Fides 2.78.0 release notes
- 2.78.0: February 2, 2026
The Enterprise tag indicates that features are only available for Enterprise customers. To review pricing and upgrade your plan, please visit our site (opens in a new tab) or contact us to learn more.
Helios
Detect and classify global data risks with comprehensive visualization for data mapping and reporting for modern Enterprise.
- User Scoping for Monitors: Added foundational support for assigning data stewards to discovery monitors:
- Steward Assignment: Data stewards can now be assigned to discovery monitors when creating or updating monitors via the API. The system validates that assigned users have the appropriate permissions.
- Filtered Views: The action center now includes a data steward filter that defaults to showing monitors assigned to the current user. This makes it easy for team members to immediately see the monitors they're responsible for when they visit the action center. Users can change the filter to view monitors assigned to other stewards as needed, and filter selections are preserved in the URL for easy bookmarking and sharing.
- Monitor-Scoped Activity: The Activity tab on monitor screens now shows activity specific to that monitor, giving stewards a focused view of changes within their area of responsibility.
- Okta Monitor (Beta): This release includes the first iteration of infrastructure monitoring capabilities, starting with Okta. Behind the
oktaMonitorfeature flag, you can now:- Create and configure Okta monitors to scan your Okta environment.
- View infrastructure monitor results in the action center.
- Edit data uses on infrastructure monitor results.
- Access a dedicated activity tab for infrastructure monitors.
- The infrastructure monitor UI includes status tags, dynamic API-driven filters, and a streamlined configuration form. This beta feature lays the groundwork for discovering and monitoring data across identity and access management systems.
- Action Center Improvements:
- Added a monitor type filter to the root action center for easier navigation between datastore, website, and infrastructure monitors.
- Updated copy and empty states throughout the action center for improved clarity.
- Fixed monitor filter state syncing issues.
Lethe
Enterprise grade privacy request management and processing with a single orchestration layer for DSRs across vendors and systems
- Bulk Finalize for Privacy Requests: Teams using the erasure request finalization feature can now finalize multiple requests at once. The new request manager includes a "Finalize" option in the bulk actions dropdown when selecting requests in the "Requires manual finalization" status. This significantly speeds up workflows for teams that review and manually finalize erasure requests before completion.
- Webhook Headers: HTTP connectors now support custom headers that are forwarded with DSR webhook requests. This enables authentication and other header-based integrations with external systems that receive privacy request webhooks. Headers can be configured in the webhook connector secrets.
- Performance Improvements:
- Added deferred loading for privacy request task objects, reducing memory usage and improving response times for the privacy request endpoints.
- Added error handling and execution logs for privacy request scheduling failures, providing better visibility of errors in the activity timeline.
- Added in-memory caching for identity definition validation.
- DSR Notification UX: Improved the email configuration experience for DSR notifications with an updated drawer interface that makes it easier to configure notification settings.
- Batch Email Improvements: Batch emails now validate action types before sending, ensuring that notification emails are only sent for appropriate request types.
Janus
High performance consent recording and orchestration for data sharing, built for enterprise data engineering and AI pipelines.
- Consent v3 APIs (General Availability): The Consent v3 APIs are now generally available. The experimental feature flag has been removed, so the v3 API endpoints are accessible without any special configuration. If you're interested in adopting the v3 consent architecture, please reach out to your customer success contact to discuss whether it's the right fit for your use case.
- TCF Re-Consent Improvements: Improved how Fides handles TCF consent versioning to reduce unnecessary re-consent prompts. Previously, when a vendor in the Global Vendor List (GVL) added a new purpose, users would be prompted to re-consent even if that purpose was already disclosed by other vendors in the CMP. Now, the TCF version hash only changes when a vendor adds a purpose that represents a material change—meaning a purpose not already disclosed by the publisher through any other vendor. This prevents user frustration from repeated consent prompts when there's no actual change to their privacy experience.
- FidesJS Enhancements: Several improvements to the FidesJS consent library:
- Wildcard Cookie Deletion: FidesJS now supports deleting cookies using wildcard patterns. This is particularly useful for cookies that include dynamic identifiers in their names (e.g.,
_prefix_[sessionId]or[userId]_suffix). When you configure a cookie for deletion with a wildcard pattern, Fides will match and remove all cookies that fit the pattern. - Locale Change Event: Added a new
FidesLocaleUpdatedevent that fires when users change their language preference in the consent modal. This enables developers to update custom modal link labels and other localized content dynamically when users switch languages, ensuring a consistent multilingual experience. - GPC and Automated Consent Timing Fix: Fixed a timing issue where GPC signals and automated consent were being evaluated after the
FidesInitializedevent fired. Automated consent sources (GPC, migrated consent from third-party providers, and notice consent strings) are now read synchronously during initialization. This ensures that when Fides broadcasts that consent is ready, all automated consent has been fully evaluated and applied.
- Wildcard Cookie Deletion: FidesJS now supports deleting cookies using wildcard patterns. This is particularly useful for cookies that include dynamic identifiers in their names (e.g.,
- TCF Improvements:
- Fixed TCF dismissal behavior to properly check for the TCF cookie when GPC is enabled.
- The
__tcfapigetTCDatacall now correctly includes the vendors disclosed segment in the TC string.
Integrations
- Highspot Integration: Added a new Highspot integration supporting DSR access requests. Highspot is a sales enablement platform, and this integration allows you to fulfill data access requests for user data stored in Highspot.
- Dataset Merge Improvements: Fixed an issue where monitored collections could be lost during dataset merges, ensuring that your monitoring configurations are preserved when updating datasets.
Fides core
- Performance Improvements: This release includes significant backend performance improvements:
- ASGI Middleware Rewrite: All HTTP middlewares have been rewritten as pure ASGI middlewares, replacing the previous
BaseHTTPMiddlewareimplementation. Benchmarks showed the previous implementation was creating significant overhead. This change improves request throughput across all API endpoints without changing any middleware behavior. - Health Check Optimization: The Redis health check has been removed from the
/healthendpoint by default. The synchronous Redis check was causing health check requests to queue up under high load. Redis health can still be checked explicitly by adding?include_cache=trueto the health endpoint. - Python 3.13 Upgrade: Fides now runs on Python 3.13, bringing performance improvements and security updates from the latest Python release.
- ASGI Middleware Rewrite: All HTTP middlewares have been rewritten as pure ASGI middlewares, replacing the previous
- API Version Header: All API responses now include an
X-Fides-Versionheader, making it easier to verify which version of Fides you're communicating with during debugging and integration testing. - "Powered by Ethyca" Branding: The "Powered by Ethyca" branding link is now displayed by default in the consent modal and privacy center. This change applies to new deployments; existing configurations are not affected.
- Embedded Consent Styling: Added experience config ID and property ID CSS classes to the embedded consent body element, enabling more precise CSS targeting for customers with multiple privacy experiences or properties.
- Taxonomy UI Improvements: Continued enhancements to the custom fields and custom taxonomy UI, improving the experience for organizations using extended taxonomy configurations.
Notes
This release marks a significant milestone with the general availability of Consent v3 APIs, and the introduction of infrastructure monitoring capabilities (starting with Okta in beta). The performance improvements to the middleware layer and health checks should provide noticeable improvements for high-traffic deployments.
For customers using TCF, the re-consent handling improvements should reduce the frequency of consent prompts for your users when vendors make minor GVL updates that don't represent material changes to your privacy program.