can simply redirect users to the new login application. The login page has also been redesigned as part of this update, improving its usability and visual appeal.

Note: Customers who embed the UI within an iframe and require in-iframe login may need to modify their implementation to support this new login flow.

Preview

Feature preview

This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.

To determine whether the feature is available for your tenant, open the Administration application and navigate to Ecosystem > Microservices. If you see the Mqtt-service microservice subscription for your tenant, the feature is already available. Otherwise, please contact product support to request the microservice subscription for your tenant.

MQTT Service subscription

The Cumulocity MQTT Service is a new MQTT endpoint implementation for Cumulocity that provides the following benefits:

Sending and receiving arbitrary payloads on any MQTT topic.
User-provided microservices can send and receive messages on MQTT topics, and map messages to and from the Cumulocity data model.
Multi-tenant support with full tenant isolation.
Bi-directional TLS including authentication with X.509 client certificates.

The MQTT Service does not replace the existing Core MQTT capability of Cumulocity that supports sending device data already in the Cumulocity domain model directly into the platform. The new capability provided by the MQTT Service allows for easier integration of MQTT devices that cannot use the Cumulocity domain model. It also supports more flexible communication patterns between devices, applications, and the Cumulocity platform, controlled by user-provided microservices.

Note that in the public preview, MQTT Service clients within a tenant are not isolated from one another. That is, an MQTT client can subscribe to topic(s) that another client is publishing on, and receive the messages sent by that client. Full device isolation will be available in the first General Availability release of the MQTT Service.

For more details about this feature refer to the MQTT Service documentation.

Feature

Previously, only one readme file could be added to a package - by storing the README.md file in the package root folder. With this update a readme file can be created for each plugin within a package, thus providing users with a better experience and placing the information closer to the plugin.

To add the readme for the plugin, the README.md file must be provided in the plugin codebase (the recommended place is the same folder as the exposed plugin module) and thereadmePath property (indicating the path to this file) must be added to the exports. For example:

{
  name: 'Example widget plugin',
  module: 'WidgetPluginModule',
  path: './src/app/widget/widget-plugin.module.ts',
  readmePath: './src/app/widget/README.md',
  description: 'Adds a custom widget to the shell application'
}

When the package is deployed, the readme can be viewed in the package details, the package versions view (readme for specific version), the installed plugins list and the available plugins list.

Feature

It is now possible to view change logs of deployed packages. These change logs can be viewed in:

A Change log tab in the package details
A change log section in the package version details
In the Update plugin dialog for installed plugins

Feature

To simplify the device registration process, the single device registration form can now be pre-filled with device information. When a user opens the device registration dialog, the form fields are automatically populated with available device details from the query parameters, reducing manual input. This change improves the user experience by saving time and effort during device registration.

Feature

The radial gauge visualization has been migrated to a new charting library, offering a broader selection of built-in gauge presets for quick and easy use. Additionally, an advanced section has been introduced, enabling users to fine-tune and customize gauges to perfectly match their data visualization needs.

Improvement

EPL Apps now has support for connecting to Cumulocity MQTT Service. This allows handling of device-native messages sent to the MQTT Service within Cumulocity EPL Apps. For more details see Using Cumulocity MQTT Service.

Info

The Cumulocity MQTT Service feature is currently in Public Preview and may be subject to change in the future.

Improvement

Cumulocity Streaming Analytics is switching to the new “26.x” version of the Apama engine. The 26.x release is focused around the real-world needs of Cumulocity customers, delivering a simplified and more relevant feature set.

The new version includes some changes that may affect customers with their own custom EPL or connectivity plugins, as well as those who build and test analytics applications using their own installation of Apama (for example, on Windows).

We expect most applications to be unaffected. However if you use custom Python or Java plugins in an Analytics Builder Block that you have uploaded to the apama-ctrl microservice, it is important to prepare for these changes immediately, so you are ready when the update is rolled out to SaaS environments over the coming weeks.

If you use Apama in a Cumulocity custom microservice there is less urgency, but you should plan to switch to the new (latest or 26.X.X) Apama base image at some point over the next year.

Release Changes

Windows and Eclipse support

Installation of the Apama engine is no longer supported on Windows, and the Apama plugin for Eclipse is removed.

Instead, to develop Apama applications on Windows (for example to build EPL Apps, execute the Block SDK, or build PySys tests for your application), instead of Eclipse you can use the community-maintained Apama Extension for Visual Studio Code.
It is also possible to install Apama using our Debian Package Repository into a Windows Subsystem for Linux (WSL) instance of Debian.

Docker base image update

The Apama Docker images now use Debian 12 (Bookworm) for the base image instead of Red Hat UBI. These images can be used for both development and as a base image for custom Cumulocity microservices. The names and tags of some Docker images have changed, as has the directory where Apama is installed. If you need to install any extra packages on your image, the command line for doing so will need to be changed for Debian.

Supported operating systems changes

For users who need to install Apama onto a Linux machine without Docker for development purposes, the installation options have changed. Debian 12 (Bookworm) is now the only supported distribution for installing Apama, and the Apama packages must be installed from our Debian Package Repository as we no longer publish .zip or .tar.gz packages. Support for installing Apama on Red Hat Enterprise Linux and Ubuntu is removed. In addition to the usual x86 packages, support for ARMv8 (64-bit) has been added and replaces ARMv7HF (32-bit).

Java upgrade

This release of Apama comes with Java 17 instead of Java 11. All Java code executed within the correlator is now executed with Java 17, so if you have any custom EPL plugins or connectivity plugins you should recompile them with Java 17 and test that they are still working as expected. If you use Java in a block uploaded to an apama-ctrl microservice, any required changes should be performed immediately so you are ready when the update is rolled out to SaaS environments.

See online resources such as the JDK release notes for detailed information about breaking changes and new features in Java 17. Some applications may be affected by the different locale data provided in this version of Java, or may require updates to third party library dependencies, but we expect that in most cases Apama plugins will continue to work without changes.

Python upgrade

Python will soon be upgraded from 3.9 to a newer version (likely 3.13). We advise customers using Python to review What’s New in Python to familiarize themselves with any changes that may affect their application. If Python is being used within a block uploaded to an apama-ctrl microservice, any required changes should be performed immediately so you are ready when the update is rolled out to SaaS environments.

References & feedback

For more information on these and other changes, review the Apama Change Logs. If you have any questions, feel free to post to the streaming-analytics-apama tag on the Cumulocity Tech Community.

API Change

A new security feature has been introduced to restrict the decryption of encrypted tenant options with the credentials. prefix. These options can now only be decrypted by system users (such as bootstrap or microservice users) if they own the options.

Ownership is determined based on the category of the tenant option, in the following priority:

The settingsCategory defined in the microservice manifest.
The microservice’s context path.
The microservice name.

This change is currently disabled by default and can be enabled via a feature toggle secure-tenant-options through the API.

Important

In Q4 2025 for the SaaS instances and in 2026 for the yearly releases, this restriction will become mandatory. We strongly recommend reviewing your microservices now to ensure compatibility with the upcoming enforcement. This gives microservice developers time to adapt, especially if their services depend on reading credentials.* options in categories not owned by the microservice.

Feature

The Properties, Custom properties, and Limits tabs in the tenant details have completely been migrated to a newer version of Angular. They still work in the same way from the user perspective, with two exceptions:

The External reference field and the Enable Gainsight product experience tracking checkbox have been moved into the Properties tab.
The device storage limitation has been moved into the Limits tab.

Feature

The retention scheduler has been updated to execute retention rules for tenants with the status SUSPENDED in addition to active tenants. This makes sure that data cleanup and storage rules still apply, even if a tenant is not currently active.

Feature

In the past, Modbus, Profibus, CANBus, and CANopen devices created in the Device Management application were missing the c8y_IsDevice fragment which identifies them as devices in the inventory. This change adds the c8y_IsDevice fragment to all such devices created going forward. This improvement makes such devices easier to find and filter in the inventory when querying for devices. Existing Modbus, Profibus, CANBus, and CANopen devices in the inventory are not modified and will still be missing the parameter.

Improvement

The LWM2M agent now provides enhanced control over request timeout settings for LWM2M devices. The timeout value must always remain within the minimum and maximum limits defined in the global LWM2M microservice properties. Invalid values, such as zero or negative numbers, can no longer be entered. If the agent detects a value below the minimum threshold, it will automatically adjust it to the allowed minimum. Similarly, any value exceeding the maximum limit will be corrected to the allowed maximum.

Improvement

The logging event levels have been updated to simplify the LWM2M device configuration. Previously available logging levels were: NONE, LIFECYCLE, TRAFFIC, FIRMWARE, and VERBOSE. This has now been simplified to NONE, LIFECYCLE, and VERBOSE. TRAFFIC and FIRMWARE log events have been merged with VERBOSE. This configuration will be automatically updated in the device managed object.

Feature

The Cumulocity platform provides capabilities to manage translations for the UI in various languages. Previously, the translation editor had limited capabilities for editing multiple translations at once. With this change, the Monaco editor can now be used when editing translations in the Administration application, allowing to bulk edit or import translations easily.

Feature

To simplify the process of creating device groups, it is now possible to assign child devices directly when creating a new group. Previously, child devices had to be assigned separately after the group was created. This change streamlines the workflow and saves time for users who manage large numbers of devices. Existing device groups are not affected by this change.

API Change

As published earlier in the change logs, the removal of the Microservice API version 1 has now been implemented. If not done yet migrate your microservices to API version 2 as soon as possible. Refer to Microservice migration to API version 2 in the user documentation to understand how to accomplish this.

Preview

Feature preview

This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.

To determine whether the feature is enabled, go to the Device Management application and navigate to Management → Trusted Certificates. If you see Add CA Certificate in the top-right corner of the page, the feature is enabled. If it is not enabled, please use the Feature Toggles REST endpoints or contact Global Support to enable the feature.

Cumulocity has has been enhanced to function as a Certificate Authority (CA), providing the following capabilities:

Manage signing certificates
Accept Certificate Signing Requests (CSR)
Perform legitimacy checks, as defined by each tenant
Issue signed X.509 certificates trusted by the device tenant

For more details about this feature refer to Certificate Authority (CA).

Announcement

What changes?

Cumulocity introduces a new hookable multi-section concept for the widget configuration, and as a result, the loadConfigComponent method of the widgetHook is deprecated.

How does this change impact you?

Widget developers should start using the hookWidgetSection hook to add configuration to their own or existing widgets. This new approach supports multiple configuration sections to be displayed, offering greater flexibility and organization of widget settings.

Backward compatibility

The loadConfigComponent method continues to work in short term and will add a section named “Settings”, but it will be removed in an upcoming major release. We recommend migrating to the new approach as soon as possible.

