Claude docs changes for July 1st, 2026 [diff]
Executive Summary
- Claude Sonnet 5 launches as the new default model in Claude Code (v2.1.197), with a native 1M-token context window and promotional pricing of $2/$10 per Mtok through August 31, 2026 — the rollout touches nearly every API and Claude Code doc (pricing, platform availability, adaptive-thinking-only behavior, a new tokenizer producing ~30% more tokens than prior models)
- New self-serve Tunnels API (
/v1/tunnels, beta) lets developers create and manage tunnels directly via a Workload Identity Federation token, without org-admin access; the old admin-only MCP Tunnels API (/v1/organizations/tunnels) is now marked deprecated with a migration window - Claude Desktop launches on Linux (beta) — installable via apt or a
.debpackage on Ubuntu 22.04+/Debian 12+, with Chat, Cowork, and Code tabs (Computer Use and voice dictation not yet supported) - Managed Agents gain session-level configuration overrides (swap
model,system,tools,mcp_servers, orskillsfor a single session without a new agent version) and an opt-in incremental event-delta streaming preview for agent messages/thinking - Permission SDK docs clarify a common gotcha: tools auto-approved by allow rules,
acceptEdits, orbypassPermissionsnever reachcanUseToolor hooks — guidance now recommends aPreToolUsehook for logic that must run on every tool call regardless of approval path
New Claude Code versions
2.1.197
New features
- Claude Sonnet 5 is now the default model in Claude Code, with a native 1M-token context window and promotional pricing of $2/$10 per Mtok through August 31, 2026
Claude Code changes
New Documents
Claude Desktop on Linux (beta) [Source]
Documents the new beta Linux release of the Claude Desktop app (Chat, Cowork, and Code tabs), supported on Ubuntu 22.04+/Debian 12+ (x86_64 or arm64). Covers installation via Anthropic's apt repository (with signing-key verification) or a downloaded .deb package, plus update/uninstall via standard apt commands. Lists what's not yet available: Computer Use, voice dictation, the Quick Entry global hotkey on native Wayland (works on X11), and Fedora/RHEL support.
Changed documents
Advisor [Source]
- Sonnet 5 added to the advisor-eligibility table: it can call and act as an advisor for Fable, Opus, and Sonnet 5, but a Sonnet 4.6 advisor is rejected when the main model is Sonnet 5 [line 64]
- Supported main-model requirement loosened from "Sonnet 4.6" to "Sonnet 4.6 or later" [line 117]
Agent SDK — Agent loop [Source]
- Example model ID updated from
claude-sonnet-4-6toclaude-sonnet-5[line 169]
Agent SDK — Permissions [Source]
- New "ask rules" step added to the permission evaluation flow diagram (now 6 steps: hooks, deny rules, ask rules, permission mode, allow rules,
canUseTool) [line 47] - New documented behavior: auto-approved tools (via allow rules,
acceptEdits, orbypassPermissions) never reachcanUseTool— coverage depends on rule form, and aPreToolUsehook is recommended to guarantee checks run on every call [lines 65-66]
Agent SDK — Python [Source]
can_use_toolfield clarified: only invoked when the permission flow falls through to a prompt, not for calls auto-approved byallowed_tools, allow rules, orpermission_mode; aPreToolUsehook is recommended for logic that must run on every call [lines 795, 1075]- Code example updated to warn against listing gated tools in both
allowed_toolsandcan_use_tool[lines 634-636] - 1M-context beta retirement migration guidance now includes Claude Sonnet 5 as a migration target [line 1254]
Agent SDK — TypeScript [Source]
canUseToolclarified to only fire when the permission flow falls through to a prompt, not for calls auto-approved byallowedTools, allow rules, orpermissionMode[lines 391, 766]- 1M-context beta retirement migration guidance now includes Claude Sonnet 5 as a migration target [line 2755]
Agent SDK — User input [Source]
- New explicit statement:
canUseToolnever fires for auto-approved tools; a bareallowed_toolsentry skips it unless an ask rule orplanmode routes the call back to a prompt — recommendsPreToolUsehooks for logic that must run on every call [lines 27-29]
