Release Notes
Key Manager UI - v0.2.0
Issued: March 6, 2026
Feature:
SKA (Smart Key Attributes) Module:
- KMS-8499: Full SKA-Module Support (Modify / Block / Unblock)
- SKA Policy Builder extended to support all 4 rule types (Use, Modify, Block, Unblock)
- Approval flow with real-time waiting dialog for multi-authorization operations
- Pre-populated policy editor when modifying existing key policies
- KMS-8581: Appealing SKA Workflow Success Dialog with visual confirmation for completed approval flows
- KMS-8531: Find keys by approver - filter key grid by assigned approver name
- Auto-enables attribute fetching when approver filter is active
- New "Approvers" column in key grid
Key Management & Compliance:
- KMS-8530: Added created date to key table
- KMS-8602: Audit log viewer with search and filter capabilities
- KMS-8603: Key lifecycle dashboard for monitoring key states and expiration
- KMS-8604: Policy-as-Code / Governance - define and enforce key management policies (on the Key Manager, not on API level)
- KMS-8605: Exportable compliance reports (PDF/CSV)
Administration:
- KMS-8584: Improved TSB Partition Management in KeyCloak
- KMS-8565: Restrict LLM usage in demo mode
- Configurable rate limit per user via
[demo]section insecrets.toml - Rolling time window with remaining message counter
- Configurable rate limit per user via
- Added Crypto Selftest module
Bug Fixes:
Dependency Updates:
- bumped dependencies to latest versions
Key Manager UI - v0.1.3
Issued: February 12, 2026
Feature:
- New App design
- Compliance page to assess Post-Quantum Cryptography Readiness & NIST SP 800-57, ISO 27001 / 19790, BSI TR-02102 assessment
- KMS-8516: Added KeyCloak as oAuth-Provider to support Securosys SSO
- KMS-8507: Support for different AI-Models: Antrophic (Claude), GPT, Gemini, Ollama (Local LLM-Server)
- KMS-8398: Multi-Tenancy - users can switch between HSM partitions / TSB instances
- Partition credentials configurable per-user via Security tab (hsm_auth)
- OAuth partition resolution via Azure Key Vault, GCP Secret Manager, or HSM data objects
- Sidebar instance switcher with colored top-bar indicator (configurable color hex per partition)
- Full session state reset on partition switch to prevent data leakage between instances
Key Manager UI - v0.1.2
Issued: February 09, 2026
Feature:
- KMS-8461: Hide init.json (KMIP DB initialization struct)
- KMS-8460: Delete associated key on KMIP user deletion
- KMS-8456: Added Module for Certificate Discovery (Discovery)
- KMS-8489: Added Module Compliance, Logs & Alerting
- KMS-8490: Improved performance on key-attribute fetching
- KMS-8491: New Dashboard Layout
- KMS-8492: Add Certificate Profiles
Bug Fixes:
- KMS-8443: rollback behaviour when creating KMIP user if HSM key-export is not allowed.
Dependency Updates:
- streamlit==1.54.0 (Updated recommended - Path security validation improves protection against Server-Side Request Forgery (SSRF) and path traversal vulnerabilities)
- bumped dependencies to latest versions
Key Manager UI - v0.1.1
Issued: November 22, 2025
Feature:
- Download KMIP-Client Certificates [KeyStore + TrustStore] directly from the KMIP-Tab.
- Create HSM Data-Objects
- Add the HSM object-type in keys grid (SymmetricKey, AsymmetricKey, SKA, KMIP Keys, ONTAP Keys)
- Password protected keys are now displayed correctly in keys grid
- Renamed PQC algorithms: ML-DSA, ML-KEM, SLH-DSA
- Display KMIP attributes in key details dialog
- Support to configure KMIP database migration using fixture loading
Fixes:
- Fix welcome toast for OAuth users
- Improved german translations
- All grid views have now the same (fixed) height
Key Manager UI - v0.1.0
Issued: November 20, 2025
Feature:
- By default disable browser.gatherUsageStats
- By default set the client.toolbarMode = "viewer"
- Support for detailed KMIP managed key & certificate dialog
Key Manager UI - v0.0.9
Issued: November 4, 2025
Feature:
- Updated Streamlit to v1.51.0
- KMS-8183: Grid support for Keys, improved overall grid look & feel
- KMS-8184: Disabled user management for OAuth users, as their accounts are managed by the OAuth provider.
Key Manager UI - v0.0.8
Issued: November 3, 2025
Feature:
- KMS-8181: Added HSM-based user management with 2FA support and bootstrap mode for first-time setup
- KMS-8181: Introduced admin user roles
- KMS-8176: Support for 2FA setup for
local_users&OAuthusers, introduced bootstrapping mode. introduced user roles (admin, user, auditor).
Key Manager UI - v0.0.7
Issued: October 31, 2025
Feature:
- KMS-8150: support for ED certificates
- KMS-8156: conditionally add / remove approvers tab (based on TSB_ENGINE license)
- KMS-7822: adds
san,cn,ou,o,KU,EKU,copy_extensionsto certificate dialog - KMS-8149: support for mTLS with TSB
- KMS-8162: Local user authentication as alternative to OAuth login
- KMS-7965: Securosys branding & custom styling (custom logo's and favicon)
Fix:
- KMS-8175: Fixed KeyAttestation not downloadable
Key Manager UI - v0.0.6
Issued: October 21, 2025
Feature:
- KMS-8094: Support for KMIP User Management
- KMS: Display key-details without certificate
- KMS: update cryptography to 46.0.2 to fix CVE-2024-26130
- KMS-8098: Natural Language Processing
- KMS: Multi-Platform vault-container build
Key Manager UI - v0.0.5
Issued: October 8, 2025
Feature:
KMIP User Management:
- New KMIP Tab: Added dedicated tab for KMIP (Key Management Interoperability Protocol) user management
- Service Account Keys: Generate service account keys specifically for KMIP integrations
- PKCS#12 Export: Service account keys can now be exported in PKCS#12 format
Fix:
Certificate Display:
- Fixed issue where certificate dialog would not appear when only a certificate (without a corresponding key) exists in the keystore
- Certificate dialog now correctly displays in all scenarios where certificates are present