Announcement

In an upcoming version a new Import/Export tab will be added to the dashboard settings, which allows to export dashboards to JSON files, import dashboards from previously exported JSON files and edit the dashboard in an editor. This new functionality allows to copy dashboards across applications. It is provided as a “self-optional” plugin to the Cockpit application, thus it has to be installed explicitly. The dashboard setting component will be refactored to use a secondary router outlet in order to make these type of views hookable. This approach allows to hook a new tab to a particular outlet. For example:

hookTab(
    [
        {
          label: gettext('Import / Export'),
          icon: 'input-output',
          priority: 5,
          path: [
            {
              outlets: {
                'dashboard-details': 'advanced'
              }
            }
          ],
          tabsOutlet: 'dashboardTabs'
        }
      ];
),
hookRoute([
  {
    path: 'advanced',
    loadComponent: () => import(...),
    outlet: 'dashboard-details',
    context: ViewContext.Dashboard
  }
])

In this example an additional tab is added to the dashboard settings, and the hook route allows to display a view for this tab. This is breaking change, as each component that uses context dashboards must have ´rootContext: ViewContext.Dashboard´ in the route definition to make these settings tabs and views visible (even if no new tab was added). For example:

hookRoute({
  path: "home2",
  component: CockpitDashboardComponent,
  rootContext: ViewContext.Dashboard,
});

Feature

It is now possible to generate schemas from TypeScript types and interfaces in your project, which can then be imported during runtime. A custom webpack plugin makes this functionality possible by collecting all types imported with the c8y-schema-loader prefix during the application build process. The enhancement enables runtime validation capabilities, such as validating widget configurations (since TypeScript types are not retained in the built application). This supports upcoming advanced features such as dashboard export and import.

Feature

As part of our ongoing efforts to improve the developer experience, we have published a new @c8y/toolkit npm package. This package for now only provides functionality for deploying applications or packages to a Cumulocity instance, but might be extended further. The advantage of this package over the already existing ng deploy command is that is does not come with a dependency on Angular, making it more lightweight and ideal to use in, for example, a CI/CD pipeline.

Improvement

Improvements in the area of handling Cumulocity cluster membership and node discovery have been implemented that might impact the microservice monitoring features of the Cumulocity platform.

Feature

For OPC UA custom action requests, you can now include the timestamp of when the node value is received by the OPC UA device gateway. Simply add the ${receivedTimestampInMs} placeholder to the custom action body template in the OPC UA device protocol. This enables users to track when a node value is processed within the gateway.

Feature

Starting in Q1 2025, the Cumulocity platform will include the Time Series Migration application as part of the default set of subscribed microservices. This service will be automatically enabled for both existing and newly created tenants. The application facilitates the migration of tenant data from legacy measurements to the new time series storage. For more information, refer to Time Series migration.

Improvement

When the HTTP queue is overflowed, the OPC UA gateway now temporarily disables the server communication until the queue is recovered. This improvement helps prevent potential system overloads and ensures more stable performance during high traffic conditions. Before disabling the OPC UA communication, an alarm is triggered to notify that the gateway is disabling communication. Once the queue and communication are restored, the previously triggered alarm is cleared.

Feature

To enhance data analysis and visualization within the Cumulocity platform, the data point explorer and data point graph have been upgraded with new capabilities and a modernized architecture. Both features have been migrated from AngularJS to Angular, bringing improved performance, a refreshed interface, and expanded configuration options. Initially, these features will not be included by default and can only be installed as additional plugins. To install them, navigate to your custom application, click Install plugins, and search for “Data point explorer” and “Data point graph”.

Data point explorer

The data point explorer now includes a workspace implementation, allowing users to create and manage multiple workspaces for organizing their data analysis. These workspaces are stored locally and can also be shared, enabling seamless collaboration across teams. Additionally, an improved browsing and search experience makes it easier to locate specific data points across connected devices.

Data point graph

The data point graph now provides a more interactive and dynamic visualization of data points over time, helping users identify trends, patterns, and anomalies with greater ease. Key improvements include:

A dashboard-linked time slider that adjusts the time range across the entire dashboard when the widget is connected to the global time context, enabling synchronized data views across multiple widgets.
Simple click-to-toggle visibility controls for data points, alarms, and events. +- New configuration options to control alarm icon visibility, overlay multiple measurements on a single graph axis, and customize graph styling options.

These enhancements offer a more intuitive and powerful way to explore IoT data, improving efficiency and collaboration for users managing their deployments within Cumulocity.

Feature

A new function isinhierarchyof() has been added to the query language.

The new function

matches objects in the hierarchy of the object whose ID is passed as an argument.
accepts one or multiple arguments.

Example

For a given hierarchy:

Group g1
- Subgroup s1
  - Object o1
  - Object o2
- Subgroup s2
  - Object o3
  - Object o4

isinhierarchyof(g1) - matches group g1 and all of its descendants: g1, s1, s2, o1, o2, o3, o4
isinhierarchyof(s1) - matches subgroup s1 and all of its descendants: s1, o1, o2
isinhierarchyof(s2) - matches subgroup s2 and all of its descendants: s2, o3, o4
isinhierarchyof(o1) - matches only object o1
isinhierarchyof(o3) - matches only object o3
isinhierarchyof(s1,s2) - matches both subgroups and their descendants: s1, s2, o1, o2, o3, o4
isinhierarchyof(o2,o4) - matches objects o2, o4

Feature

OAI Secure has been enhanced by removing the need to call /currentTenant as part of the login. This is of interest to our customers who have written their own login interface. If you are unsure if the new approach is supported on your instance, check for the login option tfaSupported which indicates you no longer have to use /currentTenant.

Feature

The Cloud Remote Access feature in Cumulocity enables users to remotely access and manage their devices. As part of ongoing improvements, this feature has been migrated from the older AngularJS framework to the newer Angular framework. This migration aligns the feature with the latest web technologies and provides a more modern and maintainable codebase. Additionally, the Cloud Remote Access feature is now extendable via the hookService, allowing developers to customize and enhance its functionality to suit their specific requirements. While the core functionality of Cloud Remote Access remains the same, users may notice minor visual changes in the user interface due to the framework migration.

Customers maintaining their own Device Management application, can refer to this git diff to identify the changes required to switch to the new implementation.

Feature

A new Commands tab has been implemented in the service details of device services. The Commands tab allows users to send available service commands and track their execution history. For details, see Service commands.

Feature

A new Asset navigator module has been added to the DTM plugins component, which includes official DTM plugins and enables integration with both default and custom web applications. It adds a navigation entry for assets in the navigator, making it easy for users to browse through asset hierarchies. Users can also reorganize their assets and devices within these hierarchies using drag-and-drop functionality.

Feature

In the past, extension packages could not be archived in the system which led to challenges with managing obsolete or unused packages. With this change, it is now possible to archive packages which are no longer maintained. Packages can be marked as out of maintenance, while still being able to access archived packages if necessary.

Feature

The export component has been integrated into the “Data point table” widget. This integration allows users to efficiently generate exports based on the data displayed in the “Data point table” widget.

Feature

Many queries in Cumulocity now use the withTotalElements parameter. This way, the number of queries required to retrieve the total number of items can be significantly reduced. This change considerably improves the performance, especially when working with large datasets such as the device list.

Announcement

The OperationsListModule component, which was deprecated since version 1021.50.0, has now been removed. In case you use OperationsListComponent and/or OperationsListItemComponent you can now import them directly as standalone components. In case you want to continue to provide the Device control > Single operations feature in your Device management application, you can take advantage of the deviceControlOverviewFeatureProviderFactory() factory function which provides all necessary environment providers that hook the Single operations tab and the respective navigator node. For the Device control section on the Device info tab, you can respectively use the deviceControlTabFeatureProviderFactory() factory function. If you already import OperationsModule from @c8y/ngx-components/operations in your application, no change is needed since it has been refactored to use the provider factories as a replacement of the removed OperationsListModule.

Announcement

In a future version of the Web SDK, the LWM2M module will be removed from the @c8y/ngx-components library. If you use the LWM2M module from @c8y/ngx-components in your custom UI components, this will no longer work in future Web SDK versions and must be removed. LWM2M will be available as a plugin in the Device Management application.

Announcement

Starting from version 2025.18.0, the Microservice SDK is now using Spring Boot 3.4.2. Notice that along with Spring Boot, most other dependencies were also updated to be consistent to the dependencies which Spring Boot uses.

The version 2025.18.0 will also bring along updates to several third-party libraries and frameworks. These changes will be included in the org.springframework.boot:spring-boot-dependencies:3.4.2 dependency which comes with Microservice SDK.

Impact: The update may impact your microservices, potentially requiring code changes.

Migration Resources: Refer to the following guides for assistance with the changes:

Feature

An offloading pipeline can be configured to raise a Cumulocity event when an associated offloading or compaction run completes. Such an event comprises details of the corresponding run such as start and end time, success status, or number of offloaded records. Those events can be used to trigger follow-up actions upon completion of an offloading or compaction run.

Announcement

We are pleased to announce that Cumulocity has moved to AI-powered automation for translating our entire platform UI from English into all supported languages.

In addition, a regular review is carried out by professional translators for German, French, and Japanese.

What this means for you

Faster availability of new features in your preferred language
More consistent terminology across the platform

Help us improve

While AI technology continues to advance, we recognize the importance of human expertise in ensuring accurate and contextually appropriate translations. We value your insights and encourage you to share feedback and suggestions for improving translations through our product support.

Your feedback will directly contribute to enhancing the translation quality of Cumulocity for all users worldwide.

Announcement

In a future version of the Web SDK, we will update the Angular version used in the Web SDK to version 19. This update brings improvements and new features, but may also introduce breaking changes that could impact your existing implementations.

As part of this change, the pipe, directives and components that are offered as part of the @c8y/ngx-components library, will now be available in standalone mode.

To ensure a smooth transition to Angular 19 and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.

To ensure a day one compatibility of your plugins with applications based on the v1022 Web SDK, you should already today add the standalone flag to all components/pipes/directives of your plugins. You do not need to migrate your components/pipes/directives to standalone: true, you can also set it to false. You just need to ensure that you’ve set the standalone flag. Angular v19 will otherwise default to standalone: true instead of standalone: false if the standalone flag has not been defined, which can break your components/pipes/directives.

Announcement

As part of our ongoing improvement efforts, in a previous version, we have migrated the Cloud Remote Access feature from the older AngularJS framework to the newer Angular framework. The new Angular-based implementation makes the old AngularJS-based implementation obsolete. The AngularJS-based implementation will therefore be removed from the @c8y/ng1-modules npm package starting with version 1022.0.0.

Customers maintaining their own Device Management application can refer to this git diff to identify the changes required to switch to the new implementation.

Feature

In order to make it easier for users to apply only relevant device profiles, pre-filtering of device profiles by the software types supported by the specific device has been implemented in the Device profile tab. The Select device profile dropdown now only shows profiles that are applicable for the software types supported by the device. This improves usability, saves time and eliminates errors.

Feature

The asset selector is a commonly used component that allows users to select one or more assets from a list. Previously, checkboxes were always displayed next to each asset in the list. With this change, developers can now hide these checkboxes if desired. This provides more flexibility in the UI design and can lead to a cleaner look in situations where the checkboxes are not needed.

Improvement

A new field named Source or Destination Type is now available in the Template Parameters dialog box of the Analytics Builder model editor. You can use the new field to select one of the following source or destination types: Device, Groups, Assets, or Other. You can then specify a default value that is based on your selection. See also Managing template parameters.

Improvement

The multi-tenant Apama-ctrl-mt-4c-16g microservice now supports Analytic models. The Analytics Builder page is shown for tenants subscribed to the microservice, allowing users to create, deploy and manage analytic models.

Announcement

As part of our ongoing improvement efforts, in a previous version, we have removed several legacy components related to configuration management, device list handling, and column configuration. These changes impact outdated services, directives, and templates that have either been migrated to Angular or deprecated due to lack of usage.

Configuration Repository: The entire module, including its service, controllers, tests, and UI templates, has been removed – now moved to Angular.
Configurable Device List Columns: Services, constants, directives, and modal components related to column customization have been removed – now moved to Angular.
Device List Handling: Controllers, directives, and configuration files related to device listings have been removed – now moved to Angular.
Device Details & Availability: Several templates and directives managing device details, availability, group selection, firmware, hardware, and network information have been removed – no longer used.

