These change logs document all relevant changes for the Cumulocity cloud deployments.
The following types of change are included:
Displaying all changes since December 6, 2023
The Public Preview release of the Cumulocity MQTT Service currently enforces tenant isolation. An MQTT device (client) connected to the MQTT Service can subscribe to any topic, and receive messages published by other devices to that topic on the same tenant. That is, there is a tenant-wide topic space shared by all the MQTT devices using the tenant.
When the MQTT Service transitions from Public Preview to General Availability (GA), the MQTT Service will enforce device isolation. An MQTT device will still be able to subscribe to any topic, but it will not automatically receive messages published to that topic by any other MQTT device. However, microservices will be able to explicitly route messages between different devices. In effect, each MQTT client identifier will have its own private topic space that is not shared with other clients, but can be accessed by microservices.
We are making this change to align the MQTT Service with the behavior of the existing Core MQTT capability, and to improve out-of-the-box security for typical IoT applications where direct inter-device communication is not required.
This is a breaking change and affected applications must be updated to continue working after the GA version of the MQTT Service is deployed.
This change affects any application where MQTT devices exchange messages by publishing and subscribing to the same topics. In particular it affects applications where a Cumulocity microservice connects to the MQTT Service using the MQTT protocol to exchange messages with connected MQTT devices.
Microservices that are affected by this change should not immediately migrate to the existing Java client SDK, as this will not be supported in the GA version. Instead, these microservices should wait for the new MQTT Service API to be released and migrate directly to this API. See the next section for more details of the new API.
The existing Java client SDK for the MQTT Service will not be supported in the GA version. It will be replaced by a new language-neutral API giving direct access to the Cumulocity Messaging Service topics used by the MQTT Service. Details of the new API and how to use it in microservices will be announced soon.
Microservices that are affected by device isolation, and that are not currently using the client SDK, should wait for the new API to be available before starting their migration activity.
Microservices that are already using the Java client SDK may continue to do so until the new API is available.
To allow customers to plan a managed migration to the new device isolation behavior, it will be rolled out in several phases, as described below.
Dates refer to when the change will reach the eu-latest environment; other environments will be updated later following the usual CD deployment schedule.
On or soon after August 4, 2025:
The General Availability date for the MQTT Service is not yet confirmed, but will be no earlier than December 1, 2025.
When the MQTT Service becomes Generally Available:
Further announcements will be published before the start of phases 1 and 3.
The Analytics rules plugin extends the Analytics Builder capabilities within Streaming Analytics by enabling users to create and manage the Analytics Builder model instances directly from device and group contexts within applications such as Device Management and Cockpit. You can activate the feature using the Manage preview features option in the user menu.
For more details about the Analytics rules plugin, refer to Analytics rules plugin.
EPL plug-ins written in Python now have configurable isolation modes. This allows a plug-in to be loaded to use the main interpreter rather than a sub-interpreter, which is required for certain common third-party libraries that don’t support sub-interpreters, such as numpy. You can also run plug-ins with even more isolation, and use a separate Global Interpreter Lock (GIL) to the parent interpreter. This means that two different plug-ins can be executed in parallel.
Additional information can be seen in the corresponding Apama change log.
Automated persistence for measurement values under the c8y_PreviousMeasurements fragment has been introduced. This allows for storing and querying the second most recent measurement values based on arrival time.
For details on how to enable the feature and how it works, refer to Managing data.
Breaking change: The Inventory API c8y_PreviousMeasurements fragment was added to the restricted properties list.
The c8y_Previous Measurements fragment is reserved for internal system use only and may not be used by external users.
Any request containing restricted properties will have those properties ignored by the platform — they will not be applied or saved.
Example:
If a user sends a request like the following::
{
"name": "testDevice",
"owner": "device_654321",
"c8y_IsDevice": {},
"c8y_PreviousMeasurements": {
"c8y_Temperature": {
"value": 25.4,
"unit": "C"
}
}
}
With this release, the c8y_PreviousMeasurements fragment in the request will be ignored and will not be saved.
To improve the user experience when searching the inventory by a particular property, the Cumulocity platform changes its behavior for searches by filter with wildcards. Queries using the query language with wildcards now behave case-insensitive. Previously, such queries were processed with a case-sensitive strategy.
Example request:
GET /inventory/managedObjects?query=name+eq+'my-device*
can now return devices with names equal 'my-device01' or 'My-Device02'.
Queries without a wildcard character remain unchanged and use the exact match for optimal performance. This means that the example request:
GET /inventory/managedObjects?query=name+eq+'My-device01'
will not return a device with a name equal 'my-device01'.
To provide an overview of the device parameters, a new Parameters tab has been added to the device details. This tab lists all parameters reported by the device in a table format, including the parameter title, key, value and type.
A new SmartREST template has been added. Using the template ID 408, it is now possible to create device parameter update events. The events created always have the type c8y_ParameterUpdateEvent. The template has a change detection functionality, so that events are only created if the given state in the event was not already known at the time.
The audit log of the Cumulocity DataHub application has been moved to the audit log of the Cumulocity Administration application, which provides central access to the tracking of all user operations.
Support of automated persistence of measurement values under the c8y_LatestMeasurements fragment, which has previously been introduced as a preview feature, is now generally available. If a measurement is created with a series that matches the configuration the device managed object is updated with the last series sent to the platform.
For details on how to enable the feature and how it works, refer to Managing data.
To provide more flexibility in displaying asset data, it is now possible to configure custom columns in the asset grid which can include nested properties. For example, if an asset has a nested property “c8y_Hardware.model”, it can now be displayed in a separate column in the grid. This allows users to view asset data based on specific nested properties without the need to view the full asset details.
In data grid views, when adding a custom column, you can now search through a list of asset property definitions when the Digital Twin Manager (DTM) asset API is available. The column header and path are filled in automatically. If the DTM service cannot be reached, the application falls back to the previous dialog, so existing workflows continue to work.
New advanced settings have been introduced in the OPC UA server configuration in the Device Management application, which provide the option to enable auto-scan with either full or partial address space scan capabilities. Refer to Connecting the gateway to the server for more details. This feature requires version 1021.7.0 or higher of the opcua-device-gateway and opcua-mgmt-service components.
The Data grid component has been updated to support hierarchical data structures. This enables a tree grid view where rows can be expanded to reveal nested child rows.
Key features include:
This update enables clearer representation of parent-child relationships in datasets, such as device hierarchies and asset hierarchies.
The version of Python used in Cumulocity Streaming Analytics has been upgraded to version 3.13. Customers with extensions containing Python code should test that they are still working as expected. Virtual environments used to provide additional Python libraries may need to be recreated. If possible make these changes before the corresponding build gets rolled out to production SaaS environments.
See online resources such as the Python What’s New for detailed information about breaking changes and new features in Python 3.13. Additional information can also be seen in the corresponding Apama change log.
The “LWM2M Device Send” event was logged alongside the “Received Message” event, although both events contained identical information. This update removes the redundant “LWM2M Device Send” event. Only the “Received Message” event now logs the resource data received from the LWM2M service in the VERBOSE logging level.
The “Map” widget has been enhanced with a new feature that allows to fit all assets on a map. This includes either all selected assets for the widget or all available assets if none are explicitly selected. This functionality is available in two places:
This feature improves the usability by ensuring all tracked assets are visible with a single action.
For the new data point graph and data explorer, which can be enabled via the preview feature toggle, a new configuration option has been added that allows for limiting the number of decimal places. Users can now set a maximum number of decimal places, making it easier to interpret measurement values at a glance.
Previously, uploading older microservice versions was restricted to development builds that contained the -SNAPSHOT suffix in the version. This constraint has now been removed.
It is now possible to upload older versions of a microservice, provided that the uploaded image matches the one already stored in the Docker registry.
For microservices in development with the -SNAPSHOT suffix in the version, there are no restrictions on the image content. Older versions with the same or different image content can be deployed.
This improvement allows you to rollback to a previously used version of the microservice. So far it was necessary to either delete the microservice application and re-upload the earlier version, or rebuild and re-upload the same binaries with an incremented version number.
A new filter option for entries created by DataHub has been added to the audit logs list. Previously, the audit logs list did not allow filtering of DataHub-related entries specifically.
Previously, the Remote access tab in the device details showed all available protocols, even if the device did not support them. This could lead to confusion for users trying to remotely access devices.
With this change, the Remote access tab only shows the protocols that are actually supported by the selected device. This makes the interface clearer and improves the user experience by providing accurate information on each device’s remote access capabilities.
If no supported protocols are specified, all options will still be shown to maintain compatibility. Any invalid or duplicate entries in the list will be ignored.
Find more information on specifying supported protocols via MQTT static templates.
The Streaming Analytics microservices now supports reliable delivery of notifications and resilience of smart rule state against scheduled restarts. These features are in Public Preview and can be enabled with the feature flags streaming-analytics.messaging and streaming-analytics.resilience.smartrules. These features are enabled for all tenants on the eu-latest cluster now, and will be automatically rolled out to production zones over the next few weeks. Tenant administrators can override the default on a given environment by setting the feature flags appropriately. The messaging feature must be enabled in order to enable the resilience feature.
This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.
To determine whether the feature is available for your tenant, open the Administration application and navigate to Ecosystem > Microservices.
If you see the Messaging-management microservice subscription for your tenant, the feature is already available to be activated as described below.
Otherwise, please contact product support to request the microservice subscription for your tenant.
The Messaging Service, the messaging component embedded in the Cumulocity platform, has been enhanced by a new monitoring and management feature which allows users to monitor and manage the usage of the Messaging Service resources. This new feature is currently in Public Preview. You can activate it in the platform UI via the Manage preview features option in the user menu. Find out more about the feature in its user documentation.
A new toggle, strongConsistency, has been introduced. When set to true, it prevents late-arriving measurements from being shown as the most recent data for a device, regardless of their actual arrival time.
For details on how to enable it and how it works, refer to Managing data.
The Notifications 2.0 SDK deleteByFilter() method takes a NotificationSubscriptionFilter parameter that specifies which subscriptions should be deleted.
Previously, it was possible to create a filter that would result in more subscriptions being deleted than was intended.
To resolve this issue, extra safeguards have been added to reject filters that should not be processed by the underlying platform API.
In addition, the deleteByFilter() method has been deprecated and clients should use the existing delete(), deleteById() and deleteBySource() methods instead.
Support has been added for operating behind an HTTP proxy. This enhancement allows the Cumulocity OPC UA gateway to be used in environments where an HTTP proxy is required, improving flexibility and compatibility with various network configurations.
A new SmartREST template has been added. Using the template ID 600, it is now possible to read the platform version with SmartREST, in order to evaluate API interface compatibility and expected request behaviour.
The preview features functionality allows you to manage all features that are currently in Public Preview in one place. With a simple toggle interface you can easily discover, enable, and experiment with upcoming functionality. This helps you stay ahead of new developments while providing our team with valuable insights to improve the final product through your early feedback.
To access the preview features toggle interface, click the user icon at the top right and select Manage preview features in the right drawer.
In earlier versions of EPL Apps, using = instead of := resulted in a warning. This has now been promoted to an error. Loading will be rejected until the line is fixed or removed.
Previously, integrating the subassets plugin from Digital Twin Manager with other tab-based plugins led to errors during tab switching. This issue has been resolved. The path to access subassets has been changed from /asset/:id/subassets to /group/:id/subassets.
The subassets and asset tree contexts have been changed from /asset/:id to /group/:id to align with the Digital Twin Manager´s registered context. The previous asset/:id context was not recognized globally, leading to issues such as broken tab switching, especially when external plugins were integrated. Switching to the group/:id context ensures reliable routing, consistent context handling, and seamless plugin compatibility across the platform.
The Apama Analytics Builder Block SDK and Apama EPL Apps Tools are no longer supported natively on Windows environments.
The new approach is to use the community-maintained Apama Extension for Microsoft Visual Studio Code which provides a productive development environment for writing EPL, including a workflow for starting Apama application on Windows using a Dev Container using WSL (Windows Subsystem for Linux).
Alternatively, in the short term, it is possible to continue using Apama 10.15 and the rel/y2025 branch of the respective repositories; however, customers are encouraged to transition to the new approach when possible.
Starting with version 1022.0.0, the Web SDK no longer includes built-in login functionality in each application. Instead, a separate login application now manages all authentication flows. Web applications developed using Web SDK version 1022.0.0 or later will automatically redirect users to this standalone login application whenever authentication is needed.
