Release 10.15.0.536
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.526
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.519
Fixes
Component | Description | Issue |
---|---|---|
Java SDK | The dependency to org.json:json has been removed from the Java SDK. |
MTM-53340 |
Release 10.15.0.514
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.513
Fixes
Component | Description | Issue |
---|---|---|
Support user | When logging into the platform as support user, you were redirected to the Management tenant. This automatic redirection has been removed. Instead, the platform now sets a cookie for the domain of the logged-in tenant to preserve the original login context. | MTM-54617 |
Release 10.15.0.510
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.505
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.496
Fixes
Component | Description | Issue |
---|---|---|
Administration | The administrator can now change the global roles for the single sign-on user, based on the roles automatically mapped by the SSO service during the new user creation process. | MTM-55365 |
Release 10.15.0.488
Fixes
Component | Description | Issue |
---|---|---|
Authentication | When a user logs in using OAI-Secure and a password change is required, a PasswordResetToken is returned in the response header, enabling the password reset. |
MTM-55200 |
REST API | The data field has been removed from realtime API handshake responses where it was not required and always had a "null" value. |
MTM-55522 |
REST API | When removing an application that is used in SSO access mappings, the login configuration will be updated accordingly. | MTM-52943 |
Release 10.15.0.458
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.455
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue with an error message being displayed when switching between the Microservices and Applications pages using the navigator. | MTM-52865 |
Release 10.15.0.452
Fixes
Component | Description | Issue |
---|---|---|
Administration | Improved the performance of the user hierarchy management by reducing the number of server requests executed when expanding the sub-user list. | MTM-49969 |
Administration | In some cases log files of devices stored in the platform could not be downloaded from the Logs tab. This has been addressed by requesting with the correct user credentials. | DM-2471 |
Messaging Service | Fixed an issue where requests from the core platform into the Messaging Service could take a long time to complete, slowing down the response to HTTP requests and potentially preventing the platform from handling new incoming requests. For example, a request from the core platform to publish a message using Notifications 2.0 could block if the tenant had reached its quota for unconsumed notifications, only timing out after a long delay. This issue has been resolved by ensuring that Messaging Service requests that would have blocked now time out quickly. | MTM-53509 |
Messaging Service | Error handling for Notification 2.0 was improved for the unlikely case that Pulsar is unavailable. | MTM-48138 |
MongoDB | The MongoDB version shipped with Cumulocity IoT 10.15 is now out of support and we will therefore be upgrading all SaaS instances to MongoDB v5.0.18+. For self-hosted customers we recommend you to upgrade to MongoDB version 5.0.18+, if you have any further questions please contact Software AG Global Support. | MTM-54200 |
Notifications 2.0 | DELETE notifications for Notifications 2.0 subscriptions to specific managed objects - that is, subscriptions to the managedObjects API in the mo context - should now always be sent. Previously, these notifications were not reliably sent in all cases. |
MTM-54097 |
Release 10.15.0.434
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issues with cloning some of the default global roles (for example, "devices"). | MTM-45858 |
Administration | Fixed an issue where the Clear button on the Usage statistics page failed to remove applied filters. | MTM-50302 |
Authentication | Issues have been fixed with refreshing the session tokens when the OAI-Secure login mode is configured with two-factor authentication. | MTM-53559 |
Release 10.15.0.418
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.412
Fixes
Component | Description | Issue |
---|---|---|
Administration | Issues with the Ericsson DCP SMS provider when attempting to send an SMS have been resolved and outgoing requests are sent as expected to the Ericsson DCP API. | DM-2215 |
Authentication | Issues on refreshing the session tokens when the OAI-Secure login mode is configured with two-factor authentication have been fixed. | MTM-53559 |
MQTT | The error handling when publishing operations to MQTT devices has been improved. | MTM-53168 |
Release 10.15.0.393
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.386
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue where users which only had inventory roles could not add new groups. | MTM-52413 |
Release 10.15.0.377
Fixes
Component | Description | Issue |
---|---|---|
Core platform | Fixed an issue with paging parameters ignored for the GET /cep/modules endpoint. |
MTM-53160 |
Release 10.15.0.368
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue with the names of the files downloaded from the platform (for example, from the file repository or from event attachments). UTF-8 characters, for example, in the Japanese localization, are no longer missing, if the file name includes special characters like "+". | MTM-53056 |
