Opinum Data Hub 7.0

Release date: 01 July 2025

This release brings significant security enhancements, including the migration to Keycloak as our new authentication platform.

Keycloak Integration

We are transitioning our authentication system to Keycloak, an open-source identity and access management solution.

Why Keycloak?

Keycloak offers advanced security features and improved identity management capabilities. This migration lays the foundation for future enhancements in user and access management.

What’s Changing?

The migration has been designed to be as seamless as possible:

• Users can continue logging in as before—no action is required on their part.
• The invitation and password reset flows have been slightly updated, and the related emails have a new format.

However, for integrators, Keycloak introduces new OAuth2 endpoints. If you're integrating with our authentication system, please plan for this migration accordingly.

How the Transition Works

Keycloak is running alongside our legacy authentication system during a transition period. This allows existing applications to continue using the old system for a few months.

Once the transition period ends, the legacy system will be decommissioned. By then, all applications should be updated to use Keycloak as the authentication provider.

Security Enhancements

Following our annual penetration test, we’ve implemented several new security measures, including:

• Hardened CORS policies
• Stricter cookie handling
• Restricted allowed content types
• Limited permissions for embedded iframe content
• Upgraded Swagger (OpenAPI UI) dependencies to patch known vulnerabilities

Other Improvements

• Changed the unit symbol for “None” to an empty string
• Disabled the browser’s “Translate this page” popup
• Upgraded UI libraries to their latest versions

Bug Fixes

• Fixed an issue with source deletion
• Resolved a problem with variable selection in the SolarEdge connector