This change benefits customers creating their own UI applications, as they no longer need to implement custom login flows. They can simply redirect users to the new login application. The login page has also been redesigned as part of this update, improving its usability and visual appeal.
Note: Customers who embed the UI within an iframe and require in-iframe login may need to modify their implementation to support this new login flow.
This feature is in Public Preview, that is, it is not enabled by default and may be subject to change in the future.
To determine whether the feature is available for your tenant, open the Administration application and navigate to Ecosystem > Microservices.
If you see the Mqtt-service microservice subscription for your tenant, the feature is already available.
Otherwise, please contact product support to request the microservice subscription for your tenant.
The Cumulocity MQTT Service is a new MQTT endpoint implementation for Cumulocity that provides the following benefits:
The MQTT Service does not replace the existing Core MQTT capability of Cumulocity that supports sending device data already in the Cumulocity domain model directly into the platform. The new capability provided by the MQTT Service allows for easier integration of MQTT devices that cannot use the Cumulocity domain model. It also supports more flexible communication patterns between devices, applications, and the Cumulocity platform, controlled by user-provided microservices.
Note that in the public preview, MQTT Service clients within a tenant are not isolated from one another. That is, an MQTT client can subscribe to topic(s) that another client is publishing on, and receive the messages sent by that client. Full device isolation will be available in the first General Availability release of the MQTT Service.
For more details about this feature refer to the MQTT Service documentation.
Previously, only one readme file could be added to a package - by storing the README.md file in the package root folder. With this update a readme file can be created for each plugin within a package, thus providing users with a better experience and placing the information closer to the plugin.
To add the readme for the plugin, the README.md file must be provided in the plugin codebase (the recommended place is the same folder as the exposed plugin module) and thereadmePath property (indicating the path to this file) must be added to the exports. For example:
{
name: 'Example widget plugin',
module: 'WidgetPluginModule',
path: './src/app/widget/widget-plugin.module.ts',
readmePath: './src/app/widget/README.md',
description: 'Adds a custom widget to the shell application'
}
When the package is deployed, the readme can be viewed in the package details, the package versions view (readme for specific version), the installed plugins list and the available plugins list.
It is now possible to view change logs of deployed packages. These change logs can be viewed in:
To simplify the device registration process, the single device registration form can now be pre-filled with device information. When a user opens the device registration dialog, the form fields are automatically populated with available device details from the query parameters, reducing manual input. This change improves the user experience by saving time and effort during device registration.
The radial gauge visualization has been migrated to a new charting library, offering a broader selection of built-in gauge presets for quick and easy use. Additionally, an advanced section has been introduced, enabling users to fine-tune and customize gauges to perfectly match their data visualization needs.
EPL Apps now has support for connecting to Cumulocity MQTT Service. This allows handling of device-native messages sent to the MQTT Service within Cumulocity EPL Apps. For more details see Using Cumulocity MQTT Service.
Cumulocity Streaming Analytics is switching to the new “26.x” version of the Apama engine. The 26.x release is focused around the real-world needs of Cumulocity customers, delivering a simplified and more relevant feature set.
The new version includes some changes that may affect customers with their own custom EPL or connectivity plugins, as well as those who build and test analytics applications using their own installation of Apama (for example, on Windows).
We expect most applications to be unaffected. However if you use custom Python or Java plugins in an Analytics Builder Block that you have uploaded to the apama-ctrl microservice, it is important to prepare for these changes immediately, so you are ready when the update is rolled out to SaaS environments over the coming weeks.
If you use Apama in a Cumulocity custom microservice there is less urgency, but you should plan to switch to the new (latest or 26.X.X) Apama base image at some point over the next year.
Installation of the Apama engine is no longer supported on Windows, and the Apama plugin for Eclipse is removed.
The Apama Docker images now use Debian 12 (Bookworm) for the base image instead of Red Hat UBI. These images can be used for both development and as a base image for custom Cumulocity microservices. The names and tags of some Docker images have changed, as has the directory where Apama is installed. If you need to install any extra packages on your image, the command line for doing so will need to be changed for Debian.
For users who need to install Apama onto a Linux machine without Docker for development purposes, the installation options have changed. Debian 12 (Bookworm) is now the only supported distribution for installing Apama, and the Apama packages must be installed from our Debian Package Repository as we no longer publish .zip or .tar.gz packages. Support for installing Apama on Red Hat Enterprise Linux and Ubuntu is removed. In addition to the usual x86 packages, support for ARMv8 (64-bit) has been added and replaces ARMv7HF (32-bit).
This release of Apama comes with Java 17 instead of Java 11. All Java code executed within the correlator is now executed with Java 17, so if you have any custom EPL plugins or connectivity plugins you should recompile them with Java 17 and test that they are still working as expected. If you use Java in a block uploaded to an apama-ctrl microservice, any required changes should be performed immediately so you are ready when the update is rolled out to SaaS environments.
See online resources such as the JDK release notes for detailed information about breaking changes and new features in Java 17. Some applications may be affected by the different locale data provided in this version of Java, or may require updates to third party library dependencies, but we expect that in most cases Apama plugins will continue to work without changes.
Python will soon be upgraded from 3.9 to a newer version (likely 3.13). We advise customers using Python to review What’s New in Python to familiarize themselves with any changes that may affect their application. If Python is being used within a block uploaded to an apama-ctrl microservice, any required changes should be performed immediately so you are ready when the update is rolled out to SaaS environments.
For more information on these and other changes, review the Apama Change Logs. If you have any questions, feel free to post to the streaming-analytics-apama tag on the Cumulocity Tech Community.
A new security feature has been introduced to restrict the decryption of encrypted tenant options with the credentials. prefix. These options can now only be decrypted by system users (such as bootstrap or microservice users) if they own the options.
Ownership is determined based on the category of the tenant option, in the following priority:
settingsCategory defined in the microservice manifest.This change is currently disabled by default and can be enabled via a feature toggle secure-tenant-options through the API.
credentials.* options in categories not owned by the microservice.The Properties, Custom properties, and Limits tabs in the tenant details have completely been migrated to a newer version of Angular. They still work in the same way from the user perspective, with two exceptions:
The retention scheduler has been updated to execute retention rules for tenants with the status SUSPENDED in addition to active tenants. This makes sure that data cleanup and storage rules still apply, even if a tenant is not currently active.
In the past, Modbus, Profibus, CANBus, and CANopen devices created in the Device Management application were missing the c8y_IsDevice fragment which identifies them as devices in the inventory. This change adds the c8y_IsDevice fragment to all such devices created going forward. This improvement makes such devices easier to find and filter in the inventory when querying for devices. Existing Modbus, Profibus, CANBus, and CANopen devices in the inventory are not modified and will still be missing the parameter.
The LWM2M agent now provides enhanced control over request timeout settings for LWM2M devices. The timeout value must always remain within the minimum and maximum limits defined in the global LWM2M microservice properties. Invalid values, such as zero or negative numbers, can no longer be entered. If the agent detects a value below the minimum threshold, it will automatically adjust it to the allowed minimum. Similarly, any value exceeding the maximum limit will be corrected to the allowed maximum.
The logging event levels have been updated to simplify the LWM2M device configuration. Previously available logging levels were: NONE, LIFECYCLE, TRAFFIC, FIRMWARE, and VERBOSE. This has now been simplified to NONE, LIFECYCLE, and VERBOSE. TRAFFIC and FIRMWARE log events have been merged with VERBOSE. This configuration will be automatically updated in the device managed object.
The Cumulocity platform provides capabilities to manage translations for the UI in various languages. Previously, the translation editor had limited capabilities for editing multiple translations at once. With this change, the Monaco editor can now be used when editing translations in the Administration application, allowing to bulk edit or import translations easily.
To simplify the process of creating device groups, it is now possible to assign child devices directly when creating a new group. Previously, child devices had to be assigned separately after the group was created. This change streamlines the workflow and saves time for users who manage large numbers of devices. Existing device groups are not affected by this change.
As published earlier in the change logs, the removal of the Microservice API version 1 has now been implemented. If not done yet migrate your microservices to API version 2 as soon as possible. Refer to Microservice migration to API version 2 in the user documentation to understand how to accomplish this.
What changes?
Cumulocity introduces a new hookable multi-section concept for the widget configuration, and as a result, the loadConfigComponent method of the widgetHook is deprecated.
How does this change impact you?
Widget developers should start using the hookWidgetSection hook to add configuration to their own or existing widgets. This new approach supports multiple configuration sections to be displayed, offering greater flexibility and organization of widget settings.
Backward compatibility
The loadConfigComponent method continues to work in short term and will add a section named “Settings”, but it will be removed in an upcoming major release. We recommend migrating to the new approach as soon as possible.
In an upcoming version a new Import/Export tab will be added to the dashboard settings, which allows to export dashboards to JSON files, import dashboards from previously exported JSON files and edit the dashboard in an editor. This new functionality allows to copy dashboards across applications. It is provided as a “self-optional” plugin to the Cockpit application, thus it has to be installed explicitly. The dashboard setting component will be refactored to use a secondary router outlet in order to make these type of views hookable. This approach allows to hook a new tab to a particular outlet. For example:
hookTab(
[
{
label: gettext('Import / Export'),
icon: 'input-output',
priority: 5,
path: [
{
outlets: {
'dashboard-details': 'advanced'
}
}
],
tabsOutlet: 'dashboardTabs'
}
];
),
hookRoute([
{
path: 'advanced',
loadComponent: () => import(...),
outlet: 'dashboard-details',
context: ViewContext.Dashboard
}
])
In this example an additional tab is added to the dashboard settings, and the hook route allows to display a view for this tab. This is breaking change, as each component that uses context dashboards must have ´rootContext: ViewContext.Dashboard´ in the route definition to make these settings tabs and views visible (even if no new tab was added). For example:
hookRoute({
path: "home2",
component: CockpitDashboardComponent,
rootContext: ViewContext.Dashboard,
});
It is now possible to generate schemas from TypeScript types and interfaces in your project, which can then be imported during runtime. A custom webpack plugin makes this functionality possible by collecting all types imported with the c8y-schema-loader prefix during the application build process. The enhancement enables runtime validation capabilities, such as validating widget configurations (since TypeScript types are not retained in the built application). This supports upcoming advanced features such as dashboard export and import.
As part of our ongoing efforts to improve the developer experience, we have published a new @c8y/toolkit npm package. This package for now only provides functionality for deploying applications or packages to a Cumulocity instance, but might be extended further.
The advantage of this package over the already existing ng deploy command is that is does not come with a dependency on Angular, making it more lightweight and ideal to use in, for example, a CI/CD pipeline.
Improvements in the area of handling Cumulocity cluster membership and node discovery have been implemented that might impact the microservice monitoring features of the Cumulocity platform.
For OPC UA custom action requests, you can now include the timestamp of when the node value is received by the OPC UA device gateway. Simply add the ${receivedTimestampInMs} placeholder to the custom action body template in the OPC UA device protocol. This enables users to track when a node value is processed within the gateway.
Starting in Q1 2025, the Cumulocity platform will include the Time Series Migration application as part of the default set of subscribed microservices. This service will be automatically enabled for both existing and newly created tenants. The application facilitates the migration of tenant data from legacy measurements to the new time series storage. For more information, refer to Time Series migration.
When the HTTP queue is overflowed, the OPC UA gateway now temporarily disables the server communication until the queue is recovered. This improvement helps prevent potential system overloads and ensures more stable performance during high traffic conditions. Before disabling the OPC UA communication, an alarm is triggered to notify that the gateway is disabling communication. Once the queue and communication are restored, the previously triggered alarm is cleared.
To enhance data analysis and visualization within the Cumulocity platform, the data point explorer and data point graph have been upgraded with new capabilities and a modernized architecture. Both features have been migrated from AngularJS to Angular, bringing improved performance, a refreshed interface, and expanded configuration options. Initially, these features will not be included by default and can only be installed as additional plugins. To install them, navigate to your custom application, click Install plugins, and search for “Data point explorer” and “Data point graph”.
The data point explorer now includes a workspace implementation, allowing users to create and manage multiple workspaces for organizing their data analysis. These workspaces are stored locally and can also be shared, enabling seamless collaboration across teams. Additionally, an improved browsing and search experience makes it easier to locate specific data points across connected devices.
The data point graph now provides a more interactive and dynamic visualization of data points over time, helping users identify trends, patterns, and anomalies with greater ease. Key improvements include:
These enhancements offer a more intuitive and powerful way to explore IoT data, improving efficiency and collaboration for users managing their deployments within Cumulocity.