If you were relying on any of the removed components, please migrate to the new Angular-based solutions.

Feature

The password setup process for new users was unclear. It has been updated and replaced with three distinct options, from which the administrator can select one. The available options are:

Send password reset link as email
Set password that must be changed on the first login
Set password for the user (no change required)

See also Setting limits.

Feature

Support for ID tokens provided by external IAM servers has been added and can now be used in the authentication process via single sign-on (SSO). Previously, only access tokens were supported by the Cumulocity platform. Now, the administrator can decide through the configuration whether user data retrieved from the external server, such as first name, last name, phone number, email, and roles, should be loaded from the access token or the ID token.

Feature

Previously, the add asset functionality in the subassets view only allowed to create child assets within existing hierarchies. With this change, users can now create root-level assets as well as complete asset hierarchies based on predefined asset models. This enhancement provides greater flexibility creating asset hierarchies through the UI.

Feature

In the “Data point graph”, “Data point table”, and “Event list” widgets configuration, the default option in the Date selection field has been changed from “Widget configuration” to “Dashboard time range”.

Feature

To improve the usability of the Alarms page, alarm filtering by a date range has been implemented. Users can now filter alarms by specifying a start and end date, allowing to narrow down the displayed alarms to a specific time period. This change enhances the alarm management experience by providing more granular control over the alarms being viewed, making it easier for users to focus on relevant alarms within a desired timeframe.

Feature

In the Cockpit application, it is now possible to disable or enable the dashboard manager in the Application configuration page. By default, the dashboard manager is enabled.

Feature

Angular has been upgraded to version 18.2.11 and the Web SDK has been updated to 1021.0.4.

Announcement

In an upcoming version the dashboard manager module will be extracted from the Cockpit application and added as a separate plugin. This change might be a breaking change as the dashboard manager module will no longer be part of @c8y/ngx-components/context-dashboard, but will be part of @c8y/ngx-components/dasboard-manager.

This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as the dashboard manager from now on will be loaded lazily (that is, only after main application is loaded).

Improvement

The section on Service terms has been further enhanced. It now also contains

the Support service-level agreement,
the DataHub service-level agreement,
the Compatibility policy (moved from “Technical concepts”),
an explanation how Cumulocity manages releases in the Release policy,
an explanation of how features are validated with customers in Previewing features,
a consolidated page on all Service quotas, and
the Accessibility statement.

Improvement

Several legal notices documents have been added to the product documentation, such as Privacy Notice, Third Party Information and License Terms and Conditions. For details, see Legal notices.

Announcement

This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.

Starting from version 10.20.155.0, the Microservice SDK is now using Spring Spring Boot 3.3.x, which marks the end of the recent dependency updates published in quick succession. Notice that along Spring Boot, most other dependencies were also updated to eliminate all security vulnerabilities those dependencies had.

Because of the amount of changes we also published intermediate versions to help with the upgrade process of all the applications using the SDK.

Version 10.20.150.1 contains a fix for the previously announced version 10.20.150.0 for applications configuring additional servlets. Use this version when updating your application to Spring Boot 3.0. For details refer to the Spring Boot 3.0 Migration Guide.

Version 10.20.151.1 is based on Spring Boot 3.1 and is recommended as an intermediate step to limit the amount of changes done at once. For details refer to the Spring Boot 3.1 Migration Guide.

Version 10.20.153.1 is based on Spring Boot 3.2 and is another recommended intermediate step. For details refer to the Spring Boot 3.2 Migration Guide.

Finally, when upgrading to version 10.20.155.0 based on Spring Boot 3.3, refer to the Spring Boot 3.3 Migration Guide.

Feature

When deleting or modifying a global role, an administrator can now ensure that changes take immediate effect by using a new option to log out all users assigned to that role.

Feature

To provide developers with more guidance on how to use filter chips in their applications, codex examples for filter chips have been added. The examples demonstrate how to implement filter chips in various scenarios and highlight best practices. With these new codex examples, developers can more easily understand and leverage filter chips in their own applications, enabling them to create more intuitive and user-friendly filtering experiences.

Feature

To support developers in utilizing hookServices in their applications and plugins, documentation and examples have been added to the Cumulocity Codex. The documentation provides an overview of the hookServices API and suggests use cases for it. It also includes a code sample demonstrating widget plugins sharing a common state via an externally injected service. With these new resources available, developers should find it more straightforward to integrate hookServices into their projects, enabling them to extend and customize functionality as needed.

Improvement

Previously, when an error occurred on logging in via SSO, the plain HTML error text was displayed in the browser. With this change, optional Redirect to the user interface application configuration has been added which allows displaying the error text as a standard UI error message. The new configuration parameter is optional and does not affect current SSO configurations. Using this option requires updating the “Valid Redirect URIs” in the authorization server with the value “<tenant_domain>/apps/*”. For details, refer to Custom template configuration.

Feature

The device profiles view has been migrated to a data grid. The data grid provides a more modern and user-friendly way to view and manage device profile items compared to the previous list view. The data grid offers enhanced features such as sorting, filtering, and pagination, making it easier to find and work with specific items.

Improvement

In previous versions, the operation c8y_ua_command_ProcessMappingsForDeviceValues failed entirely if any single mapping failed. The new behavior allows the operation to continue reading nodes even if some nodes cannot be read due to bad status codes. Although the operation will still be marked as failed, all readable nodes will be mapped. Additionally, the result and failure messages have been improved to indicate which nodes failed and which were successful.

Feature

The DTM plugins component now includes a new asset properties widget module, which enhances the functionality of the existing “Asset properties” widget. This includes:

Simplified selection of the modelled properties for assets.
Support for listing properties of type: file
Ability to preview images attached to properties of type: file
The widget has been migrated to Angular.

The module is designed for easy integration into any Cumulocity application. In future releases, this widget will replace the current “Asset properties” widget across all Cumulocity applications.

Feature

To improve the documentation of UI components, a Codex example has been added for the CountdownInterval component. This example demonstrates how to use the CountdownInterval component in an application, showcasing its functionality and configuration options. Developers can now refer to this example to better understand how to integrate the CountdownInterval component into their projects, making it easier to implement countdown functionality in their applications.

Feature

As part of continuous improvement efforts, the illustrations used in various sections of the Cockpit user interface have been updated. The new illustrations provide a fresh and modern look while still effectively conveying the intended message or concept. This change enhances the visual appeal and user experience of the Cockpit interface without impacting any functionality or existing user workflows.

Feature

The Apama Docker images are now available at public.ecr.aws/apama, and can be viewed at https://gallery.ecr.aws/apama/. Previously, they were available at softwareag/, and viewed at https://hub.docker.com/u/softwareag.

Within any Dockerfiles that use the Apama images, you will need to change FROM softwareag/<IMAGE>:<TAG> to FROM public.ecr.aws/apama/<IMAGE>:<TAG>.

The location of Apama within the image has been moved from /opt/softwareag to /opt/cumulocity. Existing images remain unchanged.

Improvement

Previously, warning messages were logged when input events were dropped by an Analytics Builder model because they were delayed beyond the reorder buffer duration. In addition to the warning messages, an alarm is now raised when input events are dropped. The alarm provides improved visibility compared to relying on viewing log messages, which is especially useful for multi-tenant Streaming Analytics microservices where it may not be possible to view the logs at the parent tenant. See Analytics Builder dropped events for more details on the alarm.

Announcement

This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.

Starting from version 10.20.150.0, the Microservice SDK is now using Spring Spring Boot 3.0.x. Please follow the Spring Boot 3.0 Migration Guide to upgrade your applications when updating to that or later versions of the SDK. To make the migration process easier we recommend first updating to version 10.20.134.0 with JDK 17 and later to version 10.20.140.0 with Spring Security configuration changes, if it was not already done.

Feature

To provide more clarity and improve validation when configuring widgets, type information has been added to the widget configuration. Previously, the widget configuration did not include any type information, which could lead to confusion and misconfiguration. With this change, each configuration property now specifies its expected type, such as string, number, or Boolean.

Announcement

To enhance the user experience and functionality a new select component has been introduced. This update includes significant changes that may require action from developers.

Key features:

Search functionality
Multi-select option
Chip-based selection display
Full keyboard support

Important

The interface of the new component is not compatible with the previous version. Existing implementations using the c8y-select component will need to be updated.

Required actions: Developers must select one of the following options:

Migrate the existing c8y-select components to the new interface
Rename the selector to c8y-legacy-select to maintain the current functionality

Feature

To improve the usability of the alarms overview, filtering for specific alarm types has been added. Users can now select which alarm types they want to see in the overview by using the new filter options. This allows users to focus on the alarms that are most relevant to them, making it easier to identify and address critical issues in a timely manner.

Feature

To provide a more flexible and customizable user experience, a new message banner option has been added to the branding editor. This feature allows administrators to create and display custom messages or announcements within their branded applications. The message banner can be used to inform users about important updates, maintenance schedules, or any other relevant information. This feature enhances the communication capabilities of the platform and enables administrators to effectively convey important messages to their users without the need for additional tools or workarounds.

Feature

The deprecated ILabels interface has been removed from the Web SDK. Instead, the ModalLabels interface is used.

Feature

For better clarity, the Position in navigator field in the dashboard settings has been renamed to Position in tabs.

Feature

As part of ongoing efforts to modernize the look and feel of the Cumulocity UI, the branding colors and the logo have been updated and aligned with current design trends. For example, the brand logo has been relocated to the bottom of the navigator to enhance user focus on navigation elements, reduce visual competition with the app icon, and optimize space utilization. This change provides a refreshed visual appearance throughout the Cumulocity UI, without impacting existing functionality or user workflows, but it could imply a need to review any custom branding applied as some design tokens have been updated or removed. Additionally, the link color is no longer related to the branding color and needs to be updated if a branded link color is wanted.

Feature

As part of keeping the Cumulocity platform up-to-date with the latest web technologies, Cumulocity has been upgraded to use Angular 18. This upgrade brings the latest features, performance improvements, and bug fixes from the Angular framework to the Cumulocity platform. The upgrade to Angular 18 should be largely transparent to users, with no visible changes to the user interface or existing functionality. However, any custom widgets or plugins developed for previous versions of Cumulocity may need to be updated to ensure compatibility with Angular 18.

Feature

A new Automatic setting of required interval option has been added to the configuration of LWM2M devices. This setting is configurable so that unavailability alarms will only be triggered when an LWM2M device is truly unavailable, reducing the number of false alarms. For more details see LWM2M configuration.

Improvement

The LWM2M specification allows devices to send an empty payload when there is no data to report. In case of an empty payload, no content-type is required. Previously, LWM2M agents would reject messages with an empty payload and no content-type. Now, these messages will be accepted and processed as intended.

Feature

To improve readability and consistency, the titles of device management application now use title case (Device Management) instead of sentence case (Device management). The functionality of the entities remains the same, only the casing of the titles has been modified.

Improvement

In earlier LWM2M agent versions, device location updates occurred only when the device provided complete location object data. Now, updates happen whenever both latitude and longitude resources are reported together.

Feature

In the past, the bulk action control did not receive the IDs of the selected items, which made it impossible to display a bulk action conditionally based on the subset of selected items. With this change, the selected item IDs are now passed to the bulk action control showIf function.

Improvement

The wizard for bulk registering LWM2M devices to Cumulocity provides default bulk registration templates. These templates have been updated to reflect new properties including the X.509 security mode.

