FEATURE Add new license key signing schemes: RSA_2048_PKCS1_SIGN_V2 and RSA_2048_PKCS1_PSS_SIGN_V2.
FEATURE Add cryptographic proofs for offline machine activations.
FEATURE Add account recovery flow to recover a lost account ID.
FEATURE Add ability to override the filename of a download using Keygen Dist via a filename query parameter.
FEATURE Add two-factor authentication to the Keygen Dashboard.
FEATURE Update autogenerated license key format to v3, allowing for much shorter and more human-legible license keys. This does not effect existing license keys, only new license keys.
FEATURE Update activation token format to v3, allowing for much shorter and more human-legible activation tokens.
FEATURE Update API token format to v3, allowing for much easier identification of a token's type.
FEATURE Add ability to specify a custom machine heartbeat monitor window.
FEATURE Add new administrative roles with limited permission subsets: support-agent, sales-agent, developer.
FEATURE Add invoice history and management to account billing.
FIX Fix issue causing some pagination cases to respond with a next page link even when a next page is not available, resulting in a possible infinite loop when traversing pagination when expecting a null next page value.
FEATURE Add expiry attribute to user and admin token generation endpoint, allowing you to specify when/if a given token expires.
FEATURE Update activation token permissions to be able to increment license usage (useful for incrementing usage in a client-side environment without an intermediary server).
FEATURE Add unassigned filter to licenses list endpoint.
FEATURE Add meta.tokenId to profile endpoint, containing the ID of the API token being used for the request.
FEATURE Add "whoami" headers to all responses: X-Keygen-Account-Id, X-Keygen-Bearer-Id, X-Keygen-Token-Id, representing the current account, the current user making the request, and the user's API token being used for the request, respectively.
FEATURE Add nonce parameter to license validation endpoints (which is then echoed back within the signed response body).
FEATURE Add additional rate limit headers: X-RateLimit-Window for the closest rate limiting window to being reached, X-RateLimit-Count for the request count within the current rate limiting window.
FIX Fix issue where machine deactivation was queued and performed asynchronously, which sometimes caused subsequent requests to the machines list endpoint to include the aforementioned deactivated machine (due to the deactivation process being async).
FIX Fix issue where the expired filter for the license list endpoint would not include licenses without an expiry when expired=false.
FEATURE Add ability to use a machine's fingerprint attribute within URL params in place of its ID (grated the fingerprint is a valid URL param).
FEATURE Add machine heartbeat system.
FEATURE Add active filter to users list endpoint.
FEATURE Add license validation meta, which includes the validation result, to payloads of license.validation.* webhook events.
FEATURE Add expired filter to licenses list endpoint.
FEATURE Add ability for admins to manually update a user's password.
FEATURE Add total pages and resource count to pagination meta.
FEATURE Add current timestamp to validation response: meta.ts.
FEATURE Add /v1/ping endpoint. Useful for testing if the Keygen API is reachable, e.g. firewall issues, lack of internet access, etc.
FEATURE Add support for webhook endpoints to subscribe to specific webhook events.
FEATURE Add request logging.
FEATURE Add support for named licenses.
FEATURE Add support for offline licensing using cryptographically signed/encrypted license keys.
FIX Fix issue causing some Accept headers to result in an HTTP 400 Bad Request response code.
FEATURE Add helpful error response and specific error code for requests containing: invalid JSON, invalid tokens, invalid encodings.
FIX Fix issue where machines without a user associated with it could contain invalid relationships.user linkage.
FEATURE Add ip and hostname filters to machines list endpoint.
FEATURE Add "protected" permission system to licenses.
FEATURE Add better debugging tools for webhook event delivery failures.
FIX Update license validation precedences, resolving an issue where machine-related validation-result codes would sometimes take precedence over invalid license state, such as the license being expired or suspended.
FEATURE Add policy filter to machines list endpoint.
FEATURE Add machine count to license payloads: relationships.machines.meta.count.
FEATURE Add permission for activation tokens to read machines of the license it belongs to.
FEATURE Add permission for activation tokens to validate the license it belongs to.
FIX Fix issue where password reset expiration date was incorrect within the email delivered to the user.
FIX Fix issue where regenerated tokens had an incorrect expiry value (was adding 2 weeks to the current expiry, when it should have been adding 2 weeks from the current datetime).
FIX Fix issue where license expiry could not be removed.
FEATURE Add ability to limit machine activation and deactivation counts for activation tokens.
FEATURE Update API token algorithm to v2.
FEATURE Add support for more detailed error pointers for resource relationship-related errors.
FIX Fix issue where a machine could be activated even after reaching the activation token's activation limit.
FIX Fix issue where nextCheckIn would display a non-null value for non-check-in licenses.