A new function isinhierarchyof() has been added to the query language.
The new function
Example
For a given hierarchy:
isinhierarchyof(g1) - matches group g1 and all of its descendants: g1, s1, s2, o1, o2, o3, o4isinhierarchyof(s1) - matches subgroup s1 and all of its descendants: s1, o1, o2isinhierarchyof(s2) - matches subgroup s2 and all of its descendants: s2, o3, o4isinhierarchyof(o1) - matches only object o1isinhierarchyof(o3) - matches only object o3isinhierarchyof(s1,s2) - matches both subgroups and their descendants: s1, s2, o1, o2, o3, o4isinhierarchyof(o2,o4) - matches objects o2, o4The Cloud Remote Access feature in Cumulocity enables users to remotely access and manage their devices. As part of ongoing improvements, this feature has been migrated from the older AngularJS framework to the newer Angular framework. This migration aligns the feature with the latest web technologies and provides a more modern and maintainable codebase. Additionally, the Cloud Remote Access feature is now extendable via the hookService, allowing developers to customize and enhance its functionality to suit their specific requirements. While the core functionality of Cloud Remote Access remains the same, users may notice minor visual changes in the user interface due to the framework migration.
Customers maintaining their own Device Management application, can refer to this git diff to identify the changes required to switch to the new implementation.
A new Commands tab has been implemented in the service details of device services. The Commands tab allows users to send available service commands and track their execution history. For details, see Service commands.
In the past, extension packages could not be archived in the system which led to challenges with managing obsolete or unused packages. With this change, it is now possible to archive packages which are no longer maintained. Packages can be marked as out of maintenance, while still being able to access archived packages if necessary.
The export component has been integrated into the “Data point table” widget. This integration allows users to efficiently generate exports based on the data displayed in the “Data point table” widget.
Many queries in Cumulocity now use the withTotalElements parameter. This way, the number of queries required to retrieve the total number of items can be significantly reduced. This change considerably improves the performance, especially when working with large datasets such as the device list.
The OperationsListModule component, which was deprecated since version 1021.50.0, has now been removed. In case you use OperationsListComponent and/or OperationsListItemComponent you can now import them directly as standalone components. In case you want to continue to provide the Device control > Single operations feature in your Device management application, you can take advantage of the deviceControlOverviewFeatureProviderFactory() factory function which provides all necessary environment providers that hook the Single operations tab and the respective navigator node. For the Device control section on the Device info tab, you can respectively use the deviceControlTabFeatureProviderFactory() factory function. If you already import OperationsModule from @c8y/ngx-components/operations in your application, no change is needed since it has been refactored to use the provider factories as a replacement of the removed OperationsListModule.
In a future version of the Web SDK, the LWM2M module will be removed from the @c8y/ngx-components library. If you use the LWM2M module from @c8y/ngx-components in your custom UI components, this will no longer work in future Web SDK versions and must be removed. LWM2M will be available as a plugin in the Device Management application.
Starting from version 2025.18.0, the Microservice SDK is now using Spring Boot 3.4.2. Notice that along with Spring Boot, most other dependencies were also updated to be consistent to the dependencies which Spring Boot uses.
The version 2025.18.0 will also bring along updates to several third-party libraries and frameworks. These changes will be included in the org.springframework.boot:spring-boot-dependencies:3.4.2 dependency which comes with Microservice SDK.
Impact: The update may impact your microservices, potentially requiring code changes.
Migration Resources: Refer to the following guides for assistance with the changes:
An offloading pipeline can be configured to raise a Cumulocity event when an associated offloading or compaction run completes. Such an event comprises details of the corresponding run such as start and end time, success status, or number of offloaded records. Those events can be used to trigger follow-up actions upon completion of an offloading or compaction run.
We are pleased to announce that Cumulocity has moved to AI-powered automation for translating our entire platform UI from English into all supported languages.
In addition, a regular review is carried out by professional translators for German, French, and Japanese.
What this means for you
Help us improve
While AI technology continues to advance, we recognize the importance of human expertise in ensuring accurate and contextually appropriate translations. We value your insights and encourage you to share feedback and suggestions for improving translations through our product support.
Your feedback will directly contribute to enhancing the translation quality of Cumulocity for all users worldwide.
In a future version of the Web SDK, we will update the Angular version used in the Web SDK to version 19. This update brings improvements and new features, but may also introduce breaking changes that could impact your existing implementations.
As part of this change, the pipe, directives and components that are offered as part of the @c8y/ngx-components library, will now be available in standalone mode.
To ensure a smooth transition to Angular 19 and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.
To ensure a day one compatibility of your plugins with applications based on the v1022 Web SDK, you should already today add the standalone flag to all components/pipes/directives of your plugins.
You do not need to migrate your components/pipes/directives to standalone: true, you can also set it to false. You just need to ensure that you’ve set the standalone flag.
Angular v19 will otherwise default to standalone: true instead of standalone: false if the standalone flag has not been defined, which can break your components/pipes/directives.
As part of our ongoing improvement efforts, in a previous version, we have migrated the Cloud Remote Access feature from the older AngularJS framework to the newer Angular framework. The new Angular-based implementation makes the old AngularJS-based implementation obsolete. The AngularJS-based implementation will therefore be removed from the @c8y/ng1-modules npm package starting with version 1022.0.0.
Customers maintaining their own Device Management application can refer to this git diff to identify the changes required to switch to the new implementation.
In order to make it easier for users to apply only relevant device profiles, pre-filtering of device profiles by the software types supported by the specific device has been implemented in the Device profile tab. The Select device profile dropdown now only shows profiles that are applicable for the software types supported by the device. This improves usability, saves time and eliminates errors.
The asset selector is a commonly used component that allows users to select one or more assets from a list. Previously, checkboxes were always displayed next to each asset in the list. With this change, developers can now hide these checkboxes if desired. This provides more flexibility in the UI design and can lead to a cleaner look in situations where the checkboxes are not needed.
A new field named Source or Destination Type is now available in the Template Parameters dialog box of the Analytics Builder model editor. You can use the new field to select one of the following source or destination types: Device, Groups, Assets, or Other. You can then specify a default value that is based on your selection. See also Managing template parameters.
The multi-tenant Apama-ctrl-mt-4c-16g microservice now supports Analytic models. The Analytics Builder page is shown for tenants subscribed to the microservice, allowing users to create, deploy and manage analytic models.
As part of our ongoing improvement efforts, in a previous version, we have removed several legacy components related to configuration management, device list handling, and column configuration. These changes impact outdated services, directives, and templates that have either been migrated to Angular or deprecated due to lack of usage.
If you were relying on any of the removed components, please migrate to the new Angular-based solutions.
The password setup process for new users was unclear. It has been updated and replaced with three distinct options, from which the administrator can select one. The available options are:
See also Managing users.
As part of ongoing improvements to the Device Management application, the “Asset notes” widget has been migrated to from AngularJS to Angular.
Service management actions have been added to each service in the services list in the device details. With this change, users can now conveniently perform service-related actions such as starting, stopping, or restarting a service right from the device services list.
DTM plugins now support creating and visualizing groups based on their default asset model. Users can create multiple groups simultaneously and organize devices within these groups. The updated view also displays the current labels and icons assigned to the default asset model for groups.
A default asset model for groups has been introduced, that allows any group to be treated as an asset, providing a unified, flexible, and consistent approach to managing assets. The core functionality of groups will remain unchanged. Groups can be used as before, including the ability to nest groups within other groups. Unlike other asset models, the group asset model will not enforce hierarchical relationships, continuing the flexibility in grouping devices and other assets. This enhancement also enables customization options like changing icons and defining custom labels, similar to other asset models in Digital Twin Manager.
The On geofence create alarm smart rule was periodically creating duplicate alarms when the geofence configuration was triggered. This issue has now been resolved.
Notifications 2.0 subscriptions may specify the Cumulocity APIs to subscribe to, for example events or measurements.
If the events API was specifically included as the only API in a tenant context subscription filter, a type filter was also required to be set in that filter to make the subscription work.
The restriction requiring a type filter when subscribing to the events API in the tenant context has been removed. Tenant context subscriptions to the events API can now be created without specifying a type filter.
As previously announced, applications utilizing the wildcard API selector in Notifications 2.0 tenant context subscriptions will now start receiving operations updates in addition to the updates they were already receiving. This change applies to both existing and new tenant context subscriptions.
Two new request counters for usage statistics operationsCreatedCount, operationsUpdateCount, introduced for REST endpoints in an earlier version (10.20.611.0), are now fully implemented. These counters are incremented in the following way:
/devicecontrol/operations) or the bulk operations API (/devicecontrol/bulkoperations).
Previously, device profiles did not include software type information for their software items. With this update, newly created device profiles will now include software type information. Additionally, device profile operations for devices that support advanced software management will also include software type information, while operations for devices without advanced software management will continue to exclude it.
The default number of decimal places in widgets has been increased from 1 to 2, providing more precise data visualization out of the box. Users can now configure decimal places up to a maximum of 10, ensuring consistent and accurate data representation across all widgets. This standardization improves data readability and helps prevent potential misinterpretation of numerical values in dashboards.
Product documentation for deprecated releases
The user & developer documentation for the releases 10.18.0 and 10.17.0 have been moved to the GitHub documentation repository. For details how to access it, see Previous documentation versions.
As a consequence, the entire content of the deprecated documentation website https://cumulocity.com/guides/ has finally been deleted.
Release notes for deprecated releases
The release notes for releases 10.18 and older, which have been provided at https://cumulocity.com/releasenotes/, have been archived. For details how to access it, see Previous documentation versions.
As a consequence, the entire content of the deprecated release notes website https://cumulocity.com/releasenotes/ has finally been deleted.
API documentation for deprecated releases
The API documentation for releases 10.18 and older, which have been provided at https://cumulocity.com/api/, has been archived. For details how to access it, see Previous documentation versions.
The LWM2M resource instance level operations have been introduced in LWM2M 1.1 but are not supported by LWM2M 1.0 devices.
When LWM2M resource instance level operations (Example: read /5/0/8/0) against a LWM2M 1.0 device are created, the operation will now directly fail and not be sent to the device.
When the device list is updated (for example, in case of creating or deleting a device), the data grid size is now adjusted automatically. This ensures accurate pagination and reduces unnecessary network requests. Users do not need to take any extra steps.
As part of ongoing improvements to the Device Management application, the device map component (Devices > Map) has been migrated to a new implementation. Besides improving the functionality, the goal of this migration is to keep the component up-to-date and maintainable. The following changes have been made:
A new entry for the export component has been added to the Cumulocity Codex. This change introduces a dedicated page that provides information about the export component, its purpose, and how it can be used within the Cumulocity platform.
The “Alarm list” widget previously displayed all alarms without the ability to filter them by date. With this change, users can now filter the displayed alarms in the widget by specifying a date range. This allows users to narrow down the shown alarms to a specific time period they are interested in. Users can select the date range either specifically for the widget or bind the widget to the dashboard time context.
Previously, plugins that were installed using a tag were not properly displayed in the list of installed plugins, which could cause confusion for users trying to manage their plugins. With this change, any plugin installed via a tag will now correctly appear in the plugins list. This improvement enhances the accuracy and reliability of the plugin management system, ensuring that users have a clear overview of all installed plugins regardless of the installation method.
The Additional resources dropdown at the top right of the product documentation website now provides access to the Company website, the Platform status page, and the CLI documentation.
Streaming Analytics can now use the Cumulocity Notifications 2.0 reliable data forwarding capability to receive notifications for measurements, events, alarms, managed objects and operations that are processed by the Cumulocity platform. The benefits of using Notifications 2.0 are improved performance and reliability for messaging with Streaming Analytics applications such as smart rules, Analytics Builder and EPL apps.
Streaming Analytics intends to migrate all tenants to use Notifications 2.0, and some customers may choose to start migrating now. This change is intended to provide improved performance, reliability and resilience in planned future enhancements to Streaming Analytics.
This feature is currently in private preview. To take advantage of it, you must contact product support to set the notification2.streaming-analytics feature flag. In addition, users of any of the variants of the Apama-ctrl microservice must also toggle the streaming-analytics.messaging feature flag. Users of custom Apama microservices must also add the ROLE_NOTIFICATION_2_ADMIN permission to the microservice manifest. Users of custom Apama EPL projects must also add the new Cumulocity Notifications 2.0 bundle. Apama EPL projects that remotely connect to Cumulocity IoT via the long-polling interface will benefit from improved robustness after migrating to Notifications 2.0. For more information, including how to toggle the feature flags, see Configuration requirements for Notifications 2.0.