Agent teams [Source]
- New documented security behavior: messages relayed between teammates via
SendMessageare marked as coming from another Claude session, not the user; a teammate can't approve permission prompts or relay bypass-consent on another teammate's behalf, and in auto mode a relayed "approval" is treated as untrusted input [lines 220-221]
Agent view [Source]
@<repo>dispatch clarified: typing@lists git repositories one level below the launch directory plus any directory that already has a session; directories with a space in the name are not listed [lines 225, 237-240]
Amazon Bedrock [Source]
- Sonnet 5 added to the models supporting the 1M-token context window on Bedrock; runs via the Mantle endpoint and always uses 1M context (no
[1m]variant needed) [lines 280-281, 327]
Claude apps gateway [Source]
- Intro rewritten to describe when the gateway is preferred vs. when Claude Enterprise is a better fit, now pointing to a new feature-availability comparison page [line 3]
- Auto mode compatibility note broadened from "only Opus models" to "only the models eligible on third-party providers," reflecting Sonnet 5 eligibility [line 277]
Claude Platform on AWS [Source]
- Example
ANTHROPIC_DEFAULT_SONNET_MODELupdated toclaude-sonnet-5[line 78]
CLI reference [Source]
--modelflag example updated fromclaude-sonnet-4-6toclaude-sonnet-5[line 85]
Context window [Source]
- Sonnet 5 added to the models supporting the 1M-token context window, with a pointer to its own auto-compaction/LLM-gateway section [line 96]
Desktop application [Source]
- New Linux (beta) download entry added, linking to the new Linux page; Linux is no longer described as unsupported [lines 13-16]
- Auto mode model requirement loosened to "Sonnet 4.6 or later"; Vertex AI Enterprise auto-mode support expanded to include Sonnet 5 [line 72]
- Sonnet 5 added to the models that always use adaptive reasoning (fixed-budget override doesn't apply) [line 467]
- Linux limitation entry updated: desktop app now available (beta), but Computer Use isn't yet supported on Linux [line 643]
- Update-checking troubleshooting note added: Linux updates go through
apt, not app auto-update [line 675]
Desktop quickstart [Source]
- New Linux (beta) download entry (apt or
.deb) and Linux-specific install/sign-in steps (launcher instead of Applications/Start menu) [lines 13-16, 36]
Environment variables [Source]
CLAUDE_AUTOCOMPACT_PCT_OVERRIDE/CLAUDE_CODE_AUTO_COMPACT_WINDOW: now note Sonnet 5 has its own default proactive-compaction threshold [lines 130, 142]CLAUDE_CODE_DISABLE_1M_CONTEXT: now documents that setting this also forces Sonnet 5 sessions down to a 200K window [line 152]CLAUDE_CODE_DISABLE_ADAPTIVE_THINKING: documented as having no effect on Sonnet 5 (in addition to Fable 5 and Opus 4.7+) [line 153]CLAUDE_CODE_SHELL: description substantially expanded — only accepts a path to abash/zshbinary (other shells likefishunsupported), falls back to auto-detection otherwise, and documents the detection algorithm ($SHELL, then first workingzshthenbashonPATH) [line 242]
Errors [Source]
- "thinking.type.enabled is not supported" error now also attributed to Claude Code versions older than the Sonnet 5 minimum [line 643]
- New version requirement documented: Sonnet 5 needs Claude Code v2.1.197+ (TypeScript SDK v0.3.197+) [lines 651, 653]
GitHub Actions [Source]
- Example model IDs updated from
claude-sonnet-4-6toclaude-sonnet-5across config examples [lines 93, 106, 603, 610]
Glossary [Source]
- "Effort level" entry: supported model list loosened to "Sonnet 4.6 and later" [line 103]
Google Vertex AI [Source]
- Example
ANTHROPIC_DEFAULT_SONNET_MODELupdated toclaude-sonnet-5; Sonnet 5 added to the 1M-token context-window model list (always 1M, no[1m]variant needed) [lines 136, 176]
Hooks [Source]
- New documented limitation:
PreToolUsedoes not fire for files referenced with@in a prompt (inserted directly, no tool call); use aReaddeny rule to block specific paths instead [lines 1234-1235] - New PowerShell guidance:
