July 6, 2026

121 changes across 5 repo s

New

  • AI transparency disclosures added to chat#665 The chat interface now displays an AI disclosure on the prompt entry screen and updated per-answer footer text, informing users they are interacting with an AI system that may generate inaccurate information.
  • Issue checkboxes added to the event Report Issue dialog#668 Users can now select from a list of specific issue types (such as No Audio, Poor Transcription, or Disconnected) when reporting a problem with an event, in addition to or instead of free-text description.
  • Rate-limit error message improved#670 When an API rate limit is reached, the application now shows a clear, actionable message explaining the situation and that the user can try again shortly.
  • User preferences saved per table view#672, #673, #674, #675, #676, #677, #678 The entitlements portal now persists per-user table preferences — including column order, visibility, and widths — so your layout is restored across sessions.
  • Mark all and dismiss all notifications#655, #302 Portal users can now mark all notifications as read or dismiss all at once, rather than managing them individually.
  • Entitlement buckets management endpoints#682, #683, #684, #685, #686 New API endpoints support creating, retrieving, updating, and deleting entitlement buckets, enabling more structured management of grouped entitlements.
  • Research content definitions endpoints#688, #689, #690, #693, #694, #695 New API endpoints for listing, retrieving, creating, updating, and deleting research content definitions are now available.
  • Consumer settings and readership permissions#663, #660, #304 Consumer organizations can now manage their own settings and have access to the new readership-viewing permission.
  • Tags automatically computed and persisted on entitlement requests#679 Entitlement requests now carry automatically computed tags (such as email domain type and MiFID classification) that are saved with the request and surfaced in exports and the portal.
  • Organization address support added#659 Organization records now support address fields, with both single and bulk update endpoints available for managing them.
  • Minimum password length increased to 12 characters#514 New passwords created through registration, password reset, and change-password flows now require at least 12 characters. Existing passwords are unaffected.
  • Enterprise SSO onboarding links federated identities to native accounts#523 When activating an enterprise SSO user, the platform now links their identity provider account to their Aiera account automatically, so federated sign-in resolves correctly on first login.
  • Dev Platform welcome email now routes to the correct sign-in page#543 Users onboarded to the Developer Platform receive a welcome email with a sign-in link pointing to the Developer Platform login, rather than the main dashboard.
  • Organization domain allowlist readable by all org members#535 Any authenticated member of an organization can now view the organization’s component domain allowlist, making it easier to self-diagnose component key configuration. Write access remains admin-only.

Improvements

  • Logout now invalidates all active sessions immediately#667 Signing out sends the current access token to the server, which blocklists it and any sibling sessions, so other open tabs are signed out right away rather than remaining active until token expiry.
  • Bank of America research documents now load correctly in the drill-down panel#671 The SSO sign-in button for Bank of America research content is now properly visible in the drill-down view, allowing the popup authentication flow to complete and the document to load.
  • Requests table handles large volumes more smoothly#692, #309, #310, #308 The entitlements portal requests table now supports up to 500 requests per page, virtualizes rows in large groups for faster rendering, and preserves scroll position and table state when opening a request detail panel.
  • Bulk action toolbar no longer overlaps filters on Access Requests#314 When rows are selected on the Access Requests page, the bulk action toolbar now displays cleanly without covering the date and status filter controls.
  • Permission description text is now clickable in the credential panel#311 Clicking anywhere in the description area of a permission option in the credential creation panel now toggles the checkbox, not just the checkbox square itself.
  • Readership metrics exports now respect date filters correctly#667 Date range filters on readership exports now align with the effective access date used for sorting and embargo logic, so exports include the expected rows when embargo periods overlap the filter window.
  • Readership metrics Slack summary now delivered as a CSV file#712 The periodic readership metrics summary sent to Slack is now uploaded as a CSV file, avoiding message size limits and making the data easier to review.
  • CSV export column headers now match portal table labels#698 Exported request CSV files use the same column names shown in the portal table, making it easier to cross-reference exports with the on-screen view.
  • Bulk onboarding supports larger batches without timeouts#518, #527 Bulk onboarding endpoints no longer enforce a 50-user cap per batch, and large batches now use a soft time limit that preserves all successfully processed users rather than discarding partial results on timeout.
  • Welcome email resend now available for users who haven’t completed first sign-in#525 Operators can now trigger a fresh welcome email and new temporary password for users still in the initial sign-in flow, without affecting users who have already set their permanent password.
  • Welcome email copy unified and CTA updated#538 The onboarding welcome email now uses a single consistent message for all user types, with the call-to-action button pointing directly to the set-new-password flow.
  • Newly onboarded users receive correct default permissions#533 Users onboarded through the bulk onboarding flow now automatically receive the appropriate default platform permissions, matching those applied through standard account creation.
  • API credentials scope is now determined exclusively by the credential#653 OAuth token issuance no longer accepts a scope override at token request time; the credential’s own scope is always authoritative, making permission grants clearer and more predictable.