Feature

When creating a duplicate of a local smart rule, it is now possible to select an asset from outside of the hierarchy. A duplicate of the rule is now created in the context of the selected asset.

Feature

Previously, when creating a new dashboard, it would open in view mode which required an extra click on the Edit button to start editing the dashboard. With this change, newly created dashboards now directly open in edit mode. This allows users to immediately start editing and configuring the new dashboard, saving them a click and making the user experience more intuitive.

Announcement

This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.

As a second step of this process, starting from version 10.20.140.0, the Microservice SDK is now using Spring Security 5.8. This change enabled a migration preparing for Spring Security 6.0 to be performed in the Microservice SDK following this migration guide. We recommend all users of the Microservice SDK to also follow that guide when updating their applications using the updated version of the SDK.

Note that following the changes in the MethodSecurityExpressionHandler configuration described here, the methods provided by com.cumulocity.microservice.security.service.SecurityExpressionService that were previously configured using a custom SecurityExpressionRoot extension, are now available via an independent bean definition named c8yAuthz. This means that, for example, the expression isCurrentTenantManagement() will no longer resolve and needs to be prefixed by the bean name instead @c8yAuthz.isCurrentTenantManagement(). This allows customers to easily add their own security expression extensions, if needed.

Improvement

To improve the user experience in Analytics Builder, the On value change option of the Mode parameter in the Pulse block has been renamed to On value change (excluding to false). In addition, the block reference has been updated to clarify that for a boolean input, a pulse is only sent when the input changes to true (not false).

Improvement

The text fields in the “Send measurement”, “Create alarm”, and “Send event” functionalities used to be limited to 100 characters. This limitation has been removed, allowing you to enter longer text without restrictions.

Feature

The configuration repository has been migrated to a data grid. The data grid provides a more modern and user-friendly way to view and manage configuration items compared to the previous list view. The data grid offers enhanced features such as sorting, filtering, and pagination, making it easier to find and work with specific configuration items.

Improvement

The Extract Property block in Analytics Builder now includes a new optional checkbox called Ignore Separators In Property Path. This allows you to extract a property that has a separator such as a period (.) in the property name. For example, if the Ignore Separators In Property Path checkbox is selected and the Property Path parameter is specified as location.city, then the property name location.city is extracted from the input value. For compatibility, the previous behavior remains as the default, that is, the new checkbox is not selected by default.

Announcement

The deprecated JWT authentication with Cumulocity has been removed. This change will only impact you if your organization used an early version of single sign on (SSO) on Cumulocity. For details, refer to the earlier announcement.

Announcement

In a future version, we will update Angular to version 18 and update our base branding. This update brings improvements and new features, but may also introduce breaking changes that could impact your existing implementations. When updating to this new version, please verify your branding, especially the logo position, as it has been modified.

To ensure a smooth transition to Angular 18 and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.

Announcement

This is a follow-up on a recent announcement about migrating Microservice SDK to Spring Boot 3. As a first step of this process, starting from version 10.20.134.0, the Java SDK and Microservice SDK are now both using Java 17 both on the source as well as the runtime level. This means that using Java 17 is now a minimum requirement for using the Microservie SDK.

Announcement

We are pleased to announce an upcoming update to the Spring Boot version used in the Microservice SDK. The new version will be Spring Boot 3.3.3, which will also bring updates to several third-party libraries and frameworks. These mandatory changes will include:

Minimum required Java version: 17 (currently Java 8)
Jakarta EE 9+ baseline
Spring Security: 6.3.3
Spring Framework: 6.1.12 (currently 5.3.24)
HTTP Client: 5.3.1

Impact: Each of these updates may impact your microservices, potentially requiring code changes.

Rollout: The update will be available in Continuous Deployment (CD) versions starting in Q4 2024 and in versions of the next annual release 2025. A separate announcement will be made to confirm the CD version containing the change.

Migration Resources: Refer to the following guides for assistance with the changes:

API Change

Notifications 2.0 subscriptions may specify the Cumulocity APIs to subscribe to, for example alarms or measurements. Subscriptions may use a wildcard value (*) for the API selector, indicating that the subscription should include all available APIs. If the API selector is omitted from a subscription request, it is treated as equivalent to using the wildcard value.

Currently, a tenant context subscription using the wildcard API selector will deliver updates from a subset of the available APIs. See the Notifications 2.0 subscription REST API documentation for details on the current tenant context subscription behaviour.

In future, such subscriptions will also deliver updates from the operations API. This applies to subscriptions that were created before the change is enabled, as well as new subscriptions. For example, after this change is enabled, an application that POSTs the following request to the /notification2/subscriptions endpoint may receive operations updates, regardless of when the subscription was created:

{
  "context": "tenant",
  "subscription": "testSubscription",
  "subscriptionFilter": {
    "apis": [
      "*"
    ]
  }
}

Applications using the wildcard API selector in tenant context subscriptions should be prepared to receive operations updates in addition to the updates they were previously receiving. To avoid disruption, application developers should either:

ensure that their applications can handle operations updates, or
include an API selector

before this change is enabled.

The change will be enabled in the Cumulocity CD deployments no earlier than January 15, 2025. It will also be included in the 2025 yearly release. A further announcement will be published when the change is enabled.

Feature

A new subassets view module has been added to the DTM plugins component, which includes official DTM plugins and enables integration with both default and custom web applications. This module allows users to efficiently view and manage subassets. In future releases, it will replace the existing subassets view in other Cumulocity applications.

Improvement

In the Subassets page, instead of the key of the default location property, its label is displayed for improved user experience.

Improvement

For simplicity, “model” has been removed from the asset model sample names. Additionally, the descriptions and UI layout have been improved to ensure consistency.

Improvement

Real-time updates have been improved to ensure that changes made by concurrent users to asset models are immediately reflected.

API Change

The DTM microservice has been renamed from “dtm-ms” to “dtm”. REST endpoint paths have been updated accordingly, replacing the “dtm-ms” segment with “dtm”. Users will not perceive any change. However, they may need to manually unsubscribe and uninstall the older version.

Feature

The subasset module, which was originally imported from the ngx component, has now been replaced with the official plugin from the dtm-plugins component. This change maintains all existing functionality while enabling easy integration of module with both default and custom web applications.

Improvement

In the New asset model page, the Asset models and Asset model samples tabs have been removed for a more focused user experience as they are not required for creating a new asset model.

Improvement

The Platform service-level agreement now provides a more precise definition on how Cumulocity manages the Cumulocity platform service for your tenants and what might be possible limitations and responsibilities that you should be aware of.

Improvement

Previously, the Alarm Input and Event Input blocks did not use the the correct source time for an update operation when the Ignore Timestamp checkbox was not selected. Instead, the creation time of the block was incorrectly used to schedule the input events. This has been fixed and alarm and event updates are no longer missed by the model. When the Ignore Timestamp checkbox is not selected, the input blocks now use the last update time of the block to schedule the input events in case of update operations.

Improvement

In the user documentation, information has been added on how to register and delete LWM2M devices using the REST API, see Registering LWM2M devices.

Announcement

The custom firmware update URL has been replaced with a standard firmware definition that points to an external URL. Right now this parameter is still available and takes precedence over any other option, but it will be removed in future LWM2M agent versions.

Improvement

Cumulocity provides connectivity monitoring capabilities for which a required interval needs to be defined. For LwM2M device, this is automatically set by the LWM2M agent based on the registration lifetime. However, if the value is set manually, it will be overwritten by the LWM2M agent after each registration or registration update. This behavior can now be disabled both globally or for specific devices, allowing users to define the required interval independent of the registration lifetime.

Feature

Previously, the LWM2M agent could only cancel observations using the “reset” method. With this change, the LWM2M agent can now also use “GET with observe” method to cancel observations.

Improvement

To improve security, the LWM2M service can now ignore packets from predefined source ports.

Feature

Previously, the LWM2M agent supported write operations in “Replace” mode only. With this change, write operations can now also be sent in the “Partial Update” mode using the “writep” command.

Feature

To improve the user experience and to ensure consistency, the firmware list has been migrated from a simple list view to a grid view.

Feature

The branding editor allows users to create a unique and consistent branding across their applications, improving the overall user experience and making it easier to align the application’s appearance with corporate design guidelines.

We have made significant improvements to our branding editor, offering a more robust and user-friendly experience for managing brand identity across multiple applications.

New functionalities:

Configure unique branding for individual applications
Create, maintain, and easily switch between different branding configurations
Edit branding JSON objects directly from the UI and add custom CSS
Import/export branding variants
Automatically invalidate cookie consents when updating privacy policies
Implement light and dark theme choices
Generate color shades based on primary brand color with fine-tuning options

Functional improvements:

More intuitive interface for managing brand identity
Enhanced flexibility in customizing and applying branding elements

Feature

To simplify plugin development and deployment, support for module-less plugins has been added. With this change, plugins no longer require a module to function, allowing to implement and deploy plugins more easily. This impacts plugin developers who can now create plugins without the overhead of a module and users who can benefit from a wider variety of available plugins that are simpler to install and use.

Improvement

To improve the user experience and maintain consistency with the default Cumulocity applications such as Cockpit, breadcrumbs have been added to the Streaming Analytics application. You can use the breadcrumbs to easily navigate up the hierarchy.

Improvement

To improve the user experience, the links in the model editor and EPL editor for renaming a model or EPL app have been renamed to Model settings and App settings. Previously, these links displayed the name of the model or app. These names are now displayed at the top of the editor page.

Feature

Previously, adding Cumulocity schematics to Angular projects initialized with the standalone flag set to true failed. This issue has been addressed. Now, when integrating Cumulocity schematics into standalone Angular projects, the standalone flag is automatically set to false. Full support for standalone projects will be implemented in future updates. This interim solution allows developers to use Cumulocity schematics with projects initially set up as standalone, though with standalone features disabled.

Feature

The Add Asset module has been moved from the Digital Twin Manager (DTM) application to the newly created DTM plugins component. This component consists of modules from DTM as official plugins, enabling their integration into default and custom web applications. The Add Asset button will continue to be available in the standard DTM interface.

Feature

To provide more flexibility for customizing the alarm list and details views, hook services have been added for the alarm details button and the alarm list indicator. This change allows you to modify the rendering and behavior of these UI elements by implementing the respective hook service interfaces. Existing alarm list and details views are not affected by this change and will continue to work as before, unless you explicitly customize them via the new hook services.

Feature

To ensure users agree to the service terms for microservice deployment when uploading a microservice, a new text acknowledgment has been added to the microservice upload dialog.

Improvement

Previously, a new user received an email with a link to set their password. Now when the checkbox Send password reset link as email is cleared, the User must reset password on next login option is selected by default. This means the new user must change their password during their first login.

Improvement

The Expression block in Analytics Builder has been updated to allow you to concatenate string and non-string values, similar to EPL. This is useful, for example, if you want to specify an expression like the following: “The current temperature is " + input1 + " degrees Celsius”.

Improvement

The Counter block in Analytics Builder has been updated to allow you to set a maximum value for each counter independently. This change was made because it was difficult and cumbersome to create periodic behavior in Analytics Builder, and it gives more control over counting in general. The following new parameters are available for this purpose:

Maximum Count (input field)
Loop Count (checkbox)
Maximum Number Same (input field)
Loop Number Same (checkbox)

The counter in question can then loop. Depending on the setting of the corresponding checkbox, the counter either resets its corresponding output port (Count or Number Same) to one, counting the first input after reaching the maximum value, or it stops counting when reaching the maximum value and must then be reset manually. For compatibility, the previous behavior remains as the default. Note that the Reset input port resets both counters. If this is a problem, you must use a separate Counter block for each counter. See the description of the Counter block for detailed information on the new parameters.