${CLAUDE_PROJECT_DIR}substitution in shell-form commands only works for plugin hooks;settings.jsonhooks on PowerShell should use$env:CLAUDE_PROJECT_DIRor exec form, with a new example [lines 2877-2886]
Microsoft Foundry [Source]
- Example
ANTHROPIC_DEFAULT_SONNET_MODELupdated toclaude-sonnet-5[line 78]
Model configuration [Source]
- On the Anthropic API, the
sonnetalias now resolves to Sonnet 5 (previously Sonnet 4.6); requires Claude Code v2.1.197+ [lines 29, 31] - Default model table updated: Pro/Team Standard/Enterprise seats now default to Sonnet 5 [line 197]
- Effort-level tables updated: Sonnet 5 added at the
low/medium/high/xhigh/maxtier, defaulting tohigh[lines 284, 287, 301] - New dedicated "Sonnet 5 context window" subsection: always runs with 1M context (no 200K variant, no
[1m]suffix, no usage credits needed), auto-compacts around 967K tokens by default; documents two exceptions that budget it at 200K (behind an LLM gateway without explicitly selectingsonnet[1m], orCLAUDE_CODE_DISABLE_1M_CONTEXT=1) [lines 347-349, 370-378] - Sonnet 5 added to models that always use adaptive reasoning [line 330]
Monitoring usage [Source]
- Example
modelattribute values updated fromclaude-sonnet-4-6toclaude-sonnet-5across telemetry attribute tables [lines 421, 443, 461, 572, 595]
Permission modes [Source]
- Auto mode model requirement loosened to "Sonnet 4.6 or later"; third-party provider (Bedrock/Vertex/Foundry/gateway) support expanded to include Sonnet 5, alongside Opus 4.7/4.8 [lines 143, 151]
Server-managed settings [Source]
- Security framing strengthened: explicitly states server-managed settings are "not a security boundary" — bypassing on unmanaged devices doesn't require admin/sudo access [line 205]
- New rows in the security-considerations table: a modified binary bypasses client-side controls; an old Claude Code version predating server-managed settings never fetches them; intercepted/redirected network traffic can alter received settings [lines 211-212, 216]
- New reference to "Tenant Restrictions" (network-level access control) in the Claude Help Center [line 219]
Settings [Source]
enforceAvailableModelsclarified: fallback to the first allowlisted entry only occurs when the account-type default model is not already allowlisted [line 229]- Example
fallbackModel/modelvalues and default commit-attribution trailer updated to Sonnet 5 [lines 231, 248, 437]
Setup [Source]
- Desktop app download callout now includes a Linux download link alongside macOS and Windows [line 26]
Skills [Source]
- New documented capability: skill entries can be symlinks to directories elsewhere on disk — Claude Code follows the symlink and reads
SKILL.mdfrom the target, deduplicating shared targets; plugin skills handle symlinks differently [line 105]
Sub-agents [Source]
- Full model ID example updated from
claude-sonnet-4-6toclaude-sonnet-5[line 269]
Terminal guide [Source]
- Desktop app download callout now includes a Linux download link [line 8]
Troubleshoot installation [Source]
- New troubleshooting entry for
A parameter cannot be found that matches parameter name 'fsSL'— covers running the macOS/Linux curl installer in Windows PowerShell (wherecurlaliases toInvoke-WebRequest), with a link to the correct PowerShell command [lines 21, 40, 436-442] - Desktop app download callout now includes a Linux download link [line 40]
API changes
New Documents
Tunnels [Source]
New self-serve, non-admin Tunnels API at /v1/tunnels (research preview, requires the anthropic-beta: mcp-tunnels-2026-06-22 header). It supersedes the org-admin-only Tunnels API (/v1/organizations/tunnels): the underlying resources (BetaTunnel, BetaTunnelToken, BetaTunnelCertificate) and operations (create/list/retrieve/archive tunnel, reveal/rotate token, and a certificates sub-resource with create/list/retrieve/archive) are the same, but authorization now uses a Workload Identity Federation token scoped to workspace:manage_tunnels (previously org:manage_tunnels), and POST /v1/tunnels can allocate a brand-new tunnel programmatically instead of only attaching to a Console-created one. Equivalent per-language SDK reference pages were also added under each language's beta/tunnels/ path.