Fixes

  • Highlight colors save correctly#664 Custom highlight colors now save and round-trip reliably, with the transparency value applied consistently on read.
  • Entitlement request grant and deny now work reliably for all request batches#656, #661, #524 Grant and deny operations on entitlement requests now complete consistently, including for requests where partial email filtering or status edge cases previously prevented completion.
  • Provider client file imports with MiFID values now complete successfully#670 Importing a provider client CSV with MiFID values such as “true”, “false”, “1”, or “0” now works correctly, with an accurate count of imported records reported on completion.
  • DDR signature verification now processes all messages reliably#671 DDR message polling now verifies signatures correctly for all incoming messages, preventing a stall that could occur when a signature’s first byte matched a key-format indicator.
  • Readership ingest now matches contacts regardless of email casing#691 Readership events whose contact email differs in capitalization from the stored value now match correctly and are ingested rather than routed to the error queue.
  • Revoked credentials no longer appear in the credentials list#705 Soft-deleted credentials are now correctly excluded from the credentials list view.
  • In-app notifications now deliver reliably to all recipients#707, #708 Notifications sent on behalf of one user to another now reach the intended recipient consistently.
  • Email addresses with apostrophes are now accepted#680 Registration and entitlement requests with email addresses containing apostrophes are now accepted as valid.
  • Optional address fields accepted during registration#720 Registration requests where the optional state or zip code fields are left empty now complete successfully.
  • Pagination limit now accepts the maximum value#654 List endpoints now correctly accept requests up to the documented maximum page size.
  • Unknown query parameters on list endpoints now return a validation error#687 Requests to list endpoints that include unrecognized query parameters now return a 400 validation error, consistent with other endpoints.
  • Entitlement grant requests with both individual and bucket entitlements now handled cleanly#719 The public API endpoint for granting entitlements now requires either a list of individual entitlements or a bucket, preventing ambiguous requests.
  • Bucket edit panel opens without causing excessive re-renders#306 Opening the bucket edit side panel in the portal no longer triggers a rendering loop, and entitlement type groups display expanded by default.
  • Validation error responses no longer include raw request input#545 API validation errors now return only the field location, message, and error type — sensitive input values such as passwords and tokens are no longer reflected back in error responses.
  • SSO login routing works reliably for users with mixed-case email addresses#530 SSO identity provider lookup now normalizes email addresses before matching, so users whose login hint differs in capitalization from their stored account are routed to SSO correctly.
  • Enterprise SSO account linking now succeeds for users who signed in before being provisioned#546 If a user attempted to sign in via SSO before their account was linked, the platform can now reconcile and complete the account link during activation or via the admin sync flow.
  • Research search relevance improved for hybrid queries#512 Hybrid research search now applies a relevance threshold, preventing low-quality neural matches from appearing in results when a search term has no meaningful semantic match.

← All updates