Summary
This release delivers NetBox v4.5 compatibility, consolidates session-key APIs, introduces hierarchical SecretRoles (MPTT), modernizes the UI workflow, and strengthens UserKey validation and security behavior.
Compatibility
- NetBox: 4.5.x only
- Python: >= 3.10
New Features
- UserKey API CRUD: create/update/delete user keys via REST
- SecretRole hierarchy using NetBox
NestedGroupModel(MPTT) - Session-key API in UI: UI now uses API endpoints for session-key operations
Enhancements
- UserKey validation: block public key changes when secrets exist and this is the only active key
- UI safety: hide "Activate User Key" button when no key exists or is inactive
- Swagger/OpenAPI: updated API docs for new endpoints and behaviors
- Project structure: models and API serializers refactored into clearer modules
- Owner support: Secret and SecretRole support NetBox
ownerfields
Bug Fixes
- Safer activation and master-key handling for UserKeys
- Improved error messages and validation paths
- More consistent secret encryption/decryption flows
Breaking Changes
- NetBox < 4.5 is no longer supported
POST /get-session-key/removed (use/session-key/)/session-keys/deprecated (removal planned in v4.6)- SecretRole hierarchy migration required (MPTT fields + data rebuild)
- Static JS bundle removed (inline JS now used)
Deprecations (until NetBox v4.6)
GET|POST /session-keys/→ useGET|POST /session-key/GET|DELETE /session-keys/{id}/→ useGET|DELETE /session-key/POST /activate-user-key/→ usePOST /user-keys/activate/
Removed
POST /get-session-key/(legacy) — usePOST /session-key/
Migration / Upgrade Notes
- Back up your database.
- Install the release (see [docs/installation.md](installation.md)).
- Run migrations:
./manage.py migrate
- Update API clients to
/session-key/. - Verify SecretRole hierarchy and decrypt existing secrets.
Documentation
- API reference: [docs/api.md](api.md)