Changed documents
Admin [Source]
- All MCP Tunnels endpoints (tunnel and tunnel-certificate operations) are now marked Deprecated in the endpoint index [lines 366-410]
Admin — Analytics [Source]
assigned_seat_count,daily_adoption_rate,monthly_adoption_rate,weekly_adoption_rate, andpending_invite_countare now documented asnullwhen a response is scoped to an RBAC group
Admin — Chat Projects usage [Source]
distinct_conversation_countchanged from a required field tooptional number, nownullon aggregated rows where a distinct count can't be computed [lines 20-60]
Admin — Get Activity Summaries [Source]
- Same RBAC-group
nullbehavior added forassigned_seat_count,daily_adoption_rate,monthly_adoption_rate,weekly_adoption_rate,pending_invite_count[lines 40-92]
Admin — Get Per-User Cost [Source]
- Clarified this endpoint only includes cost attributable to seat users; org-wide totals (including direct API-key/automation traffic) require the new bucketed
/v1/organizations/analytics/cost_reportendpoint [lines 11-17]
Admin — Get Per-User Token Usage [Source]
- Clarified this endpoint only includes usage attributable to seat users; org-wide totals require the new bucketed
/v1/organizations/analytics/usage_reportendpoint [lines 11-17]
Admin — Users analytics [Source]
- New
bioscience_metricsobject added to per-user analytics:delegation_count,distinct_session_count,message_count,remote_compute_job_count,skills_used_count[lines 20-45] chat_metrics.connectors_used_countredefined as "Number of MCP connector invocations" (no longer nullable/distinct-based); newchat_metrics.distinct_connectors_used_countfield added (nullable on aggregated rows) [lines 48-60]
Admin — External keys [Source]
- AWS
provider_config.role_arnis now deprecated and optional (previously required) — Anthropic reaches the KMS key via a managed intermediate role, and the field is ignored if supplied; applies across create/list/retrieve/update
Admin — MCP Tunnels [Source]
- All endpoints (Create/Get/List/Archive Tunnel, Reveal/Rotate Token, and the Tunnel Certificates create/list/retrieve/archive sub-resource) are now marked Deprecated, superseded by the new
/v1/tunnelsbeta API; existing integrations keep working with the old header (mcp-tunnels-2026-05-19) and scope (org:manage_tunnels) during a migration window [line 9 in each endpoint page]
Admin — Approve Spend Limit Increase Request [Source]
- Example response
statuscorrected from"pending"to"approved", reflecting the endpoint's actual post-approval state [lines 372, 438]
Admin — List Effective Spend Limits [Source]
- Terminology clarified from "cap" to "spend limit" throughout (no behavior change)
Beta [Source]
- New Tunnels and Tunnel Certificates endpoint groups indexed (see the new Tunnels page above) [line 785]
MCP tunnels — Architecture and components [Source]
- Required WIF scope renamed from
org:manage_tunnelstoworkspace:manage_tunnels[line 31]
MCP tunnels — Manage tunnels in the Console [Source]
- Same scope rename (
org:manage_tunnels→workspace:manage_tunnels) in prerequisites and federation-rule setup steps [lines 18, 42]
MCP tunnels — Deploy with Docker Compose [Source]
- Tunnel creation is no longer required up front: leaving
TUNNEL_IDunset now lets the setup component create the tunnel itself [line 17] mcp-proxyimage digest bumped; install/rotation instructions updated soTUNNEL_IDis optional;setup initreruns now reuse the stored tunnel ID and never create a second tunnel [lines 89, 133, 174, 189, 196, 268]
MCP tunnels — Deploy with Helm [Source]
- Chart now supports creating a new tunnel during install (not only attaching to a pre-existing Console tunnel); Helm chart version bumped from 1.0.0 to 2.0.0 [lines 11, 16, 131, 183, 196, 255, 273]
values.yamlschema changed:api.wif.tunnelIdremoved in favor of a newtunnel.idfield (empty = auto-create); new guidance on reading the auto-created tunnel's domain from themcp-tunnelSecret [lines 148-155, 205-215]- New "Upgrade from chart 1.x" section documenting the
api.wif.tunnelId→tunnel.idmigration and required scope rename [lines 244-246]