Two new properties, operationsCreatedCount and operationsUpdateCount, have been added to all REST endpoints which will return detailed request counters for usage statistics.
In a first implementation step, the Cumulocity platform returns these properties with 0 values.
In a future implementation, counting logic in reaction to REST requests and MQTT messages creating and updating operations will be added.
To provide more detailed insights into platform usage, the Usage statistics page for Enterprise tenants has been extended with two new columns: “Operations Created” and “Operations Updated”. These columns present the number of operations that have been created and updated, respectively.
This change enhances the granularity of the usage statistics request counters, enabling better analysis and understanding of platform activity. Existing usage statistics data and functionality remain unaffected by this addition.
Previously, the request time for creating or updating a smart rule increased with the number of enabled or disabled sources. Therefore it was recommended to not select the Activate also for <number> child assets checkbox when a local smart rule was created on a group containing many devices.
With this change the performance of requests has been improved and now updating a smart rule by adding or removing a single device ID from the list of enabled or disabled sources (enabledSources or disabledSources) is very fast.
Additionally, creating a local smart rule has become much faster in case of a large number of direct children of a top-level group.
In case of deeper inventory hierarchies only the first level of the hierarchy is validated faster, so creating a local smart rule can still take a long time
if the group has hundreds of descendants deeper in the hierarchy and all of them are selected as enabledSources.
As part of the ongoing migration efforts, the user interface for managing translations has been migrated from the legacy Digital Twin Manager framework to a new modern framework. The functionality remains the same, allowing users to view, edit and manage translations as before. However, the underlying technology has been updated, providing better performance, stability and maintainability of the translations user interface going forward.
To support users when creating smart groups, a link to the user documentation on smart groups has been added to the smart group creation dialog. This allows users to quickly access helpful information.
For LWM2M devices, it is now possible to disable or adjust the granularity of logging events per device during the device registration or from the LWM2M configuration tab of the existing device. When enabled, log events are visible in the device’s events. Lifecycle events are the default selected option. The global configuration from the LWM2M Service for enabling event logging has been removed. For more details see LWM2M device registration advanced settings and LWM2M configuration.
By default, the LWM2M service serializes binary data of a resource such as Opaque type to a byte array in Cumulocity representations. This functionality is now deprecated and will be changed in the future to the hexadecimal string format. For now the default serializer is still serialized to the byte array and the format can be switched only on the instance level. This change affects the way the data is represented in Cumulocity objects (operations, values displayed in the Objects tab). It does not affect the communication with LWM2M devices.
Previously, auto refresh was only available in certain parts of the application, such as the Alarms page, “Alarms” widget and “Map” widget. With this change, auto refresh can now be enabled globally in any dashboard. This means that the data displayed in widgets, that support this functionality and have it enabled, will be automatically updated at set and common intervals, without the need to manually refresh or set their intervals separately. The impact of this change is an improved user experience as users will always see the most up-to-date information without having to take any additional action.
Previously, when a device had no type property assigned, the dashboard template section in the dashboard settings was hidden. Now, in this case, the section is visible but information is provided that the dashboard template is only enabled when a type is added to the device. Moreover a button is provided which navigates the user to the device view in the Device Management application.
It is now possible to extend the alarm details view with custom tabs. This allows developers to display any kind of additional information in the context of an alarm. Existing alarm details remain unchanged but can now be enhanced with additional custom tabs.
As part of the ongoing modernization efforts to migrate the UI to Angular, the “Data points table” widget has now been migrated from AngularJS to Angular. This change improves the performance, maintainability and consistency of the widget with the rest of the application. The widget now offers enhanced features including:
All existing functionality remains unchanged, ensuring a seamless transition for current users.
To enable users to easily export datapoints from Cumulocity, a new generic datapoint export selector has been implemented. This new component allows users to select the time range, export type, aggregation (based on the export type) and file format for the datapoint export. Depending on the size of the datapoint records to be exported, the exported file is then generated and downloaded directly or emailed when ready. The datapoint export component makes it much simpler for users to get the device data they need out of Cumulocity in their desired format.
To improve the maintainability in the application, the translations are now loaded from a dedicated application. Previously, the translations were scattered across different parts of the codebase, making it difficult to manage and update them consistently. With this change, all translations are consolidated in a single location, simplifying the process of adding, updating, and maintaining translations. This change does not have any direct impact on end users or the functionality of the application, but it contributes to a cleaner and more organized application infrastructure.
The Custom properties tab in the tenant details has been improved by moving extraneous information to a new Limits tab providing a cleaner and more consistent interface.
To provide a better overview of the resource limits and quotas configured for a tenant, a new Limits tab has been added to the tenant details page. This tab allows to configure the maximum number of devices, requests, and queue sizes for the tenant. With this change, tenant administrators can now easily view and manage the resource limits for their subtenant.
See also Setting limits.
Support for ID tokens provided by external IAM servers has been added and can now be used in the authentication process via single sign-on (SSO). Previously, only access tokens were supported by the Cumulocity platform. Now, the administrator can decide through the configuration whether user data retrieved from the external server, such as first name, last name, phone number, email, and roles, should be loaded from the access token or the ID token.
Previously, the add asset functionality in the subassets view only allowed to create child assets within existing hierarchies. With this change, users can now create root-level assets as well as complete asset hierarchies based on predefined asset models. This enhancement provides greater flexibility creating asset hierarchies through the UI.
In the “Data point graph”, “Data point table”, and “Event list” widgets configuration, the default option in the Date selection field has been changed from “Widget configuration” to “Dashboard time range”.
To improve the usability of the Alarms page, alarm filtering by a date range has been implemented. Users can now filter alarms by specifying a start and end date, allowing to narrow down the displayed alarms to a specific time period. This change enhances the alarm management experience by providing more granular control over the alarms being viewed, making it easier for users to focus on relevant alarms within a desired timeframe.
In the Cockpit application, it is now possible to disable or enable the dashboard manager in the Application configuration page. By default, the dashboard manager is enabled.
Angular has been upgraded to version 18.2.11 and the Web SDK has been updated to 1021.0.4.
In an upcoming version the dashboard manager module will be extracted from the Cockpit application and added as a separate plugin.
This change might be a breaking change as the dashboard manager module will no longer be part of @c8y/ngx-components/context-dashboard, but will be part of @c8y/ngx-components/dasboard-manager.
This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as the dashboard manager from now on will be loaded lazily (that is, only after main application is loaded).
The section on Service terms has been further enhanced. It now also contains
Several legal notices documents have been added to the product documentation, such as Privacy Notice, Third Party Information and License Terms and Conditions. For details, see Legal notices.
This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.
Starting from version 10.20.155.0, the Microservice SDK is now using Spring Spring Boot 3.3.x, which marks the end of the recent dependency updates published in quick succession. Notice that along Spring Boot, most other dependencies were also updated to eliminate all security vulnerabilities those dependencies had.
Because of the amount of changes we also published intermediate versions to help with the upgrade process of all the applications using the SDK.
Version 10.20.150.1 contains a fix for the previously announced version 10.20.150.0 for applications configuring additional servlets. Use this version when updating your application to Spring Boot 3.0. For details refer to the Spring Boot 3.0 Migration Guide.
Version 10.20.151.1 is based on Spring Boot 3.1 and is recommended as an intermediate step to limit the amount of changes done at once. For details refer to the Spring Boot 3.1 Migration Guide.
Version 10.20.153.1 is based on Spring Boot 3.2 and is another recommended intermediate step. For details refer to the Spring Boot 3.2 Migration Guide.
Finally, when upgrading to version 10.20.155.0 based on Spring Boot 3.3, refer to the Spring Boot 3.3 Migration Guide.
When deleting or modifying a global role, an administrator can now ensure that changes take immediate effect by using a new option to log out all users assigned to that role.
To provide developers with more guidance on how to use filter chips in their applications, codex examples for filter chips have been added. The examples demonstrate how to implement filter chips in various scenarios and highlight best practices. With these new codex examples, developers can more easily understand and leverage filter chips in their own applications, enabling them to create more intuitive and user-friendly filtering experiences.
To support developers in utilizing hookServices in their applications and plugins, documentation and examples have been added to the Cumulocity Codex. The documentation provides an overview of the hookServices API and suggests use cases for it. It also includes a code sample demonstrating widget plugins sharing a common state via an externally injected service. With these new resources available, developers should find it more straightforward to integrate hookServices into their projects, enabling them to extend and customize functionality as needed.
Previously, when an error occurred on logging in via SSO, the plain HTML error text was displayed in the browser.
With this change, optional Redirect to the user interface application configuration has been added which allows displaying the error text as a standard UI error message.
The new configuration parameter is optional and does not affect current SSO configurations.
Using this option requires updating the “Valid Redirect URIs” in the authorization server with the value “<tenant_domain>/apps/*”. For details, refer to Custom template configuration.
The device profiles view has been migrated to a data grid. The data grid provides a more modern and user-friendly way to view and manage device profile items compared to the previous list view. The data grid offers enhanced features such as sorting, filtering, and pagination, making it easier to find and work with specific items.
In previous versions, the operation c8y_ua_command_ProcessMappingsForDeviceValues failed entirely if any single mapping failed. The new behavior allows the operation to continue reading nodes even if some nodes cannot be read due to bad status codes. Although the operation will still be marked as failed, all readable nodes will be mapped. Additionally, the result and failure messages have been improved to indicate which nodes failed and which were successful.
The DTM plugins component now includes a new asset properties widget module, which enhances the functionality of the existing “Asset properties” widget. This includes:
The module is designed for easy integration into any Cumulocity application. In future releases, this widget will replace the current “Asset properties” widget across all Cumulocity applications.
To improve the documentation of UI components, a Codex example has been added for the CountdownInterval component. This example demonstrates how to use the CountdownInterval component in an application, showcasing its functionality and configuration options. Developers can now refer to this example to better understand how to integrate the CountdownInterval component into their projects, making it easier to implement countdown functionality in their applications.
As part of continuous improvement efforts, the illustrations used in various sections of the Cockpit user interface have been updated. The new illustrations provide a fresh and modern look while still effectively conveying the intended message or concept. This change enhances the visual appeal and user experience of the Cockpit interface without impacting any functionality or existing user workflows.
The Apama Docker images are now available at public.ecr.aws/apama, and can be viewed at https://gallery.ecr.aws/apama/. Previously, they were available at softwareag/, and viewed at https://hub.docker.com/u/softwareag.
Within any Dockerfiles that use the Apama images, you will need to change FROM softwareag/<IMAGE>:<TAG> to FROM public.ecr.aws/apama/<IMAGE>:<TAG>.
The location of Apama within the image has been moved from /opt/softwareag to /opt/cumulocity. Existing images remain unchanged.
Previously, warning messages were logged when input events were dropped by an Analytics Builder model because they were delayed beyond the reorder buffer duration. In addition to the warning messages, an alarm is now raised when input events are dropped. The alarm provides improved visibility compared to relying on viewing log messages, which is especially useful for multi-tenant Streaming Analytics microservices where it may not be possible to view the logs at the parent tenant. See Analytics Builder dropped events for more details on the alarm.
This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.
Starting from version 10.20.150.0, the Microservice SDK is now using Spring Spring Boot 3.0.x. Please follow the Spring Boot 3.0 Migration Guide to upgrade your applications when updating to that or later versions of the SDK. To make the migration process easier we recommend first updating to version 10.20.134.0 with JDK 17 and later to version 10.20.140.0 with Spring Security configuration changes, if it was not already done.
To provide more clarity and improve validation when configuring widgets, type information has been added to the widget configuration. Previously, the widget configuration did not include any type information, which could lead to confusion and misconfiguration. With this change, each configuration property now specifies its expected type, such as string, number, or Boolean.
To enhance the user experience and functionality a new select component has been introduced. This update includes significant changes that may require action from developers.
Key features:
c8y-select component will need to be updated.Required actions: Developers must select one of the following options:
c8y-select components to the new interfacec8y-legacy-select to maintain the current functionalityTo improve the usability of the alarms overview, filtering for specific alarm types has been added. Users can now select which alarm types they want to see in the overview by using the new filter options. This allows users to focus on the alarms that are most relevant to them, making it easier to identify and address critical issues in a timely manner.
The deprecated ILabels interface has been removed from the Web SDK. Instead, the ModalLabels interface is used.
For better clarity, the Position in navigator field in the dashboard settings has been renamed to Position in tabs.