Announcement

Offloading pipelines may fail permanently, for example, due to an invalid offloading configuration or a wrongly configured data lake. In a future release Cumulocity DataHub will automatically stop permanently failing offloading pipelines.

Feature

Cumulocity now supports the ability to infer the full certificate chain from an intermediate certificate, enabling devices that are only able to send the device certificate to connect to Cumulocity. For full details refer to Device authentication.

Feature

The “Alarm list” widget is used to display alarms in dashboards and other places in the Cumulocity UI. Previously, child alarms were always shown which could lead to information overload for users monitoring many alarms. With this change, a new toggle has been added to the widget configuration which allows showing or hiding the child alarms in the alarm list. This provides users with more flexibility to customize the widget to their specific use case and makes it easier to focus on the relevant top-level alarms.

Feature

The Cockpit application has been split into further plugins. This allows admins to tailor the Cockpit application to their needs without any coding effort. They can now easily remove certain plugins and thus certain features which they do not want to include in their Cockpit application. The following plugins are now available:

Cockpit widgets: Angular widgets used in the Cockpit application.
Cockpit alarms: Alarms functionality in the Cockpit application.
Sensor phone: Wizard for connecting a smartphone to the platform.
Child devices: List view of children of devices.
Assets navigator: “Groups” navigation entry, allowing to navigate through an asset hierarchy.
Data point library: To define certain features of data points.
Bookmarks: To bookmark views.
Location: To view location of devices and assets.
Search: To search for assets.
Reports: Reports list and report items in the navigator.

Feature

To enable application developers to more easily select alarms and events in their custom applications, a new reusable alarm and event selector component has been introduced. For details refer to the Cumulocity Codex.

Announcement

Starting with Q1 2025, the Cumulocity platform enforces name and context-path manifest fields naming restrictions for custom microservice deployments. You can verify the correctness of your microservices by uploading them via the UI or REST API. If this is successful, your configuration is correct. For details on the name and context-path fields, refer to Microservice manifest > Settings.

Improvement

To improve the documentation around internationalization, the “Internationalization” section of the Cumulocity Codex was updated. The changes provide more detailed information and guidance on how to handle translations and localization in applications. This impacts developers who want to make their applications available in multiple languages, giving them better resources to understand and implement internationalization best practices.

Announcement

To improve security, user administrators can no longer explicitly set passwords for device users. This change prevents an attacker from having access to all device users, in case the administrator account is compromised. In case of losing the device password, the device must be registered again.

Announcement

Making Cumulocity more secure we have added a check on upload to ensure microservice settings do not contain any line feed characters such as HttpGet, exec, and TCPSocket of type Probe, aligned with items in the Kubernetes PodSpec.

Improvement

The documentation of the SNMP device protocol has been moved from the user documentation to the public GitHub repository: cumulocity-examples.

Improvement

In the Asset model samples page, the “Wind Turbine” and the “Solar Power Plant” sample asset models have been added. These samples serve as an example to help you quickly get started with your own asset modeling.

API Change

Improving the security for the Microservice SDK we have decided to restrict the initial configuration of the Spring Boot actuator endpoints (POST access to the /loggers endpoint) to the administrator roles only.

Improvement

The version numbers for the frontend and backend are no longer displayed in the right drawer of the Streaming Analytics application. Instead, details on all components can now be downloaded via the Download platform details button. This change simplifies the UI for the majority of users.

Improvement

The link from the Cumulocity UI to the documentation for the Edge component was previously outdated. With this change, the link has been updated to point to the correct location in the documentation. This ensures that users can easily access the relevant information and guidance for using the Edge component without encountering any broken links or navigation issues.

Improvement

The Service-level agreement for Microservices deployment now provides a more precise definition on what is included in the Microservice Hosting functionality for your custom microservices. It also describes how you can benefit best from the service.

Feature

The Home page has been enhanced so that you can investigate the current status of your offloading pipelines. The status includes which offloadings are currently running, which ones have recently failed, and which ones have completed successfully.

Feature

The editor for managing additional result columns of an offloading pipeline has been enhanced with convenience tooling for exploring nested data. Using sample data retrieved from the corresponding Cumulocity base collection, you can interactively browse through the structure of the data in order to determine which specific sub-structure you want to offload.

Improvement

Previously, icons that could not be used when a model was active (that is, in read-only mode) were shown as disabled in the model editor’s toolbar. To improve usability when in read-only mode, icons that cannot be used (such as the save icon) are no longer displayed in the toolbar.

Improvement

When adding a new model or when editing the name of a model in the Streaming Analytics application, you can now resize the Description field. This is helpful when editing or viewing a longer description, including the case of the samples that have very detailed descriptions.

API Change

As published earlier (in the release notes for release 10.15), Cumulocity has announced the availability of Microservice API version 2 and the deprecation of API version 1 to comply with new security requirements. Microservice API version 2 provides an improved microservice container security context restricting the invocation of privileged Linux Kernel APIs. Today Cumulocity announces the creation of alarms when subscribing a tenant to microservices still using API version 1. In Q3 2024 Microservice API version 1 will be removed from Cumulocity SaaS instances and in the yearly 2025 release. If not done yet migrate your microservices to API version 2. Refer to Microservice migration to API version 2 in the user documentation to understand how to accomplish this. Otherwise your microservices in Cumulocity SaaS instances may stop functioning in Q3 2024 or in environments using the yearly 2025 release.

Announcement

For the offloading of the measurements collection Cumulocity DataHub offers a TrendMiner mode, which is designed for the specific interaction with TrendMiner. This mode is deprecated and will be removed in a future release as the integration with TrendMiner will be discontinued.

Feature

The services component was previously an integral part of the default Device Management application. With this change, the functionality for services has been modularized into a plugin. By default, users will still have access to services within the Device Management application. However, if not needed, the functionality can be removed by deactivating the plugin. This approach offers flexibility for users who may or may not require certain functionalities within the application.

Feature

The Advanced Software Management functionality was previously an integral part of the default Device Management application. With this change, the Advanced Software Management service has been restructured to function as a separate plugin. It remains included by default but now offers the flexibility to be added or removed as needed.

Feature

Previously, alarms could not be shared as they had no unique link to reference them, for example in mails or chats. With this change, each alarm gets an unique link. This allows to share alarms and navigate between alarms more easily.

Feature

In some situations, managed object operations in Cumulocity could take an unexpectedly long time without providing any feedback to the user. For more transparency, an alert is now shown in the UI when a certain operation exceeds a specific duration.

Feature

If a user upgraded one of the default web applications (for example, Cockpit) after it had been cloned, it would only include the plugins that the application had offered during the initial clone/installation of the application. If additional self-imported plugins were introduced in the upgraded version, these would not have been present when using the application.

This especially caused issues when features of applications which were previously present as standard Angular modules were migrated to self-imported module federation plugins, as these features were missing until the plugin was manually installed to the application.

To fix this issue, an exclude list for these self-imported plugins has been utilized, in addition to the already existing include list used for the usual plugins.

Feature

Previously, the asset selector did not show the currently selected element by default, requiring users to always manually search for and select the desired asset. With this change, the asset selector now automatically displays the selected element when opened. This improvement streamlines the user workflow by eliminating the need to repeatedly locate and select the same asset, saving time and effort.

Feature

To provide a better user experience when displaying hierarchical data in a data grid, expandable rows have been introduced. With this change, users can now expand or collapse rows in the data grid to show or hide nested information. This allows for a more compact and organized presentation of data, especially when dealing with complex hierarchies or large amounts of related information. The expandable rows feature seamlessly integrates with the existing data grid component, providing a consistent and intuitive way for users to interact with and navigate through the displayed data.

Improvement

Documentation has been added on how to style the shell application via plugins. For details, refer to the Cumulocity Codex.

Improvement

The Codex documentation provides information about developing applications with the Cumulocity platform. To make it easier for users to understand and use dynamic forms in their applications, the Dynamic forms page in the Codex documentation has been extended. For details, refer to the Cumulocity Codex.

Feature

A dashboard manager view has been added to streamline the management of device type dashboards. This view aggregates and displays a list of all dashboards assigned to specific device types. From this list, dashboard templates linked to device types can be viewed, edited by navigating to a particular instance and templates can also be deleted if needed.

Feature

As announced earlier, a redesign of the alarms feature has been introduced with both visual and functional enhancements.

Visual and UX enhancements:

The way alarms are displayed in the alarms view and widgets has been redesigned.

Functional improvements:

The alarms view now only shows one single list of alarms, in which filters can be applied.
A details section has been introduced which contains all information related to the alarm.
The functionalities of the “Alarm list”, “All critical alarms”, and “Recent alarms” widgets have been merged into a single, comprehensive widget called “Alarm list”.
The “Alarm list” widget has been migrated to Angular.
The real-time functionality has been replaced with an auto-refresh functionality.
Already existing widgets: “Alarm list”, “All critical alarms”, and “Recent alarms” will be automatically updated and migrated to the new version of the “Alarm list” widget.

Improvement

As announced earlier, the report module has been extracted from the Cockpit application and added as a separate plugin. This is a first step towards removing the reports module entirely and replacing it with the dashboard manager. This change might be a breaking change as the reports module is no longer a part of @c8y/ngx-components/context-dashboard, but is be part of @c8y/ngx-components/report-dashboard.

This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as reports from now on will be loaded lazily (that is, only when users navigate to the Reports page).

Feature

To provide more flexibility for configuring applications, Cumulocity now supports loading dynamic options from application-specific paths. With this change, each hosted application will load its dynamic options from a path that includes the application context path. This allows application-specific configurations to be loaded dynamically. The Cockpit application would now load it’s dynamic options from: /apps/public/public-options@app-cockpit/options.json while it previously did so from: /apps/public/public-options/options.json. This change was done as a preparation for upcoming changes to the branding manager.

Announcement

JWT authentication with Cumulocity has been deprecated since release 10.6 and will be removed in Q3 2024 for the SaaS instances and in 2025 for the yearly releases. This authentication method is not to be confused with SSO (single sign-on) or OAI-Secure authentication, which are both recommended and still supported. This change will only impact you if your organization used an early version of SSO on Cumulocity. For customers on the public cloud instances we will get in touch with you if you are using this type of authentication. For self-hosted or self-managed instances you need to do the following: Ask your Operations team to run this script. This will verify whether any tenant collections have an authenticationProviders configuration and if any tenant has the tenant options configured with the category token.publicKey. If either an authenticationProvider configuration or the tenant option token.publicKey category exists this indicates that the deprecated JWT is, or was, used in the past. In this case you need to check your external services for use of the JWT authentication and change it to use either SSO or OAI-Secure. These two methods provide a better and more secure approach to authentication. These methods are documented here:

Improvement

In the Import dialog for asset models, users can now see Child asset models and Asset properties columns in the preview step.

Improvement

When adding child asset models or asset properties to an asset model, those already added will no longer appear in the dropdown list.

Improvement

The following action button labels have been changed:

In the Assets page, Import assets has been changed to Import.
In the Asset Models page, Import asset models and Export asset models have been changed to Import and Export respectively.
In the Asset properties page, Import asset properties and Export asset properties have been changed to Import and Export respectively.

Feature

The “Replace device” functionality is now delivered as a self-hosted plugin by the Device Management application. This way, the functionality can easily be removed from the application if not needed.

Additionally, the device replace wizard was made more extensible by introducing hookable interfaces (hookDataGridActionControls and hookService).