MCP tunnels overview [Source]
- Prerequisites updated: a tunnel can now be created via the API or auto-created by the Helm setup hook, not only via the Console; WIF scope renamed to
workspace:manage_tunnels[lines 29, 31]
MCP tunnels quickstart [Source]
mcp-proxyimage digest bumped to match the new build [line 149]
MCP tunnels reference [Source]
- Major rewrite of the "Tunnels API" section: points to the new
/v1/tunnelsbeta API as primary, with the old admin API called out as deprecated with a migration window and explicit migration steps [lines 39-49] - Required scope updated to
workspace:manage_tunnels, required beta header updated tomcp-tunnels-2026-06-22; CA certificate upload path updated to/v1/tunnels/{tunnel_id}/certificates[lines 51, 61, 69] setup init/--tunnel-idflag: now optional — omitting it creates a new tunnel, a previously-stored ID is reused on reruns [lines 97, 100]
MCP tunnels security [Source]
- "Archive over the API" link retargeted from the deprecated admin API to the new beta Tunnels API archive endpoint [line 55]
Troubleshoot MCP tunnels [Source]
- WIF scope in the 403 troubleshooting tip renamed to
workspace:manage_tunnels[line 85]
Computer use tool [Source]
- Claude Sonnet 5 added to models supporting the
computer-use-2025-11-24beta and enhanced actions (e.g. zoom); added to the higher screenshot resolution tier (up to 2576px long edge) [lines 10-13, 297-300, 568-571]
Web fetch tool [Source]
- Claude Sonnet 5 added to the models supporting dynamic filtering in
web_fetch_20260318[lines 6-8]
Web search tool [Source]
- Claude Sonnet 5 added to the models supporting dynamic filtering in
web_search_20260318[lines 6-8]
API reference (all SDKs) — Messages: create, count_tokens, batches [Source]
- New refusal
categoryenum valuemilitary_weapons(alongsidecyber,bio,frontier_llm,reasoning_extraction) - New tool versions
web_search_20260318/web_fetch_20260318addingallowed_callers,defer_loading,use_cache,max_content_tokens, andresponse_inclusion(full/excluded— controls whether nestedserver_tool_use/result blocks are dropped when consumed by a same-turncode_executioncall) - New header
anthropic-user-profile-id(optional) oncount_tokensand batchcreateto attribute requests to a user profile (requires theuser-profilesbeta header)
API reference (all SDKs) — Beta Messages: create, count_tokens, batches [Source]
- New header
anthropic-user-profile-id(optional) on create/count_tokens/batch-create to attribute a request to a user profile, requiring theuser-profilesbeta header; removes the previoususer_profile_idbody field it supersedes - Same new
web_search_20260318/web_fetch_20260318tool versions andmilitary_weaponsrefusal category as the non-beta Messages API
Adaptive thinking [Source]
- Claude Sonnet 5 added as a supported model: adaptive thinking is on by default, manual
{type: "enabled", budget_tokens: N}is rejected with a 400 error, and{type: "disabled"}turns it off; added tomax/xhigheffort levels and to models wherethinking.displaydefaults to"omitted"[lines 11, 28, 79-80, 139-141, 215, 226, 243]
Batch processing [Source]
- New Batch API pricing for Sonnet 5: $1/$5 per MTok through August 31, 2026, then $1.50/$7.50 per MTok from September 1, 2026; added to the
output-300k-2026-03-24beta (300k max_tokens for batch requests) [lines 97-98, 432]
Claude in Amazon Bedrock [Source]
- Sonnet 5 now open to all Bedrock customers (
anthropic.claude-sonnet-5), including via the global (non-regional) endpoint [lines 15, 184, 221]
Claude in Microsoft Foundry [Source]
- Claude Sonnet 5 (preview) added to the Foundry model table with 1M-token context window support [lines 266, 311]
Claude on Amazon Bedrock (legacy) [Source]
- Note added: Sonnet 5 is not available on the legacy ARN-based Bedrock surface — use Claude in Amazon Bedrock or Claude Platform on AWS instead [line 88]
Claude on Google Cloud [Source]
claude-sonnet-5added to the Vertex AI model table and the 1M-token context-window model list [lines 70, 159]
Claude Platform on AWS (API) [Source]
