Bug Fixes

• Fixed bulk selecting functionality on resource groups when multiple roles are assigned

• Fixed audit tickets not updating their status properly

• Fixed ticket creation failures in Jira Service Management projects when required fields were missing

Improved

• Updated manual sync toast notifications to automatically close after success or failure states

Added

• Added ability for Admins to turn off Request Review Delegation

• Added owner names to bundles on catalog

• Added ticket propagation support for Jira Service Management projects for self-hosted Jira instances - the reporter will now be set for JSM projects and the links to the tickets will direct to the customer-facing URL rather than the agent URL

• Added a link to propagation tickets created for requests on non-admin request views

• Added support for setting the Request Type field for Jira Service Management issues when Issue Types are associated with Request Types

Improved

• Improved event naming consistency - GROUPS_ADDED_TO_GROUPS events now show up as ROLE_ASSIGNMENTS_CREATED

• Improved event naming consistency - GROUP_GROUPS_UPDATED events now show up as ROLE_ASSIGNMENTS_UPDATED

• Improved event naming consistency - GROUPS_REMOVED_FROM_GROUPS events now show up as ROLE_ASSIGNMENTS_DELETED

• Improved Jira ticket linking for JSM projects to use customer-facing URLs instead of agent URLs

• Enhanced Jira integration to always set the reporter field to the person making the request in Opal - if the email does not exist in Jira, a customer account will be created

Bug Fixes

• Fixed configuration template edit button not redirecting to the edit page

• Fixed Jira bug for self-hosted Jira instances where access tickets could not be linked to requests

User Experience Improvements

• Added hovercards to Owners' Source Group label for better information discovery

Bug Fixes

• Fixed Resource Edit form tooltips not appearing to ensure proper guidance during form completion

Feature Enhancements

• Added support for roles in CSV uploads for custom apps
• Updated search to correctly show the logo for Resource Apps instead of the logo for their parent Apps.

Bug Fixes

• Fixed the 'Create UAR without Scope' warning modal incorrectly appearing when only scoping by group types

• Fixed bulk expiration button showing incorrect expiration option on first load

Self-hosted only

• Replaced Bitnami Redis images with Opal-hosted alternatives (On-prem customers must upgrade to this version by 08/28/2025)

New Functionality

• Added the ability to delegate access request reviews to other organization members. Schedule delegates from Settings > Delegates, accessible from your user profile in the lower left corner of the dashboard

Bug Fixes

• Fixed groups in the Group Access table and Group Details modal not being clickable

• Fixed an issue with API-initiated access requests having a broken support ticket when no support_ticket parameter is passed.

• Fixed search functionality on the sent tab of requests

User Experience Improvements

• Improved end user details interface by separating ID and link copy buttons for better usability

New Functionality

• Admins can now download requests from the admin tab

Bug Fixes

• Fixed UAR cells getting cut off to prevent content truncation in the user interface

• Fixed inventory tag and inventory owner links to navigate to the correct tab on the details page when clicked

• Fixed requests incorrectly indicating requested assets as never used

User Experience Improvements

• Improved owner escalation policy validation to prevent setting values below 5 minutes or above 1440 minutes

New Functionality

• Added custom date option to bulk expirations menu

• Added connector group and connector resource app identifiers to sublabels and hovercards

• Added ability to filter inventory/owners by specific users

Feature Enhancements

• Reworked access rules failsafe threshold for better accuracy

  • The threshold is now evaluated against additions and removals separately (as opposed to cumulative changes)
  • The threshold no longer has a 20 user minimum, this will make the failsafe useful for smaller single-team rules.

• Updated notification styling

Bug Fixes

• Fixed GitHub connection creation sync failure

Self-hosted only

• Added support for SMTP connections on port 25, with or without STARTTLS

Feature Enhancements

User Experience Improvements

• Added explore to the KBar
• Improved request approver flow with slight visual changes
• Added a new table view in User Settings to display active request reviewer delegations, making it easier to manage and track who can review requests on your behalf
• Added manager full name and manager ID to user export CSVs
• Display Role name on soon to expire notification subevent table

Search and Filtering

• Enhanced search filter on Inventory group users or resource user tables to now filter on names, email, or position
• Added the ability to filter resources by remote ID and resource type in the Resources API, enabling more precise resource lookups based on external system identifiers

API Enhancements

• Added REST Public API support for Github Org Roles

Bug Fixes

• Updated errors to include more details when Jira credentials are incorrect

Self-hosted only

• Added ability to tune memory requests and limits for some key opal pods

Feature Enhancements

Access Review Improvements

• Enhanced Resource Preview with pagination, sorting, and filtering capabilities
• Added pagination and sorting to Group Preview, improving performance for large datasets
• Replaced "Other Reviewers" column with a comprehensive list view instead of an icon

API Enhancements

• Added ability to request all resources a user has access to via the API

Integrations

• Added support for GitHub app installations
• Implemented app validations for Tailscale and allow authentication via OAuth instead of API keys
• Enabled automatic provisioning of Snowflake users
• Updated roles dropdown under User Access tab on resources

User Experience Improvements

• Changed resource creation flow to use modal instead of full page
• URLs are now clickable links in custom field descriptions and labels
• Performance improvements for the Risk Center

Bug Fixes

• Fixed issue where Soon To Expire notifications were being sent multiple times for the same asset
• Fixed conjugation/pluralization issue in Request Ticket banner
• (Self-Hosted only): Resolved a bug in Kubernetes manifest formatting that was preventing upgrades

• [Airgap Self-Hosted Only] Fixed a bug where customers could not toggle dry-run/read-only modes, nor update org-wise notification settings.
• [Self-Hosted only]: Fixed a bug in kubernetes manifest formatting that prevented upgrades.