As part of ongoing efforts to modernize the look and feel of the Cumulocity UI, the branding colors and the logo have been updated and aligned with current design trends. For example, the brand logo has been relocated to the bottom of the navigator to enhance user focus on navigation elements, reduce visual competition with the app icon, and optimize space utilization. This change provides a refreshed visual appearance throughout the Cumulocity UI, without impacting existing functionality or user workflows, but it could imply a need to review any custom branding applied as some design tokens have been updated or removed. Additionally, the link color is no longer related to the branding color and needs to be updated if a branded link color is wanted.
As part of keeping the Cumulocity platform up-to-date with the latest web technologies, Cumulocity has been upgraded to use Angular 18. This upgrade brings the latest features, performance improvements, and bug fixes from the Angular framework to the Cumulocity platform. The upgrade to Angular 18 should be largely transparent to users, with no visible changes to the user interface or existing functionality. However, any custom widgets or plugins developed for previous versions of Cumulocity may need to be updated to ensure compatibility with Angular 18.
The LWM2M specification allows devices to send an empty payload when there is no data to report. In case of an empty payload, no content-type is required. Previously, LWM2M agents would reject messages with an empty payload and no content-type. Now, these messages will be accepted and processed as intended.
To improve readability and consistency, the titles of device management application now use title case (Device Management) instead of sentence case (Device management). The functionality of the entities remains the same, only the casing of the titles has been modified.
In earlier LWM2M agent versions, device location updates occurred only when the device provided complete location object data. Now, updates happen whenever both latitude and longitude resources are reported together.
In the past, the bulk action control did not receive the IDs of the selected items, which made it impossible to display a bulk action conditionally based on the subset of selected items. With this change, the selected item IDs are now passed to the bulk action control showIf function.
The wizard for bulk registering LWM2M devices to Cumulocity provides default bulk registration templates. These templates have been updated to reflect new properties including the X.509 security mode.
When creating a duplicate of a local smart rule, it is now possible to select an asset from outside of the hierarchy. A duplicate of the rule is now created in the context of the selected asset.
Previously, when creating a new dashboard, it would open in view mode which required an extra click on the Edit button to start editing the dashboard. With this change, newly created dashboards now directly open in edit mode. This allows users to immediately start editing and configuring the new dashboard, saving them a click and making the user experience more intuitive.
This is a follow-up on a recent announcement about migrating the Microservice SDK to Spring Boot 3.
As a second step of this process, starting from version 10.20.140.0, the Microservice SDK is now using Spring Security 5.8. This change enabled a migration preparing for Spring Security 6.0 to be performed in the Microservice SDK following this migration guide. We recommend all users of the Microservice SDK to also follow that guide when updating their applications using the updated version of the SDK.
Note that following the changes in the MethodSecurityExpressionHandler configuration described here, the methods provided by com.cumulocity.microservice.security.service.SecurityExpressionService that were previously configured using a custom SecurityExpressionRoot extension, are now available via an independent bean definition named c8yAuthz. This means that, for example, the expression isCurrentTenantManagement() will no longer resolve and needs to be prefixed by the bean name instead @c8yAuthz.isCurrentTenantManagement(). This allows customers to easily add their own security expression extensions, if needed.
To improve the user experience in Analytics Builder, the On value change option of the Mode parameter in the Pulse block has been renamed to On value change (excluding to false). In addition, the block reference has been updated to clarify that for a boolean input, a pulse is only sent when the input changes to true (not false).
The text fields in the “Send measurement”, “Create alarm”, and “Send event” functionalities used to be limited to 100 characters. This limitation has been removed, allowing you to enter longer text without restrictions.
The configuration repository has been migrated to a data grid. The data grid provides a more modern and user-friendly way to view and manage configuration items compared to the previous list view. The data grid offers enhanced features such as sorting, filtering, and pagination, making it easier to find and work with specific configuration items.
The Extract Property block in Analytics Builder now includes a new optional checkbox called Ignore Separators In Property Path. This allows you to extract a property that has a separator such as a period (.) in the property name.
For example, if the Ignore Separators In Property Path checkbox is selected and the Property Path parameter is specified as location.city, then the property name location.city is extracted from the input value.
For compatibility, the previous behavior remains as the default, that is, the new checkbox is not selected by default.
The deprecated JWT authentication with Cumulocity has been removed. This change will only impact you if your organization used an early version of single sign on (SSO) on Cumulocity. For details, refer to the earlier announcement.
In a future version, we will update Angular to version 18 and update our base branding. This update brings improvements and new features, but may also introduce breaking changes that could impact your existing implementations. When updating to this new version, please verify your branding, especially the logo position, as it has been modified.
To ensure a smooth transition to Angular 18 and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.
This is a follow-up on a recent announcement about migrating Microservice SDK to Spring Boot 3. As a first step of this process, starting from version 10.20.134.0, the Java SDK and Microservice SDK are now both using Java 17 both on the source as well as the runtime level. This means that using Java 17 is now a minimum requirement for using the Microservie SDK.
We are pleased to announce an upcoming update to the Spring Boot version used in the Microservice SDK. The new version will be Spring Boot 3.3.3, which will also bring updates to several third-party libraries and frameworks. These mandatory changes will include:
Minimum required Java version: 17 (currently Java 8)
Jakarta EE 9+ baseline
Spring Security: 6.3.3
Spring Framework: 6.1.12 (currently 5.3.24)
HTTP Client: 5.3.1
Impact: Each of these updates may impact your microservices, potentially requiring code changes.
Rollout: The update will be available in Continuous Deployment (CD) versions starting in Q4 2024 and in versions of the next annual release 2025. A separate announcement will be made to confirm the CD version containing the change.
Migration Resources: Refer to the following guides for assistance with the changes:
Notifications 2.0 subscriptions may specify the Cumulocity APIs to subscribe to, for example alarms or measurements.
Subscriptions may use a wildcard value (*) for the API selector, indicating that the subscription should include all available APIs.
If the API selector is omitted from a subscription request, it is treated as equivalent to using the wildcard value.
Currently, a tenant context subscription using the wildcard API selector will deliver updates from a subset of the available APIs. See the Notifications 2.0 subscription REST API documentation for details on the current tenant context subscription behaviour.
In future, such subscriptions will also deliver updates from the operations API.
This applies to subscriptions that were created before the change is enabled, as well as new subscriptions.
For example, after this change is enabled, an application that POSTs the following request to the /notification2/subscriptions endpoint may receive operations updates, regardless of when the subscription was created:
{
"context": "tenant",
"subscription": "testSubscription",
"subscriptionFilter": {
"apis": [
"*"
]
}
}
Applications using the wildcard API selector in tenant context subscriptions should be prepared to receive operations updates in addition to the updates they were previously receiving.
To avoid disruption, application developers should either:
ensure that their applications can handle operations updates, or
include an API selector
before this change is enabled.
The change will be enabled in the Cumulocity CD deployments no earlier than January 15, 2025. It will also be included in the 2025 yearly release. A further announcement will be published when the change is enabled.
A new subassets view module has been added to the DTM plugins component, which includes official DTM plugins and enables integration with both default and custom web applications. This module allows users to efficiently view and manage subassets. In future releases, it will replace the existing subassets view in other Cumulocity applications.
In the Subassets page, instead of the key of the default location property, its label is displayed for improved user experience.
For simplicity, “model” has been removed from the asset model sample names. Additionally, the descriptions and UI layout have been improved to ensure consistency.
Real-time updates have been improved to ensure that changes made by concurrent users to asset models are immediately reflected.
The DTM microservice has been renamed from “dtm-ms” to “dtm”. REST endpoint paths have been updated accordingly, replacing the “dtm-ms” segment with “dtm”. Users will not perceive any change. However, they may need to manually unsubscribe and uninstall the older version.
The subasset module, which was originally imported from the ngx component, has now been replaced with the official plugin from the dtm-plugins component. This change maintains all existing functionality while enabling easy integration of module with both default and custom web applications.
In the New asset model page, the Asset models and Asset model samples tabs have been removed for a more focused user experience as they are not required for creating a new asset model.
The Platform service-level agreement now provides a more precise definition on how Cumulocity manages the Cumulocity platform service for your tenants and what might be possible limitations and responsibilities that you should be aware of.
Previously, the Alarm Input and Event Input blocks did not use the the correct source time for an update operation when the Ignore Timestamp checkbox was not selected. Instead, the creation time of the block was incorrectly used to schedule the input events. This has been fixed and alarm and event updates are no longer missed by the model. When the Ignore Timestamp checkbox is not selected, the input blocks now use the last update time of the block to schedule the input events in case of update operations.
In the user documentation, information has been added on how to register and delete LWM2M devices using the REST API, see Registering LWM2M devices.
The custom firmware update URL has been replaced with a standard firmware definition that points to an external URL. Right now this parameter is still available and takes precedence over any other option, but it will be removed in future LWM2M agent versions.
Cumulocity provides connectivity monitoring capabilities for which a required interval needs to be defined. For LwM2M device, this is automatically set by the LWM2M agent based on the registration lifetime. However, if the value is set manually, it will be overwritten by the LWM2M agent after each registration or registration update. This behavior can now be disabled both globally or for specific devices, allowing users to define the required interval independent of the registration lifetime.
Previously, the LWM2M agent could only cancel observations using the “reset” method. With this change, the LWM2M agent can now also use “GET with observe” method to cancel observations.
To improve security, the LWM2M service can now ignore packets from predefined source ports.
Previously, the LWM2M agent supported write operations in “Replace” mode only. With this change, write operations can now also be sent in the “Partial Update” mode using the “writep” command.
To improve the user experience and to ensure consistency, the firmware list has been migrated from a simple list view to a grid view.
The branding editor allows users to create a unique and consistent branding across their applications, improving the overall user experience and making it easier to align the application’s appearance with corporate design guidelines.
We have made significant improvements to our branding editor, offering a more robust and user-friendly experience for managing brand identity across multiple applications.
New functionalities:
Functional improvements:
To simplify plugin development and deployment, support for module-less plugins has been added. With this change, plugins no longer require a module to function, allowing to implement and deploy plugins more easily. This impacts plugin developers who can now create plugins without the overhead of a module and users who can benefit from a wider variety of available plugins that are simpler to install and use.
To improve the user experience, the links in the model editor and EPL editor for renaming a model or EPL app have been renamed to Model settings and App settings. Previously, these links displayed the name of the model or app. These names are now displayed at the top of the editor page.
Previously, adding Cumulocity schematics to Angular projects initialized with the standalone flag set to true failed. This issue has been addressed. Now, when integrating Cumulocity schematics into standalone Angular projects, the standalone flag is automatically set to false. Full support for standalone projects will be implemented in future updates. This interim solution allows developers to use Cumulocity schematics with projects initially set up as standalone, though with standalone features disabled.
The Add Asset module has been moved from the Digital Twin Manager (DTM) application to the newly created DTM plugins component. This component consists of modules from DTM as official plugins, enabling their integration into default and custom web applications. The Add Asset button will continue to be available in the standard DTM interface.
To ensure users agree to the service terms for microservice deployment when uploading a microservice, a new text acknowledgment has been added to the microservice upload dialog.
Previously, a new user received an email with a link to set their password. Now when the checkbox Send password reset link as email is cleared, the User must reset password on next login option is selected by default. This means the new user must change their password during their first login.
The Expression block in Analytics Builder has been updated to allow you to concatenate string and non-string values, similar to EPL. This is useful, for example, if you want to specify an expression like the following: “The current temperature is " + input1 + " degrees Celsius”.
The Counter block in Analytics Builder has been updated to allow you to set a maximum value for each counter independently. This change was made because it was difficult and cumbersome to create periodic behavior in Analytics Builder, and it gives more control over counting in general. The following new parameters are available for this purpose:
The counter in question can then loop. Depending on the setting of the corresponding checkbox, the counter either resets its corresponding output port (Count or Number Same) to one, counting the first input after reaching the maximum value, or it stops counting when reaching the maximum value and must then be reset manually. For compatibility, the previous behavior remains as the default. Note that the Reset input port resets both counters. If this is a problem, you must use a separate Counter block for each counter. See the description of the Counter block for detailed information on the new parameters.
Offloading pipelines may fail permanently, for example, due to an invalid offloading configuration or a wrongly configured data lake. In a future release Cumulocity DataHub will automatically stop permanently failing offloading pipelines.
Cumulocity now supports the ability to infer the full certificate chain from an intermediate certificate, enabling devices that are only able to send the device certificate to connect to Cumulocity. For full details refer to Device authentication.