claude-sonnet-5added to the list of models available on Claude Platform on AWS [line 292]
Compaction [Source]
- Claude Sonnet 5 added to the models supporting compaction [line 41]
Context windows [Source]
- Claude Sonnet 5 added to the 1M-token context-window list, context-awareness support (1M budget vs. 200k for Sonnet 4.5/Haiku 4.5), and beta server-side compaction support [lines 37, 108, 120, 142]
Effort [Source]
- Claude Sonnet 5 added as supporting the effort parameter and the
max/xhightiers; new "Recommended effort levels for Claude Sonnet 5" subsection (defaults tohigh) [lines 15, 44-45, 54-63, 131-132] - New note on Sonnet 5's adaptive-thinking/effort interaction: manual thinking unsupported (400 error),
{type:"disabled"}turns thinking off [line 166]
Extended thinking [Source]
- Claude Sonnet 5 added to the model-support table: manual extended thinking not supported (400 error) — use adaptive thinking + effort instead; added to the 128k max-output-token group, the
interleaved-thinking-2025-05-14deprecated/ignored group, and the thinking-behavior comparison table [lines 23, 101, 111, 187, 441, 453-454, 675]
Prompt caching [Source]
- New prompt-caching pricing for Sonnet 5: $2/$2.50/$4/$0.20/$10 per MTok through August 31, 2026, then $3/$3.75/$6/$0.30/$15 per MTok from September 1, 2026; added to the 1,024-token minimum cacheable prompt length group [lines 91-92, 280]
Search results [Source]
claude-sonnet-5added to the models supporting the search results feature [line 18]
Using Agent Skills with the API [Source]
- Corrected the "delete all skill versions" CLI example: replaced a shell loop piping
versions listintoversions deletewith an explicit two-step (list, then delete each version id) [lines 388-397]
Structured outputs [Source]
- Claude Sonnet 5 added to the Claude API, Google Cloud, and Amazon Bedrock general-availability lists for structured outputs [line 16]
Task budgets [Source]
- Claude Sonnet 5 added to the task-budgets model-support table as "Not supported" [line 256]
Token counting [Source]
- New note: Opus 4.7+ models, Fable 5, Mythos 5/Preview, and Sonnet 5 use a newer tokenizer producing ~30% more tokens for the same input text than earlier models — recommends recounting prompts per target model [lines 31, 33]
Vision [Source]
- Claude Sonnet 5 added to the high-resolution image tier (2576px max long edge, 4784 max visual tokens) [line 230]
- Cost-estimate example switched from Sonnet 4.6 to Haiku 4.5 as the standard-tier example [line 246]
Using the Messages API [Source]
- Claude Sonnet 5 added to the models where response prefilling is unsupported (400 error) [line 127]
Intro to Claude [Source]
- Model lineup updated: Claude Sonnet 5 replaces Claude Sonnet 4.6 as the frontier Sonnet-tier model, with a link to the announcement [line 17]
Create an Admin API key [Source]
- Compliance API scope table merges
read:compliance_org_settingsintoread:compliance_org_data: reading org metadata and effective settings now only requiresread:compliance_org_data[line 78]
API and data retention [Source]
- MCP tunnels API endpoint path updated from
/v1/organizations/tunnelsto/v1/tunnels[line 188]
Get access to the Compliance API [Source]
read:compliance_org_settingsscope removed from the scope-selection table;read:compliance_org_datanow also grants read access to effective org settings [lines 77-80]
Handle Compliance API errors [Source]
read:compliance_org_settingsscope retired as of June 30, 2026; the settings endpoint now requiresread:compliance_org_data— existing keys with only the retired scope will fail on every call; fix is to create a new key with the new scope [lines 137-160]
List organizations, users, roles, groups, and settings [Source]
read:compliance_org_settingsscope retired in favor ofread:compliance_org_data[lines 13, 240-247]- New
api_keysarray added to the effective org settings response, listing every Compliance Access Key on the parent org (id,name,scopes,is_active,created_at,expires_at,created_by_id); secret values are never returned, and deactivated/retired-scope keys remain listed for audit [lines 290-300, 310-313]
