Skip to main content
Release Notes

HelpSpot 5.6.22

Ian Landsman / / 1 min read

Breaking Changes

  • All active sessions will be invalidated: Session data is now encrypted using APP_KEY. All users will be logged out on deploy.
  • GET query parameter API authentication removed: The private API no longer accepts username and password via GET query parameters. Integrations using ?username=...&password=... must switch to Basic Auth or bearer tokens.
  • @if syntax in email/note templates removed: Templates using @if blocks must be updated to remove them.

Improvements

  • Add API rate limiting — Adds centralized rate limiting across all public-facing endpoints: general API (120/min per IP), private API auth failures (10/min), public API portal login (10/min), and portal form login (10/min). All limits are configurable via env vars. Successful authentication clears the counter.
  • Add AI meta fields as filter columns — Out of Office Detected and Auto Categorized are now available as displayable filter columns and filterable conditions in filters, automation rules, and triggers.

Dependencies and Bug Fixes

  • General dependency bumps for security and stability.
  • Made several other security enhancements
Back to all posts
INSTANT SETUP

Your inbox is waiting
to be tamed.

Join the teams who switched from chaos to HelpSpot's essential order. Download on-premise or start in the cloud today.

START 21-DAY FREE TRIAL WATCH PRODUCT TOUR
NO CREDIT CARD REQUIRED
UNLIMITED TICKETS
90-DAY GUARANTEE
We're Hiring