2.6 Changelogs
v2.6.2
Released: 2025-10-16
Access Grant Service
Bugfix
Linking an Access Grant to an Access Request using the request predicate now correctly updates the status of the Access Request at the query endpoint. Usage of the newly introduced verifiedRequest predicate is unchanged.
v2.6.1
Released: 2025-09-29
All services
Security Fixes
CRITICAL: Fixed mTLS configuration for internal provision endpoints introduced in 2.6.0.
v2.6.0
Released: September 2025
Services
Platform Management Service
Additions
New Platform Management service enables administrators to provision user accounts and resources before users access the system. For more information, see Platform Management Services.
HTTPS API for administrative user provisioning supports bulk user onboarding and preparation of user environments in advance.
When upgrading to ESS 2.6.0, the Platform Management service should use the same database that is used by the Purger service.
Authorization Service
Updates
Enhanced to manage more dynamic, fine-grained and extensible authorization checks other than ACP. It can now manage authorization of access for Agents, WebID + Storage root resources and other ESS Endpoints. The new permission models allows Service Account Agent access to resources on a User's behalf during provisioning in admin mode before activation.
WebID Service
Updates
The
webid-createdaudit event no longer includes thenamefield in the actor section.Service now allows Service Account Agent access to WebID resources on a User's behalf during provisioning in admin mode before activation.
Storage Service
Updates
Service now allows Service Account Agent access to Storage resources on a User's behalf during provisioning in admin mode before activation.
Access Grant Service
Updates
Service now allows Service Account Agent access to issue Access Credentials on a User's behalf during provisioning in admin mode before activation.
Start Service
Updates
Improved agent authorization checks with the Authorization service.
Provision Service
Updates
Improved agent authorization checks with the Authorization service.
Notification Service
Updates
Improved agent authorization checks with the Authorization service.
Purger Application
Updates
Base directory changed from
kubernetes/bases/ess-purger-job/tokubernetes/bases/platform/ess-purger-job/as part of the Platform Management service collection.
All services
Updates
New configuration variables have been introduced to configure the keys used for message encryption on Kafka (see the Kafka configuration doc page for details):
INRUPT_KAFKA_MASTER_KEYS_<key-id>defines keys which can be used for encryption and decryptionINRUPT_KAFKA_ACTIVE_KEY_IDdefines the active key-id used by message producers for encryption
Last updated