Skip to main content



Process Automation Version 2.106 Release Notes

November 2025

We have released Process Automation version 2.106. This version introduces CAPTCHA protection for external forms, adds the ability to configure Email Relay per Space, and includes new API endpoints for more efficient form field management. It also contains several bug fixes and minor updates that improve overall stability and performance.

Updates

CAPTCHA added to external forms

CAPTCHA helps protect from automated abuse such as spam, fake registrations, brute-force attacks, and data scraping. All external start events with forms are now protected by CAPTCHA.

The version we have implemented (reCAPTCHA v3) does not require user interaction. This will be visible to users through a little window at the bottom right corner of the page as the form is rendered.

note

This feature is not optional. Start events will be the only event type impacted by this release. In addition, iFrames are no longer compatible with external start events.

Further improvements to email relay – Space override

Our feature, Email Relay, enables organizations to define the email address displayed as the sender of email notifications from Process Automation. With this release, it is now possible to designate an Email Relay for a specific Space. This can be useful for organizations that want to use unique email addresses for specific Spaces, for example, to differentiate between a Test Space and a Production Space.

New API endpoints to get or update form fields more efficiently

It now takes fewer requests to find the Data Form ID when getting or updating form fields. This enhancement makes it possible to use both InstanceId and DataId.

The new endpoints use the same format as Objects/{ObjectId}/Fields, making it easier to convert existing integrations.

Find more information about the new endpoints in the API Documentation.

Added endpoints

Bug fixes

Out-of-office users seeing “access denied” when accessing via email

Error
Certain users were unable to access out-of-office tasks via email.

Fix
Tasks are now accessible via email links as expected for those affected users.

Gateway with expressions use invalid cached data after script service in some scenarios

Error
Instances with specific configurations broke because the gateway read a cached value, causing the process to loop infinitely.

Fix
Gateways now use the current value rather than cached value.

Role mapper disappears from admin page if default account group is removed

Error
When the default group being used by a Role mapper was deleted, the Role mapper disappeared from the Role mapper page in Space Settings.

Fix
The role mapper no longer disappears. Instead, an exclamation point (!) is shown to indicate that a new default group should be added.

Task list error when sorting on unread comments while using grouping

Error
Task lists crashed when list items were grouped and then sorted by unread comments.

Fix
Task lists now function as expected when sorting by unread comments in grouped views.

Value list listing space users sorts users in wrong order

Error
Certain custom value lists containing all the users of a Space or a Group were being sorted incorrectly.

Fix
Value lists are now sorted as expected.

[API] Bad response from /api/v1.0/instances/{instanceid}/formfields

Errors

  • Using .key together with the original field name returned a 500 error.
  • Field names containing dots (for example, form.Field1.text) did not set the input field to the correct name.
  • In some cases, a field from a single-select value list appeared twice in the response when its display and key values were the same.
  • When using invalid credentials, the endpoint returned a blank HTML page instead of the expected “Authentication Needed” response.

Fixes

  • The endpoint no longer returns a 500 error in these cases.
  • Field names containing dots are now handled correctly, and the input field reflects the full requested name.
  • Each field now appears only once in the response.
  • The endpoint now returns the correct error response for invalid credentials.
The .key suffix cannot be used because it is a reserved value.

This release also contains additional minor bug fixes and security updates.