Feature

It is now possible to directly create operations for generated OPC UA devices. This does not apply to all OPC UA operations. Only node-specific operations can be executed on that level. General operations such as address-space scan are still only allowed on the OPC UA Server. An additional configuration (gateway.operation.validateDeviceOperationNodes) has been added to enable/disable a validation check if the node-specific operation is done on a node which belongs to the device. If the check is enabled the opcua-device-gateway executes the operation after validation. If the node doesn’t belong to the device node list an alarm is created.

Improvement

The right drawer of the Streaming Analytics application, which is displayed when you click the User button, now includes a Bookmarks section. This means that the bookmarks you have added in other Cumulocity applications are now also available in the Streaming Analytics application, and you can now also add bookmarks for the pages in the Streaming Analytics application.

Improvement

The ManagedObject event has a unique way of handling c8y_Position fragments that have the parseable float values added to their position property, and all other values added to their params property. All other events of the Cumulocity transport API simply add the fragment as a whole to their params property. This has made it cumbersome to robustly copy c8y_Position to a ManagedObject from another event and vice versa. To make this easier, two new helper actions have been added to the ManagedObject event to populate ManagedObject from a c8y_Position object, and conversely create the object from the ManagedObject event.

action setC8yPosition(any c8y_Position)

This new action sets the ManagedObject using the c8y_Position object. This must be of the form dictionary<string, any>, but is validated prior to use. Example:

on all Event(type="locationUpdate") as evt

{ ManagedObject mo := new ManagedObject;
  mo.id := evt.source;
  mo.setC8yPosition(evt.params.getOrDefault("c8y_Position"));
  send mo to ManagedObject.SEND_CHANNEL; }

action getC8yPosition() returns dictionary<string, any>

This new action produces a c8y_Position style object from the ManagedObject. Example:
```
evt.params["c8y_Position"] := mo.getC8yPosition();
```

Feature

To enhance the user experience, a switch has been added to the authentication settings, which allows to disable/enable case-sensitivity in usernames. When the switch is turned on, username validation will now treat uppercase and lowercase letters as distinct, requiring users to enter their username exactly as it was set. This affects all users.

Announcement

The deprecated hookDeviceGridAction has been removed. Instead the recently introduced hookDataGridActionControls should be used. It gives more control over data grid actions, such as allowing actions to be added to any data grid or to override existing actions.

Improvement

A new SmartREST template has been added. Using the template ID 150, it is now possible to set the list of Cloud Remote Access protocols supported by a device.

Announcement

In the upcoming version the report module is extracted from the Cockpit application and added as a separate plugin. This is a first step towards removing the reports module entirely and replacing it with the dashboard manager. This change might be a breaking change as the reports module will no longer be part of @c8y/ngx-components/context-dashboard, but will be part of @c8y/ngx-components/report-dashboard.

This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as reports from now on will be loaded lazily (that is, only when users navigate to the Reports page).

Feature

The Components > Forms > Dynamic forms page in the Codex has been extended with additional details and examples to better explain the concept and usage of dynamic forms.

Feature

In the past, private smart rules had the property contextData in c8y_Context, even if the rule did not use it. This is no longer required. Private smart rules can now be created without the contextData property, to avoid storing redundant data in the database. This change only affects the creation of new private smart rules. Existing smart rules are not impacted.

Improvement

Users can now order the complex property keys by dragging and dropping them using the drag icon which appears on hovering over the row.

Feature

Support has been added for retrieving JWT session tokens with X.509 certificates via REST API for devices. For details, refer to the Device authentication user documentation.

Feature

To simplify the login process, tenant administrators can now activate an option which allows users to log in with case-insensitive usernames or aliases.

Improvement

LWM2M can now pass core link resources to external decoders. In addition, the user documentation has been extended to better explain how the platform passes LWM2M resource data to decoder microservices.

Feature

It is now possible to build an application with the –zip argument. This will generate a ZIP archive which contains the application and its dependencies in addition to the regular build artifacts.

Improvement

The following utility functions have been added to the TimeFormat event library to help with comparing and manipulating datetimes. As with the existing functions, the new utility functions work for the local time zone, an arbitrary time zone and, where appropriate, the UTC time zone.

dateComponent: Gives the datetime for the previous midnight in the time zone at the given datetime.
timeComponent: Gives the number of seconds since the previous midnight in the time zone at the given datetime.
daysSinceEpoch: Gives the number of Julian days since the beginning of the epoch at the given datetime.
getOffset: Gives the offset in seconds of the time zone from UTC at the given datetime, taking into account any daylight savings that may be being applied.
getRawOffset: Gives the base offset in seconds of the time zone, that is, without daylight savings applied.

For example, there are two ways to check if it is midnight in your local time zone:

float now := currentTime;

// Method 1
if TimeFormat.dateComponent(now) = now
{
     // It's midnight.
}
// Method 2
if TimeFormat.timeComponent(now) = 0.0
{
     // It's midnight.
}

For usage information, see the API Reference for EPL (ApamaDoc). This is available in Apama 10.15.5.

Announcement

In the upcoming version, a redesign of the alarms feature will be introduced with both visual and functional enhancements.

Breaking change

The AngularJS widget implementation is no longer available. To use the “Alarms” widgets in a custom application, users must import the AlarmsWidgetModule from @c8y/ngx-components/widgets/implementations/alarms. To use the new alarms view only, users must import the AlarmsModule from @c8y/ngx-components/alarms.

Visual and UX enhancements:

The way alarms are displayed in the “Alarms” view and widgets has been redesigned.

Functional improvements:

The “Alarms” view now only shows one single list of alarms, in which filters can be applied.
A details section has been introduced which contains all information related to the alarm.
The functionalities of the “Alarm list”, “All critical alarms”, and “Recent alarms” widgets have been merged into a single, comprehensive widget called “Alarm list”.
The “Alarm list” widget has been migrated to Angular.
The real-time functionality has been replaced with an auto-refresh functionality.
Already existing widgets: “Alarm list”, “All critical alarms”, and “Recent alarms” will be automatically updated and migrated to the new version of the “Alarm list” widget.

Announcement

In a future version, we will update Angular to version 17. This update brings improvements and new features but may also introduce breaking changes that could impact your existing implementations.

To ensure a smooth transition and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.

Announcement

In the upcoming version, we will introduce redesigned dashboards with both visual and functional enhancements as well as new functionalities.

Visual and UX enhancements:

We have redesigned the way dashboards are edited.

Functional improvements:

The lock/unlock feature has been replaced with an edit mode for better control and clarity.

New functionalities:

Possibility to enable and disable dashboard template for device dashboards.
Versioning to manage and track dashboard changes.
Edit mode with undo/redo functionality for flexible adjustments.

For details refer to Working with dashboards.

Announcement

Messages processed by Notifications 2.0 are stored persistently by the Cumulocity Messaging Service until they have been delivered to, and acknowledged by, all interested consumers. Likewise, messages processed by the microservice-based data broker are stored persistently until they have been delivered successfully to the destination tenant.

The current persistent storage limits for these services are considered too large for typical use cases, which can lead to excessive resource consumption and consumers being forced to process outdated messages after a disconnection.

Therefore, these limits will be lowered to better align with the expected usage patterns of the services.

These changes will take place not less than three months from the date of this announcement, on or after July 1st, 2024.

Message backlog quota

Persistent messages are stored in a “backlog” until they are received and acknowledged. The maximum size of a backlog is determined by the “backlog quota” limit, which directly affects the number of unacknowledged messages that can be stored and therefore the resource consumption of the platform. If the quota limit is reached, no new messages can be added to the backlog until some older messages have been consumed and acknowledged.

For Notifications 2.0, a separate backlog exists for every unique subscription name used with the /notification2/subscriptions API. This backlog is shared by all subscriptions using the same subscription name, and by all consumers attached to that subscription. For the microservice-based data broker, a separate backlog exists for each data broker connector.

Summary of changes to message backlog quota limits:

Service	Current Limit	New Limit
Notifications 2.0	2 GiB	25 MiB
Microservice-based data broker	2 GiB	50 MiB

For example, assuming an average message size of 200 bytes, each Notifications 2.0 subscription will be able to retain approximately 130,000 unacknowledged messages in its backlog. Similarly, each microservice-based data broker connector will be able to retain approximately 260,000 messages.

Message time-to-live

Alongside the backlog quota reduction, a new default message “time-to-live" (TTL) limit will be introduced. Any unacknowledged messages will be automatically deleted if they have been on the backlog for longer than the TTL limit. This policy helps to limit overall resource usage and reduces the need to process outdated data after a prolonged disconnection of a consumer or destination tenant.

Summary of changes to message TTL limits:

Service	Current Limit	New Limit
Notifications 2.0	∞ (no limit)	36 hours
Microservice-based data broker	∞ (no limit)	36 hours

Additional details

The message backlog quota and TTL are configurable for each Cumulocity tenant. Message backlog usage will be monitored during the three-month transition period, to identify tenants that may exceed the new limits when they are enabled. The owners of such tenants will be contacted to understand their use cases and whether a non-default limit could be appropriate.

Please contact product support if you have any questions or concerns about these changes.

Feature

The text on the button in the Cockpit setup wizard has been updated. This change improves the clarity and consistency of the text for users going through the setup flow.

Feature

The measurement display line size has been increased in both the “Linear Gauge” and the “Silo” widget. This enhancement improves readability, making it easier for users to interpret measurements at a glance.

Feature

The input range component (c8y-range) can be used to show a slider to configure a range. The styling and documentation for this component has been improved to better suiting the overall styling of components and forms.

Feature

To improve the management and discoverability of services in Cumulocity, a new service registry has been introduced allowing services to register with the platform via hooks.

Improvement

Previously, performing string.toDecimal() for a string with an invalid conversion resulted in a ParseException error. This now returns “0.0”. This was done to make the experience of using toDecimal() similar to using toFloat(). If you want the previous strict behavior, use decimal.parse() instead.

Improvement

In the Analytics Builder model manager, the Import model command in the toolbar has been changed to a dropdown menu. This dropdown menu contains a new Paste command. If you click this command and the clipboard contains valid JSON code for a model, a card for the pasted model is shown in the model manager. This change complements the accessibility enhancement that allows the JSON for an Analytics Builder model to be copied to the clipboard by allowing the JSON to be pasted back into Analytics Builder after any changes have been made. In addition, the dropdown menu contains an Upload command. This has the same functionality as the Import model command from previous versions. See also Pasting a model and Uploading a model.

Improvement

XSS protection has been enhanced in the “Asset notes” widget.

Improvement

The JSDoc annotations have been improved. Changes include fixing broken links, updating outdated information, adding missing code snippets, and improving overall clarity. These improvements aim at providing developers with better references and guides when working with the Web SDK.

Improvement

In the Subassets page of the Digital Twin Manager, the properties in the complex custom property were sorted alphabetically. Now, the sorting reflects the order specified by the user in the Digital Twin Manager.

Improvement

The version numbers for the frontend and backend are no longer displayed in the platform UI. Instead, details on all components can be downloaded via the Download platform details button. This change was motivated by a component split resulting in many different components following different version number schemes. However, custom apps developed with the Web SDK may show a default version number if desired. Support requests should now always include the platform details information.

Improvement

Improved the consistency of support of Enter and Escape keys (for save and cancel actions, respectively) on the following views: tenant details, user details, global role details, retention rule settings, branding configuration.

Improvement

In the Subassets page, context help now provides more specific information if the displayed group is a smart group.