The “Alarm list” widget is used to display alarms in dashboards and other places in the Cumulocity UI. Previously, child alarms were always shown which could lead to information overload for users monitoring many alarms. With this change, a new toggle has been added to the widget configuration which allows showing or hiding the child alarms in the alarm list. This provides users with more flexibility to customize the widget to their specific use case and makes it easier to focus on the relevant top-level alarms.
The Cockpit application has been split into further plugins. This allows admins to tailor the Cockpit application to their needs without any coding effort. They can now easily remove certain plugins and thus certain features which they do not want to include in their Cockpit application. The following plugins are now available:
To enable application developers to more easily select alarms and events in their custom applications, a new reusable alarm and event selector component has been introduced. For details refer to the Cumulocity Codex.
Starting with Q1 2025, the Cumulocity platform enforces name and context-path manifest fields naming restrictions for custom microservice deployments. You can verify the correctness of your microservices by uploading them via the UI or REST API. If this is successful, your configuration is correct. For details on the name and context-path fields, refer to Microservice manifest > Settings.
To improve the documentation around internationalization, the “Internationalization” section of the Cumulocity Codex was updated. The changes provide more detailed information and guidance on how to handle translations and localization in applications. This impacts developers who want to make their applications available in multiple languages, giving them better resources to understand and implement internationalization best practices.
To improve security, user administrators can no longer explicitly set passwords for device users. This change prevents an attacker from having access to all device users, in case the administrator account is compromised. In case of losing the device password, the device must be registered again.
Making Cumulocity more secure we have added a check on upload to ensure microservice settings do not contain any line feed characters such as HttpGet, exec, and TCPSocket of type Probe, aligned with items in the Kubernetes PodSpec.
The documentation of the SNMP device protocol has been moved from the user documentation to the public GitHub repository: cumulocity-examples.
In the Asset model samples page, the “Wind Turbine” and the “Solar Power Plant” sample asset models have been added. These samples serve as an example to help you quickly get started with your own asset modeling.
Improving the security for the Microservice SDK we have decided to restrict the initial configuration of the Spring Boot actuator endpoints (POST access to the /loggers endpoint) to the administrator roles only.
The version numbers for the frontend and backend are no longer displayed in the right drawer of the Streaming Analytics application. Instead, details on all components can now be downloaded via the Download platform details button. This change simplifies the UI for the majority of users.
The link from the Cumulocity UI to the documentation for the Edge component was previously outdated. With this change, the link has been updated to point to the correct location in the documentation. This ensures that users can easily access the relevant information and guidance for using the Edge component without encountering any broken links or navigation issues.
The Service-level agreement for Microservices deployment now provides a more precise definition on what is included in the Microservice Hosting functionality for your custom microservices. It also describes how you can benefit best from the service.
The Home page has been enhanced so that you can investigate the current status of your offloading pipelines. The status includes which offloadings are currently running, which ones have recently failed, and which ones have completed successfully.
The editor for managing additional result columns of an offloading pipeline has been enhanced with convenience tooling for exploring nested data. Using sample data retrieved from the corresponding Cumulocity base collection, you can interactively browse through the structure of the data in order to determine which specific sub-structure you want to offload.
Previously, icons that could not be used when a model was active (that is, in read-only mode) were shown as disabled in the model editor’s toolbar. To improve usability when in read-only mode, icons that cannot be used (such as the save icon) are no longer displayed in the toolbar.
When adding a new model or when editing the name of a model in the Streaming Analytics application, you can now resize the Description field. This is helpful when editing or viewing a longer description, including the case of the samples that have very detailed descriptions.
As published earlier (in the release notes for release 10.15), Cumulocity has announced the availability of Microservice API version 2 and the deprecation of API version 1 to comply with new security requirements. Microservice API version 2 provides an improved microservice container security context restricting the invocation of privileged Linux Kernel APIs. Today Cumulocity announces the creation of alarms when subscribing a tenant to microservices still using API version 1. In Q3 2024 Microservice API version 1 will be removed from Cumulocity SaaS instances and in the yearly 2025 release. If not done yet migrate your microservices to API version 2. Refer to Microservice migration to API version 2 in the user documentation to understand how to accomplish this. Otherwise your microservices in Cumulocity SaaS instances may stop functioning in Q3 2024 or in environments using the yearly 2025 release.
For the offloading of the measurements collection Cumulocity DataHub offers a TrendMiner mode, which is designed for the specific interaction with TrendMiner. This mode is deprecated and will be removed in a future release as the integration with TrendMiner will be discontinued.
The services component was previously an integral part of the default Device Management application. With this change, the functionality for services has been modularized into a plugin. By default, users will still have access to services within the Device Management application. However, if not needed, the functionality can be removed by deactivating the plugin. This approach offers flexibility for users who may or may not require certain functionalities within the application.
The Advanced Software Management functionality was previously an integral part of the default Device Management application. With this change, the Advanced Software Management service has been restructured to function as a separate plugin. It remains included by default but now offers the flexibility to be added or removed as needed.
Previously, alarms could not be shared as they had no unique link to reference them, for example in mails or chats. With this change, each alarm gets an unique link. This allows to share alarms and navigate between alarms more easily.
In some situations, managed object operations in Cumulocity could take an unexpectedly long time without providing any feedback to the user. For more transparency, an alert is now shown in the UI when a certain operation exceeds a specific duration.
If a user upgraded one of the default web applications (for example, Cockpit) after it had been cloned, it would only include the plugins that the application had offered during the initial clone/installation of the application. If additional self-imported plugins were introduced in the upgraded version, these would not have been present when using the application.
This especially caused issues when features of applications which were previously present as standard Angular modules were migrated to self-imported module federation plugins, as these features were missing until the plugin was manually installed to the application.
To fix this issue, an exclude list for these self-imported plugins has been utilized, in addition to the already existing include list used for the usual plugins.
Previously, the asset selector did not show the currently selected element by default, requiring users to always manually search for and select the desired asset. With this change, the asset selector now automatically displays the selected element when opened. This improvement streamlines the user workflow by eliminating the need to repeatedly locate and select the same asset, saving time and effort.
To provide a better user experience when displaying hierarchical data in a data grid, expandable rows have been introduced. With this change, users can now expand or collapse rows in the data grid to show or hide nested information. This allows for a more compact and organized presentation of data, especially when dealing with complex hierarchies or large amounts of related information. The expandable rows feature seamlessly integrates with the existing data grid component, providing a consistent and intuitive way for users to interact with and navigate through the displayed data.
Documentation has been added on how to style the shell application via plugins. For details, refer to the Cumulocity Codex.
The Codex documentation provides information about developing applications with the Cumulocity platform. To make it easier for users to understand and use dynamic forms in their applications, the Dynamic forms page in the Codex documentation has been extended. For details, refer to the Cumulocity Codex.
A dashboard manager view has been added to streamline the management of device type dashboards. This view aggregates and displays a list of all dashboards assigned to specific device types. From this list, dashboard templates linked to device types can be viewed, edited by navigating to a particular instance and templates can also be deleted if needed.
As announced earlier, a redesign of the alarms feature has been introduced with both visual and functional enhancements.
Visual and UX enhancements:
Functional improvements:
As announced earlier, the report module has been extracted from the Cockpit application and added as a separate plugin.
This is a first step towards removing the reports module entirely and replacing it with the dashboard manager.
This change might be a breaking change as the reports module is no longer a part of @c8y/ngx-components/context-dashboard, but is be part of @c8y/ngx-components/report-dashboard.
This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as reports from now on will be loaded lazily (that is, only when users navigate to the Reports page).
To provide more flexibility for configuring applications, Cumulocity now supports loading dynamic options from application-specific paths. With this change, each hosted application will load its dynamic options from a path that includes the application context path. This allows application-specific configurations to be loaded dynamically.
The Cockpit application would now load it’s dynamic options from: /apps/public/public-options@app-cockpit/options.json while it previously did so from: /apps/public/public-options/options.json.
This change was done as a preparation for upcoming changes to the branding manager.
JWT authentication with Cumulocity has been deprecated since release 10.6 and will be removed in Q3 2024 for the SaaS instances and in 2025 for the yearly releases.
This authentication method is not to be confused with SSO (single sign-on) or OAI-Secure authentication, which are both recommended and still supported.
This change will only impact you if your organization used an early version of SSO on Cumulocity.
For customers on the public cloud instances we will get in touch with you if you are using this type of authentication.
For self-hosted or self-managed instances you need to do the following:
Ask your Operations team to run this script. This will verify
whether any tenant collections have an authenticationProviders configuration and
if any tenant has the tenant options configured with the category token.publicKey.
If either an authenticationProvider configuration or the tenant option token.publicKey category exists this indicates that the deprecated JWT is, or was, used in the past. In this case you need to check your external services for use of the JWT authentication and change it to use either SSO or OAI-Secure. These two methods provide a better and more secure approach to authentication.
These methods are documented here:
In the Import dialog for asset models, users can now see Child asset models and Asset properties columns in the preview step.
When adding child asset models or asset properties to an asset model, those already added will no longer appear in the dropdown list.
The “Replace device” functionality is now delivered as a self-hosted plugin by the Device Management application. This way, the functionality can easily be removed from the application if not needed.
Additionally, the device replace wizard was made more extensible by introducing hookable interfaces (hookDataGridActionControls and hookService).
It is now possible to directly create operations for generated OPC UA devices. This does not apply to all OPC UA operations. Only node-specific operations can be executed on that level. General operations such as address-space scan are still only allowed on the OPC UA Server. An additional configuration (gateway.operation.validateDeviceOperationNodes) has been added to enable/disable a validation check if the node-specific operation is done on a node which belongs to the device. If the check is enabled the opcua-device-gateway executes the operation after validation. If the node doesn’t belong to the device node list an alarm is created.
The ManagedObject event has a unique way of handling c8y_Position fragments that have the parseable float values added to their position property, and all other values added to their params property. All other events of the Cumulocity transport API simply add the fragment as a whole to their params property. This has made it cumbersome to robustly copy c8y_Position to a ManagedObject from another event and vice versa. To make this easier, two new helper actions have been added to the ManagedObject event to populate ManagedObject from a c8y_Position object, and conversely create the object from the ManagedObject event.
action setC8yPosition(any c8y_Position)
This new action sets the ManagedObject using the c8y_Position object. This must be of the form dictionary<string, any>, but is validated prior to use. Example:
on all Event(type="locationUpdate") as evt
{ ManagedObject mo := new ManagedObject;
mo.id := evt.source;
mo.setC8yPosition(evt.params.getOrDefault("c8y_Position"));
send mo to ManagedObject.SEND_CHANNEL; }
action getC8yPosition() returns dictionary<string, any>
This new action produces a c8y_Position style object from the ManagedObject. Example:
evt.params["c8y_Position"] := mo.getC8yPosition();
To enhance the user experience, a switch has been added to the authentication settings, which allows to disable/enable case-sensitivity in usernames. When the switch is turned on, username validation will now treat uppercase and lowercase letters as distinct, requiring users to enter their username exactly as it was set. This affects all users.
The deprecated hookDeviceGridAction has been removed. Instead the recently introduced hookDataGridActionControls should be used. It gives more control over data grid actions, such as allowing actions to be added to any data grid or to override existing actions.
A new SmartREST template has been added. Using the template ID 150, it is now possible to set the list of Cloud Remote Access protocols supported by a device.
In the upcoming version the report module is extracted from the Cockpit application and added as a separate plugin.
This is a first step towards removing the reports module entirely and replacing it with the dashboard manager.
This change might be a breaking change as the reports module will no longer be part of @c8y/ngx-components/context-dashboard, but will be part of @c8y/ngx-components/report-dashboard.
This change does not affect the layout and UX of the Cockpit application nor does it add any new functionalities. As a side effect, a performance improvement might be noticed as reports from now on will be loaded lazily (that is, only when users navigate to the Reports page).
The Components > Forms > Dynamic forms page in the Codex has been extended with additional details and examples to better explain the concept and usage of dynamic forms.
In the past, private smart rules had the property contextData in c8y_Context, even if the rule did not use it. This is no longer required. Private smart rules can now be created without the contextData property, to avoid storing redundant data in the database. This change only affects the creation of new private smart rules. Existing smart rules are not impacted.
Users can now order the complex property keys by dragging and dropping them using the drag icon which appears on hovering over the row.
Support has been added for retrieving JWT session tokens with X.509 certificates via REST API for devices. For details, refer to the Device authentication user documentation.
To simplify the login process, tenant administrators can now activate an option which allows users to log in with case-insensitive usernames or aliases.
