Enhancements
Repeater Editing Scope Restriction
Addition of a dedicated scope restriction ensuring that only authorized users can make edits to specified repeaters.
In large organizations, multiple teams often work with the same repeaters. This new dedicated repeater scope ensures that only specified team members can edit a repeater’s name or settings.
Repeater editing options include:
- Rename
- Change description
- Reassign to a different project
- Add a script
Key updates:
- Scope restriction:
- Only users with the new scope repeaters:manage can perform edit actions.
- Scope repeaters:write is still required for creating and removing repeaters, as well as activating/deactivating them.
- During rollout, repeaters:manage will be automatically added to any Role or API key that already has repeaters:write.
Non-authorized users:
- The Edit button is changed to View, and the edit window is grayed out.
Audit logs:
- All repeater edit actions (name, description, reassignments, scripts) are logged.
- Audit logs include repeater name, action, user, and timestamp.
This change strengthens governance and prevents accidental or unauthorized changes across teams, while ensuring all activity remains visible in audit logs.

Pretty print for JSON bodies
The Request and Response Body display fields now include a Pretty print toggle. When enabled, the field shows JSON in an indented, multi-line view instead of a single line.
For example From:

To:

Re-auth triggers: AND/OR groups
It is now possible to combine re-auth triggers with AND or OR and to organize them into groups. This makes it easier to describe how authentication failure looks in mixed targets (web pages and APIs).

- See more details here: https://docs.brightsec.com/docs/add-new-auth-object#/
User icon tooltip now displays the user’s full name
The header tooltip has been updated: when hovering the user icon, it now shows the full name of the logged-in user (replacing the previous “Account” text). This helps confirm which account is active at a glance.

API Endpoint Deprecation Notice - /api/v1/me/org/memberships
We are deprecating the endpoint /api/v1/me/org/memberships.
Timeline
Deprecation start: September 22, 2025
Removal date: October 19, 2025, midnight UTC
The endpoint will continue to function during the deprecation window. After the removal date, it will no longer be available, and requests will fail.