Policies & Notices
      Back to home
      1. Guide & Help
      2. Operations & Administration support
      3. Policies & Notices

      Release Notes

      These release notes are regularly updated to share the latest improvements, new features, and fixes released onto the platform.

      March 2025

      New Features: 

      • Site-wide OIDC-based SSO: Our OIDC SSO implementation, which previously allowed per-customer OIDC SSO, has been extended to allow a single site-wide configuration, allowing for easier SSO implementation.
      • API rate limiting: All sites have API rate limits set on API requests. See API: Application Programming Interfaces
      • New bulk category license API endpoint: A new endpoint has been added, allowing API users to return all ‘Category’ license information for an account and all users in that account.
      • New bulk report license API endpoint: A new endpoint has been added, allowing API users to return all ‘Report’ license information for an account and all users in that account.
      • 2FA: Sites can now enable 2FA. Once support has enabled this setting, users who want to authenticate via the API without 2FA requirements must be added to an API allow list. 
        Contact support@contentcatalyst.com if you would like this enabled.
      • Password Breach Checker: An Optional feature is now available that will disallow users from setting passwords that commonly appear in data breaches. Contact support@contentcatalyst.com if you would like this to be enabled.

      Improvements: 

      • OIDC sub as username: OIDC SSO now uses the "sub" claim as the username instead of the "email address" claim.
      • Maximum username length increase: The maximum username length has been increased to 255 characters to support the maximum possible OIDC "sub" value.
      • Streamlined site cookies: Content Catalyst sites have been optimised to offer only essential cookies.
      • Optimised report caching: The performance optimised report library cache has been rolled out to all clients.
      • Improved bot handling in the Content Catalyst WAF: The Web Application Firewall (WAF) bot handling logic has been enhanced to minimise bots' impact on sites.
      • Brute Force Attack Hardening: Hardened authentication further against brute force user password attacks.

      Fixed Issues: 

      • Better job queue multithreading: fixed an issue where site job queues could become locked.
      • ReturnUrl parameter: Added support for the return URL parameter to SSO to /auth/{provider_name} and /auth/{provider_name}/callback entry points.

      February 2025

      New Features: 

      • User Session length configuration: A New app setting has been introduced that allows us to help customers define session expiration time site by site. The default session expiration time is 12 hours. If customers would like to have expiration times in line with OWASP guidelines of 5 - 10 minutes, please contact support@contentcatalyst.com. 

      Improvements: 

      • User Session handling: When a user password is changed, all user sessions from any location or browser will end immediately. This is to help improve security across all sites.
      • Report Title Metadata handling: Work has been done to ensure better handling of symbols such as (!"#£$%'()^&*-+_+=`¬|\/>,<.|\@¡¢¤¥¦§¨©️«®️°±µ»¿ etc) in report titles. 
      • MFA API User handling: If MFA is enabled on a site, a site API user can now be added to a bypass list, allowing them to authenticate without using MFA.
        Please contact support@contentcatlyst.com for more details.

      Fixed Issues: 

      • Fixed an issue where the latest report metadata was not immediately displayed in admin areas.

      December 2024

      New Features: 

      • Bulk User Management: Bulk user management tools in your platform help you identify and manage users who have not recently accessed their reports, re-engage them, or adjust access as needed. See User Management.

      November 2024

      Fixed Issues: 

      • Fixed an issue where the return URL was not retained when a non-SSO user logs into an enterprise-enabled site.

      October 2024

      New Features: 

      • Site Administration Role: Gain tighter, more secure control over your platform with the new Site Administration role. This role enforces stricter control over site-wide configurations and assignment of administrative responsibilities, ensuring only the right people have access to critical settings.
      • Admin Audit Page: Keep your admin team’s permissions transparent and secure with our new dedicated Admin Audit page. View user permissions and easily export audit trails to understand who holds specific admin rights and when assignments were made, for greater clarity across your team.
      • MyCatalyst Admin Area: Manage the MyCatalyst AI chat service through a new dedicated area in the site admin menu. This allows admins to customise settings for MyCatalyst, including the priority given to more recent content and the creativity allowed in responses, giving you more control over the AI-driven responses given on your platform.

      Improvements: 

      • Login Tracking: Improved performance for the login tracking feature, helping administrators monitor user engagement through accurate login counts and timestamps.
      • Content Indexing for MyCatalyst AI: Improvements to the accuracy of indexing published content, allowing MyCatalyst to deliver more accurate AI-driven responses, ensuring the tool surfaces the most relevant insights and data.

      August 2024  

      Improvements: 

      • ChatGPT 4.0 was added as a model option to MyCatalyst.ai. 
      • Improvements to MyCalayst's handling of large report libraries. 

      July 2024 

      New Features: 

      MyCatalyst is an AI-powered discovery chat tool that is now available as an additional feature for subscribers.  Contact the client success team for more information. 

      Improvements: 

      • Performance improvements around report cache processing after report updates.
      • Further WAF improvements.

      June 2024 

      Improvements: 

      Personalised Content Notifications:

      • Increase pause duration to allow up to 15 days' worth of pausing.
      • Show 'paused until' notification in both UTC and local time.

      Fixed Issues: 

      • Optimized creation of 'Also looked At' report lists.
      • Fixed issue where Personalised Content Notifications subscriber may receive multiple notifications for the same report.

      May 2024 

      Improvements: 
      • Personalised Content Notifications can now have a dedicated from address. 
      • Increased account name length limit.

      March 2024

      Improvements:

      • Security – authentication API endpoint now uses the POST method.

      Fixed Issues: 

      • Fixed issue with users accessing a report containing Vimeo plugin content when the Vimeo plugin had been disabled.

      February 2024

      Improvements:

      Personalised Content Notifications:

      • Notification emails can now be paused.
      • Instant access link lifetime is now configurable.
      • Reports now show which topics match their categorization.

      Fixed Issues: 

      • Fixed issue where users with chargebacks couldn’t be deleted.

      January 2024

      Improvements:

      • Guest user configuration for open sites now has a dedicated admin page.

      December 2023

      New Features: 

      • Added Analyst support link to notification emails.

      Fixed Issues: 

      • Fixed an issue where the correct PowerBI thumbnail wasn’t present in exported content.

      November 2023

      Improvements:

      Personalised Content Notifications:

      • Added analyst name and publication date content fields to notifications email template.
      • Added API endpoint to update the default user interests for multiple accounts.
      • Added API endpoint to update the default user notification frequency for multiple accounts.

      Fixed Issues: 

      • Fixed an issue where notification emails were timing out.

      • Fixed issue with Dataveiwer where an error may occur when duplicates exist.

      • Fixed issue with report cover images in notification emails failing to load.

      October 2023

      New Features: 

      • Personalised Content Notification topics can now be grouped into topic groups. For further details see here.

      Improvements:

      • Extended bulk import tool to include new standalone plugin product types.

      • New full-screen options for standalone Power BI plugin and Vimeo vide plugin products.

      September 2023

      New Features: 

      • You can now add standalone Power BI plugin and Vimeo video plugin products. For further details see here.

      Improvements:

      • Under PII best practice email addresses and usernames are no longer used in login URLs.

      Fixed Issues: 

      •  Fixed issue where deactivated users were receiving previously scheduled content notifications. 

      August 2023

      Improvements: 

      • Added option to hide topics that do not contain licensed content from the list of topics presented to the user. 

      Archived Release Notes

      Archived released notes can be viewed here.