LWM2M can now pass core link resources to external decoders. In addition, the user documentation has been extended to better explain how the platform passes LWM2M resource data to decoder microservices.
It is now possible to build an application with the –zip argument. This will generate a ZIP archive which contains the application and its dependencies in addition to the regular build artifacts.
The following utility functions have been added to the TimeFormat event library to help with comparing and manipulating datetimes. As with the existing functions, the new utility functions work for the local time zone, an arbitrary time zone and, where appropriate, the UTC time zone.
dateComponent: Gives the datetime for the previous midnight in the time zone at the given datetime.timeComponent: Gives the number of seconds since the previous midnight in the time zone at the given datetime.daysSinceEpoch: Gives the number of Julian days since the beginning of the epoch at the given datetime.getOffset: Gives the offset in seconds of the time zone from UTC at the given datetime, taking into account any daylight savings that may be being applied.getRawOffset: Gives the base offset in seconds of the time zone, that is, without daylight savings applied.For example, there are two ways to check if it is midnight in your local time zone:
float now := currentTime;
// Method 1
if TimeFormat.dateComponent(now) = now
{
// It's midnight.
}
// Method 2
if TimeFormat.timeComponent(now) = 0.0
{
// It's midnight.
}
For usage information, see the API Reference for EPL (ApamaDoc). This is available in Apama 10.15.5.
In the upcoming version, a redesign of the alarms feature will be introduced with both visual and functional enhancements.
Breaking change
AlarmsWidgetModule from @c8y/ngx-components/widgets/implementations/alarms. To use the new alarms view only, users must import the AlarmsModule from @c8y/ngx-components/alarms.Visual and UX enhancements:
Functional improvements:
In a future version, we will update Angular to version 17. This update brings improvements and new features but may also introduce breaking changes that could impact your existing implementations.
To ensure a smooth transition and help you to adapt your implementations, we will provide an upgrade documentation when this change happens. This documentation will help you navigate through the changes and update your codebase accordingly.
In the upcoming version, we will introduce redesigned dashboards with both visual and functional enhancements as well as new functionalities.
Visual and UX enhancements:
Functional improvements:
New functionalities:
For details refer to Working with dashboards.
Messages processed by Notifications 2.0 are stored persistently by the Cumulocity Messaging Service until they have been delivered to, and acknowledged by, all interested consumers. Likewise, messages processed by the microservice-based data broker are stored persistently until they have been delivered successfully to the destination tenant.
The current persistent storage limits for these services are considered too large for typical use cases, which can lead to excessive resource consumption and consumers being forced to process outdated messages after a disconnection.
Therefore, these limits will be lowered to better align with the expected usage patterns of the services.
These changes will take place not less than three months from the date of this announcement, on or after July 1st, 2024.
Message backlog quota
Persistent messages are stored in a “backlog” until they are received and acknowledged. The maximum size of a backlog is determined by the “backlog quota” limit, which directly affects the number of unacknowledged messages that can be stored and therefore the resource consumption of the platform. If the quota limit is reached, no new messages can be added to the backlog until some older messages have been consumed and acknowledged.
For Notifications 2.0, a separate backlog exists for every unique subscription name used with the /notification2/subscriptions API. This backlog is shared by all subscriptions using the same subscription name, and by all consumers attached to that subscription. For the microservice-based data broker, a separate backlog exists for each data broker connector.
Summary of changes to message backlog quota limits:
| Service | Current Limit | New Limit |
|---|---|---|
| Notifications 2.0 | 2 GiB | 25 MiB |
| Microservice-based data broker | 2 GiB | 50 MiB |
For example, assuming an average message size of 200 bytes, each Notifications 2.0 subscription will be able to retain approximately 130,000 unacknowledged messages in its backlog. Similarly, each microservice-based data broker connector will be able to retain approximately 260,000 messages.
Message time-to-live
Alongside the backlog quota reduction, a new default message “time-to-live" (TTL) limit will be introduced. Any unacknowledged messages will be automatically deleted if they have been on the backlog for longer than the TTL limit. This policy helps to limit overall resource usage and reduces the need to process outdated data after a prolonged disconnection of a consumer or destination tenant.
Summary of changes to message TTL limits:
| Service | Current Limit | New Limit |
|---|---|---|
| Notifications 2.0 | ∞ (no limit) | 36 hours |
| Microservice-based data broker | ∞ (no limit) | 36 hours |
Additional details
The message backlog quota and TTL are configurable for each Cumulocity tenant. Message backlog usage will be monitored during the three-month transition period, to identify tenants that may exceed the new limits when they are enabled. The owners of such tenants will be contacted to understand their use cases and whether a non-default limit could be appropriate.
Please contact product support if you have any questions or concerns about these changes.
The text on the button in the Cockpit setup wizard has been updated. This change improves the clarity and consistency of the text for users going through the setup flow.
The measurement display line size has been increased in both the “Linear Gauge” and the “Silo” widget. This enhancement improves readability, making it easier for users to interpret measurements at a glance.
The input range component (c8y-range) can be used to show a slider to configure a range. The styling and documentation for this component has been improved to better suiting the overall styling of components and forms.
To improve the management and discoverability of services in Cumulocity, a new service registry has been introduced allowing services to register with the platform via hooks.
Previously, performing string.toDecimal() for a string with an invalid conversion resulted in a ParseException error. This now returns “0.0”. This was done to make the experience of using toDecimal() similar to using toFloat(). If you want the previous strict behavior, use decimal.parse() instead.
In the Analytics Builder model manager, the Import model command in the toolbar has been changed to a dropdown menu. This dropdown menu contains a new Paste command. If you click this command and the clipboard contains valid JSON code for a model, a card for the pasted model is shown in the model manager. This change complements the accessibility enhancement that allows the JSON for an Analytics Builder model to be copied to the clipboard by allowing the JSON to be pasted back into Analytics Builder after any changes have been made. In addition, the dropdown menu contains an Upload command. This has the same functionality as the Import model command from previous versions. See also Pasting a model and Uploading a model.
XSS protection has been enhanced in the “Asset notes” widget.
The JSDoc annotations have been improved. Changes include fixing broken links, updating outdated information, adding missing code snippets, and improving overall clarity. These improvements aim at providing developers with better references and guides when working with the Web SDK.
In the Subassets page of the Digital Twin Manager, the properties in the complex custom property were sorted alphabetically. Now, the sorting reflects the order specified by the user in the Digital Twin Manager.
The version numbers for the frontend and backend are no longer displayed in the platform UI. Instead, details on all components can be downloaded via the Download platform details button. This change was motivated by a component split resulting in many different components following different version number schemes. However, custom apps developed with the Web SDK may show a default version number if desired. Support requests should now always include the platform details information.
Improved the consistency of support of Enter and Escape keys (for save and cancel actions, respectively) on the following views: tenant details, user details, global role details, retention rule settings, branding configuration.
In the Subassets page, context help now provides more specific information if the displayed group is a smart group.
The tooltip for the “Use source timestamp” in the LWM2M device configuration has been improved to explain how the LWM2M agent makes use of timestamp information if reported by a device.
The Tracking tab in the device details has been migrated to Angular. The obsolete AngularJS module AssetTrack has been removed from the imports of the Device Management application (import @c8y/ng1-modules/devicemanagement-tracking/cumulocity.json). It is deprecated and will be removed in the future. With this change, an issue with incorrect results of custom date range filters has been fixed. Moreover, position marker popups have been made more informative.
The supported security modes, which are available for selection on the configuration page, are now retrieved dynamically from the LWM2M agent rather than being hardcoded in the UI.
The AngularJS module AssetTrack (c8y.parts.tracking) has been removed as it is now considered obsolete. To include device tracking in your applications you can now use the Angular standalone TrackingComponent (@c8y/ngx-components/tracking) or directly provide the trackingFeatureProvider environment provider.
In the Analytics Builder model manager, the Copy command has been added to the actions menu of a model. This is an accessibility enhancement that allows you to copy the JSON for an Analytics Builder model to the clipboard so that you can quickly paste it into a third-party editor. The JSON can then be read, for example, by a screen reader or in a higher contrast environment. The new Copy command is also available to read-only users. In addition, the Download command, which also appears in this actions menu, is now also available to read-only users. See also Copying a model and Downloading a model.
The Alarm, Event, ManagedObject and Operation events now no longer throw exceptions from the isCreate() and isUpdate() actions. If the event being checked was generated in EPL code, these two actions now simply return false. try ... catch blocks around these calls are no longer necessary if the event being checked was generated in EPL code.
EPL code that uses these actions therefore behaves more robustly because it no longer throws exceptions that, if not caught properly, cause the monitor or app to terminate.
In the unlikely case that the try ... catch block is used to intentionally check for internally generated events, you need to change the check to the following:
if not (evt.isCreate() or evt.isUpdate()) { ... }
In Analytics Builder, the dialog box that appears when you select a different input source or output destination for an input or output block now allows you to filter the entries that appear in this dialog box. By default, the dialog box displays all defined devices, device groups, smart groups and assets. This is the same as the previous behavior. If you also want to display other managed objects in the dialog box, you can now select the “Other” checkbox. See also Editing the parameters of a block.
The Apama-ctrl microservices now have Red Hat UBI 9 as their base operating system. Previously, this was Red Hat UBI 8. With version 9, security has been improved.
As announced earlier, see release 10.18, Cumulocity SaaS instances will gradually be switched to Linux cgroup v2 in the second half of the year 2024. Microservices must use a Linux cgroup v2 aware application runtime from then on. When executing microservices which are not compatible with cgroup v2 on Cumulocity in these versions it might happen that the information provided by the application runtime concerning available CPU and memory is not correct. This might lead to incorrect memory and thread allocation in the microservice container process.
cgroup is a Linux kernel feature to organize processes hierarchically and distribute system resources along the hierarchy in a controlled and configurable manner. Every process in the system belongs to one and only one cgroup. In Cumulocity cgroups are used to enforce container resource limits.
When using the Cumulocity Microservice SDK for developing microservices, ensure to configure a Java version which is cgroup v2 aware when building your microservice. When using Java 8, ensure to use openjdk8u372 or higher. When using Java 11, use Java 11.0.16 or higher, or use Java 15 or higher. When using a server runtime other than OpenJDK Java as microservice application runtime, refer to the documentation of the provider.
The user documentation and the tooltip for the Use source timestamp in the LWM2M single device registration have been improved to explain how the LWM2M agent makes use of timestamp information if reported by a device.
The LWM2M agent realtime subscription for device operations now has a limited Time-To-Live (TTL) duration. The default TTL duration is 3 minutes. This setting may be configured on platform level.
The default handling of object instance actions for LWM2M objects 3, 4 and 6 can now be turned off. In addition, the default server-side firmware update state machine for object 5 can be disabled. These settings can be enabled/disabled in the device´s LWM2M configuration in the UI.
The password can now only be changed by the currently logged-in user. Administrators can no longer change the password and email for other users.
The auto-registration option in trusted certification does not support devices communicating via the LWM2M protocol. This information has been included in the tooltip on the Trusted certificates page and in the user documentation.
In the Subassets view, a “Replace device” option is now available in the context menu of every supported device. Previously, the “Replace device” option was only available in the All devices page. Moreover, a Replace device button has been added to the “Device status” widget on the Info tab in the device details. This functionality does not support LWM2M devices.
For LWM2M devices, it is now possible to switch off the sending of empty measurement/event/alarm/custom actions data for individual resources. Moreover, you can toggle on/off or optionally skip empty values for all resources using the LWM2M device protocol at once.
A new default property “Location” has been introduced. Add the Location property to the desired asset model to assign co-ordinates or select the location on a map while creating an asset.
The bulk import template now shows any default values that are set for asset properties.
The DTM version is now displayed in the right drawer under the Platform info section.
During the creation of asset models, asset properties and assets, upon entering input in the Key field, if the value entered is invalid then an error message will be shown, and if the value is valid and all required fields in the form are filled, the Save button will be enabled - no need to click outside the field. With de-bouncing implementation, the API requests are triggered after a short delay following the last key entry, significantly reducing the frequency of calls and enhancing the responsiveness of the application.
Key value pairs in a complex property can now be ordered as needed by entering the desired order in the Order field.
A search function has been added to the asset model dropdown when creating new assets.
Renamed the column heading Keys to Identifier and the column heading Terms to Translation in the Localization page.
Users now receive validation errors when incorrect exponential values for asset properties are entered in number type fields during asset creation.