REST API | The REST API endpoint /application/applications/{id}/logs so far required the role ROLE_APPLICATION_MANAGEMENT_ADMIN. This has been changed. The endpoint now requires either the ROLE_APPLICATION_MANAGEMENT_ADMIN or ROLE_APPLICATION_MANAGEMENT_READ. |
MTM-52028 |
Release 10.15.0.358
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue with the device request counter being increased while switching between standard applications (Administration, Cockpit, Device Management). | MTM-52579 |
Release 10.15.0.329
Fixes
Component | Description | Issue |
---|---|---|
Administration | UTF-8 characters are now supported in names of files downloaded from the files repository with the export functionality. | MTM-46346 |
Release 10.15.0.327
Fixes
Component | Description | Issue |
---|---|---|
Authentication | The performance of the first user requests sent after node restart has been improved. Prior to this change, there was an issue in rare cases where the number of all global roles in a tenant was close to but not exceeding 100, and many thousands of devices were concurrently trying to authorize MQTT connections on the restarted node. | MTM-52049 |
Release 10.15.0.309
Improvements
Component | Description | Issue |
---|---|---|
REST API | The performance of the Identity API GET /externalIds/{type}/{externalId} method has been improved. |
MTM-50837 |
Fixes
Component | Description | Issue |
---|---|---|
Administration | UTF-8 characters are now supported in names of files downloaded from the files repository with the export functionality. | MTM-46346 |
Authentication | On the Basic settings tab in the Authentication page, TFA (two-factor authentication) is now correctly shown as enabled if enforced by the platform. | MTM-49942 |
Performance | The performance of widgets like the "Data point list", "Data point graph" and "Data point table", has been improved for users with inventory roles access. Moreover, the performance of the Measurements tab in the Device Management application and the data explorer in the Cockpit application have been improved. | MTM-50693 |
Release 10.15.0.285
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue with incorrect titles on several application detail tabs. The page title now consistently shows the application name. | MTM-51150 |
Security | In the Cockpit application, several security issues in the HTML widget have been fixed. | MTM-50921 |
Release 10.15.0.278
Improvements
Component | Description | Issue |
---|---|---|
REST API | The performance of GET /identity/globalIds/{type}/{externalId} has been improved by only fetching the managed object ID from the database instead of the full managed object. |
MTM-50232 |
Release 10.15.0.263
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.262
Improvements
Component | Description | Issue |
---|---|---|
Authentication | The single sign-on configuration page is no longer accessible to users if the access to the single sign-on configuration object is forbidden for the tenant via the REST endpoint (HTTP error 403). | MTM-49970 |
Documentation | The URLs for the API documentation have been updated for more consistency:
- https://cumulocity.com/api for the landing page (no change). - https://cumulocity.com/api/core for the core API, pointing to the latest version. - https://cumulocity.com/api/core/[release] for the [release] release of the core API, where it was formerly https://cumulocity.com/api/[release]. - https://cumulocity.com/api/[product] for product APIs, pointing to the latest versions, where the products are: datahub, dtm, edge and oee. - https://cumulocity.com/api/[product]/[release] for the [release] release of the product API, where it was formerly https://cumulocity/[product]/api/[release]. |
MTM-48229 |
Fixes
Component | Description | Issue |
---|---|---|
Administration | Logging in with the support user is now possible even if the target tenant has basic authentication restrictions. Moreover, the tenant ID setup page will no longer appear for domains containing "localhost" or "127.0.0.1". | MTM-47230 |
REST API | The performance of the Alarm API has been improved for requests in which the resolved query parameter is used. | MTM-49450 |
Release 10.15.0.249
Fixes
Component | Description | Issue |
---|---|---|
Authentication | The two-factor authentication verification dialog does no longer show two Cancel buttons. | MTM-49935 |
Authentication | During the reset password process the tenant ID setup dialog was presented in certain cases instead of the reset password dialog. Now the reset password dialog appears correctly if the reset link is used. | MTM-50205 |
Single sign-on | To prevent potential misconfiguration, trial tenants created in the Software AG Cloud are by default not allowed to access the single sign-on configuration. Via a REST endpoint the Management tenant can restrict or allow the access to the single sign-on configuration for specific tenants. Refer to Configuration access in the User guide for more details. | MTM-49784 |
Single sign-on | The single sign-on configuration page is no longer accessible for users if the access to the single sign-on configuration object is forbidden for the tenant via the REST endpoint (HTTP error 403). | MTM-49970 |
Release 10.15.0.234
Fixes
Component | Description | Issue |
---|---|---|
Administration | The performance of the Users page has been improved. Loading root users with a large number of sub-users (100+) now takes less than 1s, while previously, with a larger number of sub-users (around 500), it took around 30-60s. Moreover, the request to fetch all children of a root user is now up to 10 times faster, depending on the number of sub-users and the number of their global roles. | MTM-45523 |
