Skip to content

Releases: SSHcom/privx-sdk-for-python

v44.0.0

Choose a tag to compare

@rsemkin rsemkin released this 17 Jun 08:21
1a80e95

PrivX Python SDK v44.0.0 is compatible with PrivX v44.

  • Added support for the Connection Manager API item_format query parameter. Callers can now request reduced response formats when listing and searching connections.
  • Fixed SDK endpoint mappings for Authorizer and Secrets Manager APIs to match the PrivX v44 API documentation.

For more information, see the Release Notes and the API Documentation.

v43.0.0

Choose a tag to compare

@rsemkin rsemkin released this 17 Mar 20:28
bdbab0e

PrivX Python SDK v43.0.0 is compatible with PrivX v43.

  • Added a new end-to-end example for retrieving Kubernetes kubeconfig through PrivX API Proxy. The example shows how to list API targets, reuse or create a current-user client credential, fetch kubeconfig content, save it to a file, and use the returned kubectl commands.

  • Added Kubernetes kubeconfig support for API Proxy client credential secrets. The SDK now supports requesting client credential secrets with format=kubeconfig, which makes it easier to use PrivX API Proxy for Kubernetes access flows.

  • Added support for the Connection Manager API verbose query parameter. Callers can now request verbose output when listing connections, searching connections, and retrieving a single connection.

  • Added support for the Auth API external JWT token exchange endpoint. Callers can now exchange an external JWT for a PrivX token through the SDK.

For more information, see the Release Notes and the API Documentation.

v42.0.1

Choose a tag to compare

@rsemkin rsemkin released this 06 Mar 09:26
c101669

• ## 42.0.1 - March 6, 2026

Why this patch release

This point release improves SDK reliability and response handling consistency without breaking existing client code.

What was fixed

  • Boolean query params remain fully supported as before (True/False in Python code).
  • Under the hood, SDK now normalizes boolean query values to lowercase wire format (true/false) for better backend compatibility.
  • Response construction was centralized across API modules so status/success behavior is uniform.
  • Response metadata was improved:
    • response.status is always the actual HTTP status.
    • response.ok is evaluated consistently as status == expected_status.
    • Response headers are consistently exposed (response.headers, lowercase keys).
  • Raw response body is now preserved on buffered responses via response.content (bytes), even when JSON parsing fails.
  • Non-success response.data remains backward compatible ({"status": ..., "details": ...}).
  • Tests were expanded for boolean params, invalid JSON bodies, non-expected statuses, and streaming behavior.
  • Version bumped from 42.0.0 to 42.0.1.

Backward compatibility

No API break intended:

  • Existing calls with boolean params continue to work unchanged.
  • Existing consumers of response.data continue to work.
  • New response.content gives additional visibility for troubleshooting non-JSON responses.

Practical examples

  1. Boolean params (unchanged user code, normalized wire format)

user code (same as before)

client.get_network_targets(limit=10, fuzzy_count=True)

sent over query string (now normalized)

...?limit=10&fuzzycount=true

  1. Consistent status / ok

resp = client.create_secret(payload) # expected status: 201
print(resp.status) # actual HTTP status, e.g. 201
print(resp.ok) # True only when status == expected

  1. Non-JSON error body inspection (main bugfix)

resp = client.some_call_that_returns_error()

print(resp.ok) # False
print(resp.data) # still backward compatible shape, may be:
# {"status": 400, "details": {}}
# if body is not valid JSON

New: raw bytes always available for debugging

print(resp.content) # e.g. b'Bad Request: invalid token format'
print(resp.content.decode("utf-8", errors="replace"))

Commit scope

  • 42cac2f - main 42.0.1 patch content
  • c101669 - merge of v42.0.1 into master

v42.0.0

Choose a tag to compare

@rsemkin rsemkin released this 19 Dec 09:56
c85d8cc

PrivX Python SDK v42.0.0 is now compatible with PrivX v42.

  • Added endpoints for the new API Proxy feature
  • Added endpoints to hoststore for the new RDS Connections feature
  • Introduced lightweight cookie jar support

For more information, see the Release Notes and the API Documentation for detailed specifications.

v41.0.0

Choose a tag to compare

@rsemkin rsemkin released this 05 Sep 13:44
44c4ea5

PrivX Python SDK v41.0.0 is now compatible with PrivX v41.

For more information, please refer to the Release Notes and our API Documentations for detailed specifications.

v40.0.0

Choose a tag to compare

@rsemkin rsemkin released this 06 Jun 10:43
efb6b9d

PrivX Python SDK v40.0.0 is now compatible with PrivX v40.

For more information, please refer to the Release Notes and our API Documentations for detailed specifications.

v39.0.0

Choose a tag to compare

@rsemkin rsemkin released this 01 Apr 08:13
6acc2ce

PrivX Python SDK v39.0.0 is now compatible with PrivX v39.

SSH command restriction whitelist management has been added to sdk.

For more information, please refer to the Release Notes and our API Documentations for detailed specifications.

v38.0.0

Choose a tag to compare

@rsemkin rsemkin released this 03 Mar 11:47
cd4d4be

PrivX Python SDK v38.0.0 is now compatible with PrivX v38.

For more information, please refer to the Release Notes and our API Documentations for detailed specifications.

v37.0.0

Choose a tag to compare

@rsemkin rsemkin released this 04 Dec 13:02
a7e7d7e

PrivX Python SDK v37.0.0 is now compatible with PrivX v37.

New API Endpoints

Resolve target domain names to target domain IDs. API Docs

v36.0.0

Choose a tag to compare

@rsemkin rsemkin released this 03 Sep 10:38
07145d0

Some notable changes in PrivX 36.0 (please refer to PrivX documentation for full details):

Custom attributes can be assigned to local user.
ManagedAccount SecurityIdentifier field can be modified (if needed).
ManagedAccount SamAccountName can be specified.
RDP certificate authentication can be disabled for a ManagedAccount via DisableRdpCertAuth flag.

The changes above are part of the support for RDP certificate authentication using strong mapping (SID extension). The SecurityIdentifier (SID) is scanned automatically if possible. Otherwise, it can be edited via custom attribute for local user or via SecurityIdentifier property for ManagedUser. Legacy Windows account format DOMAIN\username can be used in a host account configuration together with a target domain.