Non-mandatory steps that are skipped during the creation of an asset instance are now distinguished by a grey-colored tick.
DTM URLs have been modified to reflect the naming conventions followed for DTM entities.
Optimized calls to the backend from the Assets property and Asset model page.
Access to the bulk import feature can now be controlled using Cumulocity global and inventory roles.
Filters that apply for columns in the Localization page are now saved automatically.
Previously, two links for downloading diagnostics information were available at the bottom of the Streaming Analytics application. These links have been moved. They are now available when you click the User button in the Streaming Analytics application to display the right drawer. The right drawer now displays these links in a new Diagnostics section. See also Downloading diagnostics and logs.
In addition, the right drawer now also provides a Documentation section with links to the Streaming Analytics documentation.
As announced earlier, see the release notes for release 10.17, to improve security, from a future version, user administrators will no longer be able to explicitly set passwords or email addresses for other users in the tenant. This change prevents that an attacker could have access to all users, in case the administrator account was compromised. Note that the administrator will still have the option to force the user to reset the password on the next login or disable the user.
In order to address security vulnerabilities (CVE-2022-3509, CVE-2022-3510, CVE-2022-3171), the third-party software “protobuf-java” has been updated from version 3.19.2 to version 3.19.6.
The performance of the Inventory API GET /managedObjects has been improved.
The performance of GET requests on the /user/users endpoint has been improved.
The query language used by the managed objects API has been improved. You can now search for fields with null values. MTM-52677
The alarm status and severity are now case-insensitive. When searching by alarm status active the API also returns alarms with status ACTIVE. The same applies for the alarm severity, that is, searching for critical alarms also returns CRITICAL alarms. Alarms with status active and acknowledged are now subject of alarm deduplication.
The ExplainQuery result info has been extended by the algorithm used when performing queries for a user with inventory roles:
GET {{url}}/inventory/hierarchy/info/management
Example: {“algorithm”: “Legacy” }
Possible results: Legacy, LimitedSourcesAcl, PostFilteringBySourceAcl, SingleSourceAcl, HierarchyAcl, SingleAgentAcl, SingleDeviceAcl, SingleAgentAndDeviceAcl.
Support of automated persistence of measurement values under the c8y_LatestMeasurements fragment has been introduced. If a measurement is created with a series that matches the configuration the device managed object is updated with the last series sent to the platform.
For details on how to enable the feature and how it works, refer to Managing data.
As of a future version, the full text search functionality will only include the following properties:
_idnametypeownerexternal idA text search functionality corresponds to a text parameter of GET {url}/inventory/managedObjects.
Example: When executing the following query: GET {url}/inventory/managedObjects?text=c8y_MajorDevice only the properties id, name, type, owner and external id will be examined.
This change improves the user experience of the text search functionality by returning more relevant managed objects. At the same time it improves the Inventory API performance.
This change will be implemented after a 3-month period at the earliest.
A new text index has been introduced for the GET /inventory/managedObjects endpoint. By default it only includes the following fields:
_id, type, name, owner, externalIds
If users do a search from the UI or via the Inventory API, the text parameters are now sorted by relevance making it easier to see the more appropriate data returned.
In the single sign-on configuration page, users can now enable and configure the external token validation process.
The OpenSSL command for generating a “signed verification code” for Proof of Possession has been enhanced to include additional encoding functionality.
It is now possible to copy web applications with versions (packages) and web applications with SHARED availability. For applications with versions, by default the application with the “latest” tag is copied. The new application has a single version and no tags. If you want to copy different versions of an application, you can specify the query parameters “tag” or “version” (only a single version). For details, refer to the Cumulocity OpenAPI Specification.
The repository-connect microservice now offers to sync packages that include a versioning matrix which allows to filter exactly the versions to be synced. Versions which are not included in the matrix but uploaded to the platform will be removed by the microservice.
Searching for items has been improved by filtering on applications, features, microservices and extensions lists.
To improve usability, the package availability (SHARED or PRIVATE) can now be set in the package upload wizard.
The dependency on org.json:json has been removed from the Java SDK.
The dependency on com.jayway.jsonpath:json-path has been removed from Java SDK.
Dependencies on org.eclipse.jetty:jetty-* were updated to version 9.4.51.v20230217.
The Spring Boot dependency has been updated to version 2.7.11.
With the introduction of auto-generated SDKs, we provide an always up-to-date developer library with the purpose to facilitate the development of Cumulocity microservices in different programming languages including C#.
The new auto-generated SDKs make our existing Microservice SDK for C# obsolete. For this reason, the Microservice SDK for C# has been removed from our public product documentation.
To learn more about using the auto-generated SDKs, refer to our respective GitHub repository.
The location view in the Device management and Cockpit application has been migrated to Angular. The map provider, the location search, and the map layers are now configurable via application options or tenant options. The angular.js module @c8y/ng1-modules/devicemanagement-location for location was removed and must be migrated or at least removed on update of a custom build application.
In the Device management application, a wizard has been implemented which guides users through replacing a physical device with another one. The replacing device must be registered in the platform in advance and is removed after the replacement procedure has been completed.
Users can now customize the dashboard on the Info tab in the device details. Widgets can be moved and resized, and new widgets can be added from a list of available widgets. The dashboard can be reset anytime to the default dashboard settings. By default, the “Asset notes” widget has been removed.
If the last version of a software is deleted, the software is entirely removed from the repository.
It is now possible to remove a file when updating its file property within a complex property of an asset.
If a pending device in the registration list has been accepted, the device is now removed from the list instead of the list showing the “accepted” status for the device.
In subasset views, smart group filters are now represented by a filter chips dropdown instead of displaying the raw text filter.
In the Software tab in the device details, currently the Filter by software type dropdown in the Installed software list and the Install software modal shows types based on existing types in the software repository. This has been changed to show only the supported software types announced by the device in its c8y_SupportedSoftwareTypes fragment. If a device has not announced supported software types, then again all available existing software types are listed.
As announced earlier, see also release 10.17, shared classes, components and services from the @c8y/ngx-components/device-grid are deprecated. Those deprecated items have now been removed.
This change only affects you, if you or your development team use the Web SDK to extend Cumulocity UI applications or to build your own web applications. If you use the device-grid functionalities, check the deprecation documentation and alter your code accordingly. Refer to the deprecations in the WebSDK resources documentation for the device-grid service. Other deprecations for reference are also marked in this documentation.
A versioning matrix can now be added to the cumulocity.json of a blueprint/plugin. When a blueprint/plugin is installed, its version is validated against the platform version. If the versions are incompatible a warning is shown.
The Web SDK has been upgraded to Angular 15.
The context help and other help links point to a documentation website defined by the application option docsBaseUrl. This option now supports the {{ version }} placeholder, which allows the administrator to choose whether to use versioned or unversioned documentation links. By default, versioned links will be used.
In release 10.16.0.0, core re-usable data-grid-related components and services have been moved to the @c8y/ngx-components. The initial implementations were deprecated and have now been removed.
A new activeClassName input has been added to the data-grid and device-grid components. It can be used to define a class name to be appended to the last clicked row in the grid. Its default value is “active”. This option can be deactivated by setting the input value to an empty string.
In the data grid component, a new filter overview dropdown has been added. It displays all active filters in one place and allows users to remove filters. For custom column implementations, the WebSDK allows developers to provide their own logic to display active filters as items in the filter overview.
Shell applications now wait with their initial navigation until all plugins have been loaded. This allows, for example, to directly navigate via a link to a route which is provided by a plugin.
Data grid components no longer persist their current page. After reloading they always return to the first page in the list.
References to the deprecated classes ComponentFactory and ComponentFactoryResolver have been removed from the @c8y/ngx-components library.
Scaffolding an application that uses the remotes application option via the c8ycli now also updates the context path used in the remotes application option.
The Impact connectivity feature has been removed from @c8y/ngx-components and @c8y/ng1-modules packages.
When installing a plugin and the tenant has no custom applications, it is now possible to duplicate any existing application.
The grid used in dashboards for placing widgets now supports 24 instead of 12 columns. This allows finer-grained positioning of widgets on dashboards. In case you share the same dashboards between different application versions, we strongly recommend you to upgrade to a version that includes the fix MTM-55923.
If a user with minimal permission tries to delete a device an error message showed up stating “Could not delete device.” Now, together with the failure message, the reason of failure is displayed.
It is now possible to change the aggregation for all widgets in a dashboard that support the dashboard context functionality at once. The following widgets support the dashboard context aggregation: Data points graph, Data points graph 2.0, Data points table.
The endpoint validation happening during the connection to an OPC UA server can now optionally be disabled. This can be done in the gateway configuration by changing the gateway.connectivity.validateDiscoveredEndpoints setting to “false”. Alternatively, it can be controlled via the OPC UA server managed object by setting the fragment validateDiscoveredEndpoints to “false”. For details, refer to OPC UA.
To be able to provide more information in input fields on the expected input, dynamic form fields now support HTML markup in their description.
The configuration flag fwResetStateMachineOnStart has been added to control if the LWM2M agent resets the firmware update state machine on the client at the beginning of a firmware update. The default of this flag is true which matches the existing behaviour of the LWM2M agent. It is available in the device registration settings.
Added the SmartREST static template 201 for creating measurements with multiple fragments and series.
Added the SmartREST static template 125 for sending heartbeat from a device.
Added the SmartREST static template 507 for changing the device operations status from EXECUTING to FAILED. The operations can be filtered by type. The template is intended for facilitating an operations cleanup after a crash.
If an asset custom property in the Digital Twin Manager application is declared as required and complex, all of its sub-properties are required too.
Two new LWM2M shell commands have been added.
executelegacy command allows LWM2M execute requests with non-standard LWM2M parameters. The behavior of this operation resembles the semantics of the existing execute operation until version 10.15.coap shell command enables making raw CoAP requests to devices to facilitate non-standard communication in exceptional cases.For details, refer to Handling LWM2M shell commands.
If a widget supports realtime, it can now be linked to the dashboard real-time context to disable/enable realtime on dashboard level. The following widgets support the real-time dashboard context: Data point graph, Data point table, Event list, Map.
If a complex location property is set in the Digital Twin Manager application, the map is now visible in the asset view and users can select a location on the map.
The performance of the migrateLwm2mDevices operation has been improved. New command line arguments have been introduced with the operation. A list of legacy LWM2M devices can be specified directly from the shell command. Moreover, the migration of the LWM2M client registration objects can be skipped by using an argument.
For details, refer to Migration of the LWM2M devices. [DM-1866]
The details of a LWM2M device now show a LWM2M configuration tab which replaces the LWM2M bootstrap parameters tab. The new tab is better structured and allows detailed configuration. It contains all configuration options of the former LWM2M bootstrap parameters tab as well as additional setting options:
For details, refer to the LWM2M user documentation.
If the new LWM2M configuration tab is not displayed and the LWM2M bootstrap parameters tab is displayed instead, the LWM2M agent is installed in an older version that does not yet support the new tab.
The Device management home page now also provides a customizable dashboard which lets users add customized widgets.
The asset selection in the datapoint selector is now filterable.
As announced earlier, see also release 10.17, at least one query parameter limiting the affected data will now be required to prevent accidental deletion of too many objects during a bulk delete operation. This change affects the following APIs:
DELETE /alarm/alarms requires at least one of the following parameters: source, dateFrom, dateTo, createdFrom, createdToDELETE /event/events requires at least one of the following parameters: source, dateFrom, dateTo, createdFrom, createdToDELETE /measurements/measurement requires at least one of the following parameters: source, dateFrom, dateToThe following time range options have been added to the export configuration: “Last 24 hours”, “Last 7 days”, “Last 30 days”.
LWM2M device connections with X.509 certificates are now supported. The X.509 security mode can be selected separately for the Bootstrap server and the LWM2M server either during device registration or, for existing devices, by using the new LWM2M configuration tab. The Certificate Authority that issued device certificates must be added and enabled in the trusted certificates in the tenant.
Together with this change also the following changes are introduced:
Now all LWM2M device security modes can be selected separately for Bootstrap server and LWM2M server connections. This can be defined either during the device registration or using the LWM2M configuration tab of the device.
Under Connectivity in the LWM2M configuration tab, the Bootstrap or LWM2M server connection can be disabled for a device.
During device registration, the “PSK generated” option can be selected for LWM2M Server connection to make LWM2M agent to generate the PSK ID and PSK key credentials for the device. These will be set to the device during the bootstrap process. For details, refer to the LWM2M user documentation.
The MongoDB Java driver has been upgraded to the latest version 4.10.2.