2023.4.9

Release date: August 7, 2024

Increased security in the CyberArk credential store

We have strengthened the security of input handling when you configure the credential store and when you use the Plugins.SecureStores.CyberArk.UsePowerShellCLI app setting to retrieve credentials.

We now allow alpha numeric unicode characters as well as the following special symbols ['-', '_', ' ', '.', '#', '(', ')', '@', '$']. If you need more characters, you can whitelist them by specifying them in the Plugins.SecureStores.CyberArk.AdditionalAllowedCharacters config.

New parameter to control webhook validation

We have added a new parameter, Webhooks.VerifyAvailability.Enabled, to the UiPath.Orchestrator.dll.config file, with a true or false value. Set the parameter to false to disable webhook reachability validation when configuring the webhook target in the user interface.

New option to allow OS user authentication

We have added the new Allow OS User Authentication option to CyberArk CCP. OS user authentication enhances security by using the credentials of the user logged into the Orchestrator machine.

The option is only displayed when the value of the Plugins.SecureStores.CyberArkCCP.EnableOsUserAuthentication parameter is set to true.

Support for S3 buckets with SSE-KMS

Orchestrator now supports server-side encryption with AWS Key Management Service keys (SSE-KMS) for Amazon S3 storage buckets.

Bug fixes

When configuring the CyberArk credential store, the CyberArk Folder field did not support separators, the / or \ characters.
HPA scaling of the Orchestrator instance caused intermittent 503 network errors.
Custom credential store plugins would not load when they referenced UiPath.Orchestrator.Extensibility as a Nuget package instead of a direct file reference.
The Disable when consecutive job execution fail count and Grace period on disabling the trigger (days) trigger options no longer require the Features.AutoDisableTriggerAfterConsecutiveJobFailures.Enabled parameter to be enabled.