Improvement

The tooltip for the “Use source timestamp” in the LWM2M device configuration has been improved to explain how the LWM2M agent makes use of timestamp information if reported by a device.

Improvement

The Tracking tab in the device details has been migrated to Angular. The obsolete AngularJS module AssetTrack has been removed from the imports of the Device Management application (import @c8y/ng1-modules/devicemanagement-tracking/cumulocity.json). It is deprecated and will be removed in the future. With this change, an issue with incorrect results of custom date range filters has been fixed. Moreover, position marker popups have been made more informative.

Improvement

The supported security modes, which are available for selection on the configuration page, are now retrieved dynamically from the LWM2M agent rather than being hardcoded in the UI.

Announcement

The AngularJS module AssetTrack (c8y.parts.tracking) has been removed as it is now considered obsolete. To include device tracking in your applications you can now use the Angular standalone TrackingComponent (@c8y/ngx-components/tracking) or directly provide the trackingFeatureProvider environment provider.

Improvement

In the Analytics Builder model manager, the Copy command has been added to the actions menu of a model. This is an accessibility enhancement that allows you to copy the JSON for an Analytics Builder model to the clipboard so that you can quickly paste it into a third-party editor. The JSON can then be read, for example, by a screen reader or in a higher contrast environment. The new Copy command is also available to read-only users. In addition, the Download command, which also appears in this actions menu, is now also available to read-only users. See also Copying a model and Downloading a model.

Improvement

The Alarm, Event, ManagedObject and Operation events now no longer throw exceptions from the isCreate() and isUpdate() actions. If the event being checked was generated in EPL code, these two actions now simply return false. try ... catch blocks around these calls are no longer necessary if the event being checked was generated in EPL code. EPL code that uses these actions therefore behaves more robustly because it no longer throws exceptions that, if not caught properly, cause the monitor or app to terminate. In the unlikely case that the try ... catch block is used to intentionally check for internally generated events, you need to change the check to the following:

if not (evt.isCreate() or evt.isUpdate()) { ... }

Improvement

In Analytics Builder, the dialog box that appears when you select a different input source or output destination for an input or output block now allows you to filter the entries that appear in this dialog box. By default, the dialog box displays all defined devices, device groups, smart groups and assets. This is the same as the previous behavior. If you also want to display other managed objects in the dialog box, you can now select the “Other” checkbox. See also Editing the parameters of a block.

Improvement

The Apama-ctrl microservices now have Red Hat UBI 9 as their base operating system. Previously, this was Red Hat UBI 8. With version 9, security has been improved.

Announcement

As announced earlier, see release 10.18, Cumulocity SaaS instances will gradually be switched to Linux cgroup v2 in the second half of the year 2024. Microservices must use a Linux cgroup v2 aware application runtime from then on. When executing microservices which are not compatible with cgroup v2 on Cumulocity in these versions it might happen that the information provided by the application runtime concerning available CPU and memory is not correct. This might lead to incorrect memory and thread allocation in the microservice container process.

cgroup is a Linux kernel feature to organize processes hierarchically and distribute system resources along the hierarchy in a controlled and configurable manner. Every process in the system belongs to one and only one cgroup. In Cumulocity cgroups are used to enforce container resource limits.

When using the Cumulocity Microservice SDK for developing microservices, ensure to configure a Java version which is cgroup v2 aware when building your microservice. When using Java 8, ensure to use openjdk8u372 or higher. When using Java 11, use Java 11.0.16 or higher, or use Java 15 or higher. When using a server runtime other than OpenJDK Java as microservice application runtime, refer to the documentation of the provider.

Improvement

The user documentation and the tooltip for the Use source timestamp in the LWM2M single device registration have been improved to explain how the LWM2M agent makes use of timestamp information if reported by a device.

Feature

The LWM2M agent realtime subscription for device operations now has a limited Time-To-Live (TTL) duration. The default TTL duration is 3 minutes. This setting may be configured on platform level.

Feature

The default handling of object instance actions for LWM2M objects 3, 4 and 6 can now be turned off. In addition, the default server-side firmware update state machine for object 5 can be disabled. These settings can be enabled/disabled in the device´s LWM2M configuration in the UI.

Improvement

The password can now only be changed by the currently logged-in user. Administrators can no longer change the password and email for other users.

Improvement

The auto-registration option in trusted certification does not support devices communicating via the LWM2M protocol. This information has been included in the tooltip on the Trusted certificates page and in the user documentation.

Feature

In the Subassets view, a “Replace device” option is now available in the context menu of every supported device. Previously, the “Replace device” option was only available in the All devices page. Moreover, a Replace device button has been added to the “Device status” widget on the Info tab in the device details. This functionality does not support LWM2M devices.

Feature

For LWM2M devices, it is now possible to switch off the sending of empty measurement/event/alarm/custom actions data for individual resources. Moreover, you can toggle on/off or optionally skip empty values for all resources using the LWM2M device protocol at once.

Feature

A new default property “Location” has been introduced. Add the Location property to the desired asset model to assign co-ordinates or select the location on a map while creating an asset.

Improvement

The bulk import template now shows any default values that are set for asset properties.

Improvement

The DTM version is now displayed in the right drawer under the Platform info section.

Improvement

During the creation of asset models, asset properties and assets, upon entering input in the Key field, if the value entered is invalid then an error message will be shown, and if the value is valid and all required fields in the form are filled, the Save button will be enabled - no need to click outside the field. With de-bouncing implementation, the API requests are triggered after a short delay following the last key entry, significantly reducing the frequency of calls and enhancing the responsiveness of the application.

Feature

Key value pairs in a complex property can now be ordered as needed by entering the desired order in the Order field.

Improvement

Realigned the edit and delete icons for translations in the Localization page.

Improvement

A search function has been added to the asset model dropdown when creating new assets.

Improvement

Renamed the column heading Keys to Identifier and the column heading Terms to Translation in the Localization page.

Improvement

Users now receive validation errors when incorrect exponential values for asset properties are entered in number type fields during asset creation.

Improvement

Non-mandatory steps that are skipped during the creation of an asset instance are now distinguished by a grey-colored tick.

Improvement

DTM URLs have been modified to reflect the naming conventions followed for DTM entities.

Improvement

Optimized calls to the backend from the Assets property and Asset model page.

Improvement

Access to the bulk import feature can now be controlled using Cumulocity global and inventory roles.

Improvement

Filters that apply for columns in the Localization page are now saved automatically.

Improvement

Previously, two links for downloading diagnostics information were available at the bottom of the Streaming Analytics application. These links have been moved. They are now available when you click the User button in the Streaming Analytics application to display the right drawer. The right drawer now displays these links in a new Diagnostics section. See also Downloading diagnostics and logs.

In addition, the right drawer now also provides a Documentation section with links to the Streaming Analytics documentation.

Announcement

As announced earlier, see the release notes for release 10.17, to improve security, from a future version, user administrators will no longer be able to explicitly set passwords or email addresses for other users in the tenant. This change prevents that an attacker could have access to all users, in case the administrator account was compromised. Note that the administrator will still have the option to force the user to reset the password on the next login or disable the user.

Improvement

In order to address security vulnerabilities (CVE-2022-3509, CVE-2022-3510, CVE-2022-3171), the third-party software “protobuf-java” has been updated from version 3.19.2 to version 3.19.6.

Improvement

The performance of the Inventory API GET /managedObjects has been improved.

Improvement

The performance of GET requests on the /user/users endpoint has been improved.

Improvement

The query language used by the managed objects API has been improved. You can now search for fields with null values. MTM-52677

Improvement

The alarm status and severity are now case-insensitive. When searching by alarm status active the API also returns alarms with status ACTIVE. The same applies for the alarm severity, that is, searching for critical alarms also returns CRITICAL alarms. Alarms with status active and acknowledged are now subject of alarm deduplication.

Improvement

The ExplainQuery result info has been extended by the algorithm used when performing queries for a user with inventory roles:

GET {{url}}/inventory/hierarchy/info/management

Example: {“algorithm”: “Legacy” }

Possible results: Legacy, LimitedSourcesAcl, PostFilteringBySourceAcl, SingleSourceAcl, HierarchyAcl, SingleAgentAcl, SingleDeviceAcl, SingleAgentAndDeviceAcl.

Preview

Feature preview

This feature is in Public Preview, that is, it is not enabled by default and maybe subject to change in the future.

Support of automated persistence of measurement values under the c8y_LatestMeasurements fragment has been introduced. If a measurement is created with a series that matches the configuration the device managed object is updated with the last series sent to the platform.

For details on how to enable the feature and how it works, refer to Managing data.

API Change

As of a future version, the full text search functionality will only include the following properties:

_id
name
type
owner
external id

A text search functionality corresponds to a text parameter of GET {url}/inventory/managedObjects.

Example: When executing the following query: GET {url}/inventory/managedObjects?text=c8y_MajorDevice only the properties id, name, type, owner and external id will be examined.

This change improves the user experience of the text search functionality by returning more relevant managed objects. At the same time it improves the Inventory API performance.

This change will be implemented after a 3-month period at the earliest.

Improvement

A new text index has been introduced for the GET /inventory/managedObjects endpoint. By default it only includes the following fields:

_id, type, name, owner, externalIds

Improvement

If users do a search from the UI or via the Inventory API, the text parameters are now sorted by relevance making it easier to see the more appropriate data returned.

Improvement

In the single sign-on configuration page, users can now enable and configure the external token validation process.

Improvement

The OpenSSL command for generating a “signed verification code” for Proof of Possession has been enhanced to include additional encoding functionality.

Feature

It is now possible to copy web applications with versions (packages) and web applications with SHARED availability. For applications with versions, by default the application with the “latest” tag is copied. The new application has a single version and no tags. If you want to copy different versions of an application, you can specify the query parameters “tag” or “version” (only a single version). For details, refer to the Cumulocity OpenAPI Specification.

Feature

The repository-connect microservice now offers to sync packages that include a versioning matrix which allows to filter exactly the versions to be synced. Versions which are not included in the matrix but uploaded to the platform will be removed by the microservice.

Announcement

Esper-CEP-related features have been removed from the UI such as:

the Event processing page from the Administration application
the inspect feature from the smart rules menu (rule debug was originally available for Esper only) Removed Esper CEP related services and modules from the AngularJS Web SDK:
eventProcessingSvc (@c8y/ng1-modules/administration-eventProcessing/cumulocity.json)
c8yCepModule, c8yCepModuleExamples (@c8y/ng1-modules/notifications/cumulocity.json)

Feature

Searching for items has been improved by filtering on applications, features, microservices and extensions lists.

Improvement

To improve usability, the package availability (SHARED or PRIVATE) can now be set in the package upload wizard.

Improvement

The dependency on org.json:json has been removed from the Java SDK.

Improvement

The dependency on com.jayway.jsonpath:json-path has been removed from Java SDK.

Improvement

Dependencies on org.eclipse.jetty:jetty-* were updated to version 9.4.51.v20230217.

Improvement

The Spring Boot dependency has been updated to version 2.7.11.

Announcement

With the introduction of auto-generated SDKs, we provide an always up-to-date developer library with the purpose to facilitate the development of Cumulocity microservices in different programming languages including C#.

The new auto-generated SDKs make our existing Microservice SDK for C# obsolete. For this reason, the Microservice SDK for C# has been removed from our public product documentation.

To learn more about using the auto-generated SDKs, refer to our respective GitHub repository.