Data broker | The data broker no longer passes on the c8y_ActiveAlarmsStatus fragment from devices in the source tenant to the destination tenant. This is an internal setting which cannot be updated by the user and which is not required on the destination tenant. The propagation of alarms to the destination tenant is not affected by this change. |
MTM-49670 |
Release 10.15.0.218
Fixes
Component | Description | Issue |
---|---|---|
Administration | The report download link in the default email template for scheduled exports has been modified to ensure that the download of respective reports also works for users who have TFA enabled. | MTM-46345 |
Release 10.15.0.207
Fixes
Component | Description | Issue |
---|---|---|
Enterprise tenant | Due to a change introduced in release 10.14, when a certificate for an Enterprise tenant was uploaded with this version, it was persisted in a faulty way. Although it was possible to activate the certificate when using the new domain this certificate failed to be parsed and the platform certificate was returned as backup. This issue has been resolved. After activating the certificate, the new domain will now be served with the respective certificate. | DM-1658 |
Release 10.15.0.198
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.190
Fixes
Component | Description | Issue |
---|---|---|
Administration | Fixed an issue with inconsistent phone number validation between UI and backend in the user details page which in some cases prevented a user from being saved. | MTM-48171 |
Administration | The validation rules for phone numbers have been changed in order to support more formats. Prior to this change, issues occurred when provisioning new tenants with particular phone number formats. | MTM-42789 |
Release 10.15.0.175
Fixes
Component | Description | Issue |
---|---|---|
Core platform | Deleting managed objects is no longer asynchronous. Delete requests will be blocked until the managed objects and the related data are deleted. Once status code 2xx is returned by the platform, all related data have been deleted. Prior to this change, the platform returned status code 2xx immediately and the operation was running asynchronously. When the operation was unsuccessful the managed objects remained. The main reason for this change is to make the platform able to reliably delete large hierarchies. | MTM-48008 |
Release 10.15.0.172
Improvements
Component | Description | Issue |
---|---|---|
Administration | On creating a new property in the Properties library you could only use letters and digits for its name. Now it is also allowed to use underscores. | MTM-47277 |
Logging | The audit logging functionality for MQTT protocols has been extended and now logs every operation and error message sent from the platform to the device. | MTM-48101 |
Fixes
Component | Description | Issue |
---|---|---|
Data broker | The data broker connection handling between source and target tenants has been improved. Excessive resource usage for connectors using the operations API was reduced and it is now properly cleaned up. | MTM-48709 |
Core platform | The cached content-length header value is now always added only for HTTP/1.0 for the binary download endpoint GET /inventory/binaries/{moID} . This is done to correctly support the chunked Transport-Encoding for HTTP/1.1+ and fixes the issue where devices could not upgrade firmware because of the missing Transport-Encoding=chunked header. |
MTM-48010 |
Support user | Logging in with the support user is now possible even if the target tenant has basic authentication restrictions. Moreover, the tenant ID setup page will no longer appear for the domain containing "localhost" or "127.0.0.1". | MTM-47230 |
Release 10.15.0.114
Fixes
Component | Description | Issue |
---|---|---|
Bulk Operations | The memory usage has been reduced when processing bulk operation requests for large, dynamic asset groups (smart groups). This fixes an issue that occurred with smart groups containing a large number of assets. | MTM-44591 |
Security | To improve the security, several system options have been secured. To retrieve such a secure system option via REST API, the user must have the permission ROLE_OPTION_MANAGEMENT_READ. For details on the enhancements see the Cumulocity IoT OpenAPI Specification. | MTM-45838 |
Release 10.15.0.79
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.43
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
Release 10.15.0.25
Improvements
Component | Description | Issue |
---|---|---|
Administration | Duplicating an application is now directly possible from the application list. Moreover, the process of duplicating a subscribed application has been improved. The application name, key and path will now be kept from the original application per default. | MTM-45075 |
Administration | For users with TOTP enabled, the Enforce TOTP setup for the user checkbox is now disabled until the Revoke TOTP secret button has been clicked. | MTM-36755 |
Administration | The user creation API and the tenant creation API now require the email address property value as mandatory. | MTM-34357 |
Administration | A new value for the application "availability" property has been introduced: SHARED. SHARED is designed to share applications of type Hosted (web applications) inside the tenant hierarchies.
