• Pulse scans enabled

  • Updated icons used in the web UI

  • Display service version during the startup and register it in the discovery service

  • Automating nspect scans

  • Bumping lxml (pip) version to 4.9.1 to fix vulnerability

  • Support GFN SSO

  • Enable database vacuuming

  • Updated the idl.py package version to 0.16

  • Updated the websockets package version to 10.3


  • Updated dependencies to fix security vulnerabilities

  • Support NGC as an Authentication Provider

  • New property interactive in SSOSettings


  • [OM-49707] Allow passing API tokens to credential authentication

  • Fixed potential database spoofing for detecting registered accounts via Credentials.reset method

  • Updated idl.py to 0.13 to fix various issues with incorrect connection shutdowns


  • [OM-48861] Fixed an issue with incorrect validation of canonical-name response

  • Updated the idl.py package to the idl.py@0.10+master version due to memory leak issue


  • Updated discovery libraries to fix potential connection leaks for discovered interfaces

  • Use the email claim to populate user profiles via SAML

  • Use URI-decoding for SSO params sent to the authentication form


  • [OM-28229] Support API tokens

  • Helm

    • Fix Ingress class name

    • Added proxy-buffering annotations

  • Updated idl.py to support configuring WS_MAX_HTTP_LINE

  • Fixed an error occurred when clients sent refresh tokens signed with the private key that is no longer valid


  • [OM-42945] Optimize deleting expired refresh tokens

  • [OM-42533] Nucleus Cloud instance does not auto create the user folder as expected, better sanitize user name


  • Fix helm-tools scripts


  • [OM-38926] Support read-only users

  • Integrated package dependencies tracking through PACKAGE-DEPS.yaml

  • Fixed an issue where service couldn’t write its logs to a file

  • Introduced STATIC_MAX_HEADER_SIZE environment variable that allows to change the maximum header size for the static server

  • Support loading X509 certificate from IDPSSODescriptor instead of Signature for SAML metadata XML files

  • [OM-38922] Support CREDENTIAL_ACCOUNT_HARDENING env. var to restrict Credentials.register call and automatic user registration through Credentials.auth

  • [OM-35207] Disable “create account” link in the auth form in case CREDENTIAL_ACCOUNT_HARDENING is enabled

  • Support nonce argument to let clients subscribe to authentication results

  • [OM-42105]: updating auth service with newer discovery JS client and newer idl.py to implement healthchecks


  • Support user store to save and retrieve user data

  • Support Starfleet as an authentication source

  • Updated idl.py package version to idl.py@0.7

  • Updated omniverse.discovery.client.py package version to omniverse.discovery.client.py@1.4+main

  • Updated discovery libraries to use parallel connections for speeding up the routing

  • Fixed an issue where unicode usernames were allowed for new profiles made by system administrators

  • Fixed issues with displaying Unicode in the web UI


  • Support secure transport and path-based routing

  • Deprecated @omniverse/web-components library

  • Fixed text alignment on Linux for buttons displayed in the authentication form

  • Changed SAML implementation to read usernames from subject

  • Support specifying NameID format for SAML authentication

  • Authentication status page now detects errors when sending results back to the application that initiates the authentication

  • Fixed vulnerability that allowed to download any file from the deployed container


  • Internal build infrastructure changes

  • Linux fix for the client library


  • Use idl.cpp 0.14 for C/C++ libraries


  • Allow configuring used ports via System Monitor

  • Allow using dots and dashes to register internal accounts


  • Use Artifactory for PIP and NPM

  • Updated omni_config_py library to store data files in a new Omniverse location


  • Updated idl.cpp to 0.13

  • Added PIP and NPM licenses to Docker images

  • Fixed security vulnerabilities in JavaScript packages

  • Removed UAC for Windows


  • Allowed to update system accounts.


  • Introduced the authentication service. The service implements different types of authentication like LDAP, SSO, plain credentials and etc. and provides JSON Web Token (JWT) that can be used in other services to authenticate a user.