Improvement

The location view in the Device management and Cockpit application has been migrated to Angular. The map provider, the location search, and the map layers are now configurable via application options or tenant options. The angular.js module @c8y/ng1-modules/devicemanagement-location for location was removed and must be migrated or at least removed on update of a custom build application.

Feature

In the Device management application, a wizard has been implemented which guides users through replacing a physical device with another one. The replacing device must be registered in the platform in advance and is removed after the replacement procedure has been completed.

Feature

Users can now customize the dashboard on the Info tab in the device details. Widgets can be moved and resized, and new widgets can be added from a list of available widgets. The dashboard can be reset anytime to the default dashboard settings. By default, the “Asset notes” widget has been removed.

Improvement

If the last version of a software is deleted, the software is entirely removed from the repository.

Improvement

It is now possible to remove a file when updating its file property within a complex property of an asset.

Improvement

If a pending device in the registration list has been accepted, the device is now removed from the list instead of the list showing the “accepted” status for the device.

Improvement

In subasset views, smart group filters are now represented by a filter chips dropdown instead of displaying the raw text filter.

Feature

In the Software tab in the device details, currently the Filter by software type dropdown in the Installed software list and the Install software modal shows types based on existing types in the software repository. This has been changed to show only the supported software types announced by the device in its c8y_SupportedSoftwareTypes fragment. If a device has not announced supported software types, then again all available existing software types are listed.

Announcement

As announced earlier, see also release 10.17, shared classes, components and services from the @c8y/ngx-components/device-grid are deprecated. Those deprecated items have now been removed.

This change only affects you, if you or your development team use the Web SDK to extend Cumulocity UI applications or to build your own web applications. If you use the device-grid functionalities, check the deprecation documentation and alter your code accordingly. Refer to the deprecations in the WebSDK resources documentation for the device-grid service. Other deprecations for reference are also marked in this documentation.

Feature

A versioning matrix can now be added to the cumulocity.json of a blueprint/plugin. When a blueprint/plugin is installed, its version is validated against the platform version. If the versions are incompatible a warning is shown.

Feature

The Web SDK has been upgraded to Angular 15.

Improvement

The context help and other help links point to a documentation website defined by the application option docsBaseUrl. This option now supports the {{ version }} placeholder, which allows the administrator to choose whether to use versioned or unversioned documentation links. By default, versioned links will be used.

Announcement

In release 10.16.0.0, core re-usable data-grid-related components and services have been moved to the @c8y/ngx-components. The initial implementations were deprecated and have now been removed.

Improvement

A new activeClassName input has been added to the data-grid and device-grid components. It can be used to define a class name to be appended to the last clicked row in the grid. Its default value is “active”. This option can be deactivated by setting the input value to an empty string.

Feature

In the data grid component, a new filter overview dropdown has been added. It displays all active filters in one place and allows users to remove filters. For custom column implementations, the WebSDK allows developers to provide their own logic to display active filters as items in the filter overview.

Improvement

Shell applications now wait with their initial navigation until all plugins have been loaded. This allows, for example, to directly navigate via a link to a route which is provided by a plugin.

Improvement

Data grid components no longer persist their current page. After reloading they always return to the first page in the list.

Improvement

References to the deprecated classes ComponentFactory and ComponentFactoryResolver have been removed from the @c8y/ngx-components library.

Improvement

Scaffolding an application that uses the remotes application option via the c8ycli now also updates the context path used in the remotes application option.

Improvement

The Impact connectivity feature has been removed from @c8y/ngx-components and @c8y/ng1-modules packages.

Improvement

When installing a plugin and the tenant has no custom applications, it is now possible to duplicate any existing application.

Improvement

The grid used in dashboards for placing widgets now supports 24 instead of 12 columns. This allows finer-grained positioning of widgets on dashboards. In case you share the same dashboards between different application versions, we strongly recommend you to upgrade to a version that includes the fix MTM-55923.

Improvement

If a user with minimal permission tries to delete a device an error message showed up stating “Could not delete device.” Now, together with the failure message, the reason of failure is displayed.

Feature

It is now possible to change the aggregation for all widgets in a dashboard that support the dashboard context functionality at once. The following widgets support the dashboard context aggregation: Data points graph, Data points graph 2.0, Data points table.

Improvement

The endpoint validation happening during the connection to an OPC UA server can now optionally be disabled. This can be done in the gateway configuration by changing the gateway.connectivity.validateDiscoveredEndpoints setting to “false”. Alternatively, it can be controlled via the OPC UA server managed object by setting the fragment validateDiscoveredEndpoints to “false”. For details, refer to OPC UA.

Improvement

To be able to provide more information in input fields on the expected input, dynamic form fields now support HTML markup in their description.

Improvement

The configuration flag fwResetStateMachineOnStart has been added to control if the LWM2M agent resets the firmware update state machine on the client at the beginning of a firmware update. The default of this flag is true which matches the existing behaviour of the LWM2M agent. It is available in the device registration settings.

Improvement

Added the SmartREST static template 201 for creating measurements with multiple fragments and series.

Improvement

Added the SmartREST static template 125 for sending heartbeat from a device.

Improvement

Added the SmartREST static template 507 for changing the device operations status from EXECUTING to FAILED. The operations can be filtered by type. The template is intended for facilitating an operations cleanup after a crash.

Improvement

If an asset custom property in the Digital Twin Manager application is declared as required and complex, all of its sub-properties are required too.

Improvement

Two new LWM2M shell commands have been added.

The new executelegacy command allows LWM2M execute requests with non-standard LWM2M parameters. The behavior of this operation resembles the semantics of the existing execute operation until version 10.15.
The new coap shell command enables making raw CoAP requests to devices to facilitate non-standard communication in exceptional cases.

For details, refer to Handling LWM2M shell commands .

Improvement

The performance of the migrateLwm2mDevices operation has been improved. New command line arguments have been introduced with the operation. A list of legacy LWM2M devices can be specified directly from the shell command. Moreover, the migration of the LWM2M client registration objects can be skipped by using an argument.

For details, refer to Migration of the LWM2M devices. [DM-1866]

Feature

The details of a LWM2M device now show a LWM2M configuration tab which replaces the LWM2M bootstrap parameters tab. The new tab is better structured and allows detailed configuration. It contains all configuration options of the former LWM2M bootstrap parameters tab as well as additional setting options:

LWM2M device settings such as awake time registration parameter, request timeout, serialization format, binary delivery encoding, use timestamp resources, keeping old values
Device security modes selection including the new X.509 certificate mode and selection for LWM2M bootstrap and server individually
Firmware update configurations
A set of LWM2M Server configurations that can be written to the device during bootstrap

For details, refer to the LWM2M user documentation.

If the new LWM2M configuration tab is not displayed and the LWM2M bootstrap parameters tab is displayed instead, the LWM2M agent is installed in an older version that does not yet support the new tab.

Feature

The Device management home page now also provides a customizable dashboard which lets users add customized widgets.

Feature

The asset selection in the datapoint selector is now filterable.

API Change

As announced earlier, see also release 10.17, at least one query parameter limiting the affected data will now be required to prevent accidental deletion of too many objects during a bulk delete operation. This change affects the following APIs:

DELETE /alarm/alarms requires at least one of the following parameters: source, dateFrom, dateTo, createdFrom, createdTo
DELETE /event/events requires at least one of the following parameters: source, dateFrom, dateTo, createdFrom, createdTo
DELETE /measurements/measurement requires at least one of the following parameters: source, dateFrom, dateTo

Feature

The following time range options have been added to the export configuration: “Last 24 hours”, “Last 7 days”, “Last 30 days”.

Feature

LWM2M device connections with X.509 certificates are now supported. The X.509 security mode can be selected separately for the Bootstrap server and the LWM2M server either during device registration or, for existing devices, by using the new LWM2M configuration tab. The Certificate Authority that issued device certificates must be added and enabled in the trusted certificates in the tenant.

Together with this change also the following changes are introduced:

Separate security mode for Bootstrap and LWM2M server

Now all LWM2M device security modes can be selected separately for Bootstrap server and LWM2M server connections. This can be defined either during the device registration or using the LWM2M configuration tab of the device.

Disable authentication for Bootstrap or LWM2M server

Under Connectivity in the LWM2M configuration tab, the Bootstrap or LWM2M server connection can be disabled for a device.

PSK-generated option for LWM2M server security mode

During device registration, the “PSK generated” option can be selected for LWM2M Server connection to make LWM2M agent to generate the PSK ID and PSK key credentials for the device. These will be set to the device during the bootstrap process. For details, refer to the LWM2M user documentation.

Improvement

The MongoDB Java driver has been upgraded to the latest version 4.10.2.

August 7, 2025

MQTT Service device isolation is enabled by default

Introduction

Device versus tenant isolation

Impact on MQTT devices and microservices connecting to the MQTT Service

Switching between isolation models

July 31, 2025

Upgraded Angular and Web SDK versions

July 28, 2025

OPC UA device gateway with Thin Edge MQTT Forwarding

July 21, 2025

MQTT Service will enforce device isolation

Introduction

Impact on MQTT devices and microservices connecting to the MQTT Service

Impact on microservices using the MQTT Service client SDK

Roll-out plan

Phase 1: Introduction of device isolation

Phase 2: Migration during Public Preview

Phase 3: General Availability

July 17, 2025

Software and firmware repository items can now be added without URL

New Analytics rules plugin is available as Public Preview

Python plug-ins can be run without sub-interpreters or with dedicated GILs

July 3, 2025

Introducing previous measurements values

Inventory search with wildcards becomes case-insensitive

New device tab listing all device parameters

New SmartREST template for creating parameter update events

Migration of audit log

June 26, 2025

Latest measurement values can be stored as part of a device managed object

Custom columns grid with nested asset properties available

List of asset properties available when creating custom columns

OPC UA server address space scan enhancements

Data grid component now supports display of hierarchical data

Python used by Streaming Analytics upgraded to version 3.13

June 19, 2025

Removed Redundant "LWM2M Device Send" event in VERBOSE logging

Map widget provides option to fit all assets on a map

New option for limiting the number of decimal places in data point graph and data explorer

June 12, 2025

Re-upload of previous microservice versions

May 29, 2025

Added filter option for DataHub entries to the audit logs list

Remote access tab only shows supported protocols

Reliable notifications and smart rule resiliency features now available as Public Preview

May 22, 2025

Messaging Service monitoring and management feature available as Public Preview

New toggle to exclude late-arriving measurements from latest values

Notifications 2.0 SDK 'deleteByFilter' method is deprecated

HTTP proxy support for the OPC UA gateway

New SmartREST template for reading the platform version

New feature preview functionality

Incorrect assignment operator usage now triggers an error

May 15, 2025

Improved subassets handling with multiple tabs in DTM plugins

Updated subassets and asset tree routes to avoid context issues in DTM

Changes to the development workflow on Windows for Apama Analytics Builder Block SDK and Apama EPL Apps Tools

May 12, 2025

Separate login application now manages all authentication flows

May 9, 2025

MQTT Service Public Preview release

May 8, 2025

Added option to provide a readme file for particular plugins in a package

Option added to view change logs of deployed packages

Allow pre-filling of single device registration form via query parameters

Radial gauge has been improved with better visualisation and more customizations

May 7, 2025

MQTT Service support in EPL Apps

April 29, 2025

Cumulocity Streaming Analytics will switch to a new “26.x” version of Apama engine

Release Changes

Windows and Eclipse support

Docker base image update

Supported operating systems changes

Java upgrade

Python upgrade

References & feedback

April 28, 2025

Enhanced security for encrypted tenant options

New Commands tab in the service details of device services