• Fixed health status indicator link.
• Fixed missing tooltips on resource, group, and app detail pages.
• Fixed an issue where leading and trailing whitespace in access level names and remote IDs could cause unexpected behavior in access request.

Fix logic for evaluating conditions in request configurations.

• Fixed an issue with missing app names in UAR when the app doesn't have the right visibility for the reviewer user.
• On-prem Only: Update may be slow due to database update.
• Added an option to enable automatic failsafes for Access Rules. Failsafes will trigger in case of pending large changes to the rule user membership and automatically pause the rule.
• Access Rules can now be paused. User membership will not be automatically synced for paused rules.
• Fixed an issue where indirect assignments to NHIs were not displaying correctly in the Resources table.

• Added App Name under item to "Has Access To" column in UAR. This will aid assignments in case of groups or resources with the same name.

• Forced logout due to an invalid auth session now preserves the current URL
• Fixed an issue that may cause long 'propagation error' and access request slack messages to fail to send.
• Improved error handling in access reviews to provide clearer feedback when user data cannot be loaded.

• Fixes a caching bug loading information about the user who started and ended UARs.
• Improvements to end user UAR item selection UI.

• Most visited items page will now also show items with recent sessions for the end user.

• Fixed an issue with incorrect redirect URLs when approving requests with OIDC MFA.
• Fixed a bug where Workday validation errors were shown as "Opal Internal Errors".
• Performance improvements for search and catalog.

• Added a share button to end user item detail cards to let users easily share links to items.
• Added description back to catalog item detail cards
• Custom resources now show their app name in UARs.

• (Self-Hosted only): Added an option to use Replicated's proxy registry in a helm-only install of Opal.
• Fixed a bug where filtering events within an item detail page would redirect to the catalog.
• Fixed a bug where admins would get an incorrect view of bundles in the catalog.
• Updated UI for the 'Roles' tab on the item detail page.
• Fixed an issue where Slack channels weren't getting deleted and/or their names were not updated in Opal.
• Fixed an issue where a user's access expiration could not be updated from the user detail page.
• Added app permission validations for Google Groups under the app's "Setup" page.
• Access Reviews now display the app name for custom resources.
• API: Fixed an issue where the /requests endpoint returned an unlimited amount of user access requests.
• Fixed an issue causing AWS Identity Center Roles to get deleted when their provisioning status becomes "Outdated" in AWS. This only affected AWS connectors with the "Auto-import provisioned permission sets for each account" import setting.