Usage and Cost API [Source]
- Removed "Priority Tier optimization" as a stated use case of the Usage & Cost API [line 18]
Manage WIF with the Admin API [Source]
- OAuth scope renamed:
org:manage_tunnels→workspace:manage_tunnels[lines 220-221]
Use WIF with Microsoft Entra ID [Source]
- New required step: register a dedicated Entra app registration/service principal as the "Claude API audience" (
api://<APP_ID>) before token exchange will succeed [lines 9-63] - New guidance: managed-identity tokens need up to a 24-hour lifetime, requiring
max_jwt_lifetime_seconds: 86400on the federation issuer (the wizard's default7500is insufficient) [lines 158-163] - New documented App Service/Functions/Container Apps token endpoint (
IDENTITY_ENDPOINT/IDENTITY_HEADER) as an alternative to IMDS [lines 100-105] - Full step-by-step AKS Entra Workload Identity path added (issuer/cluster setup, federated credential, service account annotation, two-hop token exchange); new "If your tokens are v1.0" section on legacy claim differences [lines 250-446, 492-502]
WIF reference [Source]
- OAuth scope renamed to
workspace:manage_tunnels; its granted actions now include create tunnel (previously list/get/certs/reveal/rotate/archive only) [line 132]
Workload Identity Federation [Source]
- Default MCP tunnels rule scope renamed from
org:manage_tunnelstoworkspace:manage_tunnels[line 44]
Workspaces [Source]
- MCP tunnels are now managed with a workspace-scoped
workspace:manage_tunnelsOAuth token instead of the org-scopedorg:manage_tunnels[lines 212-214]
Define your agent [Source]
- New capability: session-level overrides for
model,system,tools,mcp_servers, andskillswithout creating a new agent version [line 27]
Session event stream [Source]
- New "Event deltas" opt-in incremental streaming preview for
agent.message/agent.thinkingvia a newevent_deltas[]query parameter on the events-stream endpoint; new non-persistedevent_start/event_deltaevent types with their own wire format [lines 18, 89-208] - Documented limitations: best-effort/lossy under load, no replay on reconnect, primary-thread-text-only, thinking previews are start-only, deltas never persisted in event history [lines 202-208]
Multi-agent sessions [Source]
- Session-level configuration overrides now apply to the coordinator and its
selfcopies (not roster entries referenced by ID); session-creation overrides can now replace the coordinator's MCP servers [lines 19, 60, 88]
Managed Agents reference [Source]
- New "Event deltas" event-type category added alongside User/Session/Span/Agent/System events [lines 15, 37-40]
Scheduled deployments [Source]
- New webhook events for deployment lifecycle changes and deployment run outcomes; new endpoint
GET /v1/deployment_runs/{deployment_run_id}to retrieve a single run by ID [lines 84, 126] - Unrecoverable session-creation errors (e.g. archived environment or vault), not just
agent_archived_error, now auto-pause the deployment and record a failed run [line 166]
Session operations [Source]
- Clarified: only
toolsandmcp_serverscan be updated on an existing session;model,system,skillsrequire the new session-creation overrides instead [lines 28-29] - New pagination documentation for
GET /v1/sessions:limit,next_page/prev_pagecursors,order(defaultdesc); cursors are order-specific [lines 64-68]
Start a session [Source]
- New "Override agent configuration for a session" feature: pass
agentastype: agent_with_overrideswith anid, optionalversion, and any ofmodel/system/tools/mcp_servers/skillsto override for a single session, with detailed field-clearing semantics [lines 43-77]
Authenticate with vaults [Source]
- New capability:
injection_locationon environment-variable credentials can now be updated/rotated (previously only secret values anddisplay_namewere mutable); updates propagate to running sessions without restart [line 143]
Subscribe to webhooks [Source]
- New webhook event categories: Agent events, Deployment events, Deployment run events, alongside existing Session/Vault events [lines 21-31]