A query /application/applications?availability=SHARED&type=HOSTED , will return in the response applications owned by the current tenant, The Enterprise tenant parent (if the tenant has an Enterprise tenant parent), and the Management tenant, regardless of the subscriptions. However, the query will not return applications from child tenants, so the Management tenant will only show its SHARED applications.
Additionally you can now explicitly change the application availability with a PUT request with the values PRIVATE/MARKET/SHARED, which was not possible previously. The platform will not allow to change the availability to PRIVATE if the application is subscribed to any other tenant. |
MTM-45320 |
Authentication | When the preferred login mode is set to Basic Auth, then the Basic Auth restrictions are hidden, to avoid the situation that the user can turn on "Forbidden for web browsers" and then gets blocked from logging into the platform. | MTM-45534 |
Authentication | Users who are logged in with OAI-Secure do no longer have to logout after changing their own password. Accordingly, the information about a required logout will only be shown if the password has been changed for another user. | MTM-45720 |
MongoDB | Users who are interested to see the X-Request-ID value have it available now, as it now is propagated to the mongo queries and will be visible in MongoDB logs. | MTM-43239 |
Notifications 2.0 | The Notification 2.0 API has a new REST operation to unsubscribe a consumer from a notification subscription. It is also possible to unsubscribe a consumer over the WebSocket protocol. Refer to Notifications 2.0 in the Reference guide and Notifications 2.0 in the Cumulocity IoT OpenAPI Specification for the usage. | MTM-42417 |
Notifications 2.0 | The Notifications 2.0 API has been extended to explicitly support subscribing to events and alarms from a parent managed object and its child objects in a single subscription request. | MTM-46240 |
REST API | The measurement creation performance has been improved by removing redundant read requests during ingestion into the database. | MTM-44162 |
REST API | Responses to a GET request to /tenant/currentTenant now also return the parent tenant when queried with withParent=true . |
MTM-43806 |
Fixes
Component | Description | Issue |
---|---|---|
Administration | On duplicating a hosted application, the application manifest (cumulocity.json file) of the cloned application will now be updated if the application name, key or path has been changed. | MTM-45153 |
Administration | Blocked the possibility to create hosted applications with names starting with the "feature-" prefix. | MTM-21575 |
Administration | On editing subtenants, parent tenants can no longer delete the administrators phone number, if the phone number is a mandatory field (for example, if TFA is enabled). | MTM-46183 |
Administration | The performance of the Status tab in the application's details has been improved by avoiding excessive communication with the backend. Reducing the load on the backend also improves the overall platform stability. | MTM-45279 |
Audit logs | To support white-labeling, the term "Cumulocity" has been removed from the login audit log entries. | MTM-43936 |
Audit logs | The audit log descriptions in the Audit logs page have been unified towards consistently using the "OAI-Secure" term. | MTM-46177 |
Audit logs | Missing German translations for various fields and tooltips in the Audit logs page in the Administration application have been added. | MTM-43353 |
Authentication | Setting token and session timeouts to values bigger then 2^31 (or to invalid values such as text strings) do no longer cause the creation of incorrect sessions and do no longer lock out users. If an invalid value is used, the system uses the default timeout instead. | MTM-43735 |
Authentication | It is now possible to display all audit log entries related to auth configuration by filtering by "Tenant Auth configuration". | MTM-45072 |
Data broker | Vulnerable libraries inside the databroker-agent-server microservice were updated in order to address CVE-2020-36518. Update details: - pulsar-client updated from 2.8.2 to 2.8.3 - jackson-databind updated from 2.12.6 to 2.12.7 |
MTM-46149 |
Data retention | The performance for type-based retention rules has been improved. | MTM-45169 |
Enterprise tenant | On the Branding tab, only supported image file formats can now be set for:
- Favicon: *.ico - Brand logo: *.png, *.svg, *.jpg - Navigator logo: *.png, *.svg, *.jpg |
MTM-44754 |
Enterprise tenant | Subtenants of an Enterprise tenant can be created only inside the domain of that Enterprise parent tenant, for example, parent.example.com is allowed to create subtenants only under *.example.com. | MTM-41980 |
Single sign-on | The error message "Invalid Base64 string", which shows up when the IAM-token cannot be parsed, has been replaced by the more comprehensive message "Cannot decode token from authorization server. Check JWT token format and Base64 encoding". | MTM-45154 |
Single Sign On | Fixed the issue that you could not log in via SSO when an application or microservice used in dynamic access mapping was unsubscribed and removed from the tenant. | MTM-44548 |
Smart rules | It is now again possible to add smart rules for subscribed microservices, not only for applications installed directly on the tenant. | MTM-45519 |