Skip to main content
nx1-deployer image v1.11.0
The March 2026 release for non-web portal users introduces several bug fixes and enhancements fixes across the platform, new catalog and metastore API endpoints, and an identity provider feature.

New features

New features recently added to the NexusOne platform.

Catalog and metastore management

New API endpoints for managing the following across NexusOne is now available:
  • Schemas and tables
  • Catalogs
  • DataHub metadata
NexusOne converts the REST API calls into Trino SQL requests and returns the Trino response as an API response. The new API endpoints includes the following:
bash
# Alter table
PATCH /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/{table_name}

# Create schema
POST  /api/metastore/catalogs/{catalog_name}/schema

# Create table
POST  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables

# Delete schema
DELETE  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}

# Delete table
DELETE  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/{table_name}

# Get catalogs details
GET  /api/metastore/catalogs/details

# Get catalog schemas details
GET  /api/metastore/catalogs/{catalog_name}/schemas/details

# Get schema tables details
GET  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/details

# Get table details from Trino
GET  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/{table_name}/details

# Get table metadata from DataHub
GET  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/{table_name}/metadata

# Get table preview
GET  /api/metastore/catalogs/{catalog_name}/schemas/{schema_name}/tables/{table_name}/preview

Identity provider management

Using a single NX1 interface, you can now configure and manage external identity providers, such as:
  • Auth0
  • GitHub
  • Google Workspace
  • Microsoft Entra ID
  • Okta
  • OneLogin by One Identity
  • PingIdentity
  • Other custom OIDCs providers
  • Other custom SAMLs providers
Each identity provider still uses Keycloak as the authoritative configuration store via the Keycloak Admin API. NexusOne doesn’t store any IdP configuration locally. This new feature also comes with the following:
  • New API endpoints via the /api/identity-providers/ path

nx1-ctl SDK and command-line tool

A new Python SDK and command-line tool called nx1-ctl now exists for the Tenant Manager API. It provides both a library for scripting and automation and a terminal interface for day-to-day operations. The nx1-ctl Python SDK and command line tool covers all 68 Tenant Manager endpoints across the following API domains:
  • Cluster management
  • Configuration
  • Health checks
  • Terraform deployments
  • Tenant lifecycle
  • User authentication
  • Version management
  • YuniKorn queue management

PyAirbyte API ingestion

PyAirbyte is a Python-based library that connects to external APIs and SaaS platforms, such as Salesforce or Stripe, and pulls their data into NexusOne. In NexusOne, a new ingestion type that uses PyAirbyte now exists. It pulls data from external APIs and SaaS sources into a NexusOne Iceberg lakehouse. The PyAirbyte API ingestion provides the following features:
  • Uses the existing Airflow DAG ingestion pattern, task.pyspark, that NexusOne supports, with PyAirbyte acting as the source connector.
  • Transforms ingested data into a format NexusOne can use. Specifically, from pandas DataFrames into Spark DataFrames, and lastly into Iceberg tables.
  • Remembers what data it already fetched using _sync_state tables, so next time it only pulls new or changed data.
  • Uses Airbyte-defined primary keys to merge new data with existing ones.
  • Supports 38 pre-installed connectors, such as:
    • Analytics: Amplitude, Mixpanel, Google Analytics
    • Communication: Twilio
    • Customer Relationship Management Support: Salesforce, Zendesk, HubSpot, Intercom, Freshdesk
    • E-commerce: Shopify
    • Engineering: Jira, GitHub, GitLab, PagerDuty, Sentry, Datadog
    • Finance: Stripe, Chargebee, Braintree, QuickBooks, Xero, NetSuite
    • HR: BambooHR, Greenhouse
    • Identity: Okta
    • Marketing: Facebook Ads, Google Ads, LinkedIn Ads, TikTok, Klaviyo, Mailchimp
    • Productivity: Google Sheets, Slack, Notion
    • Storage: S3, Google Drive, Microsoft SharePoint
    • Surveys: Typeform, SurveyMonkey

Tenant manager and YuniKorn integration

YuniKorn is a Kubernetes resource scheduler that manages compute resources for workloads, such as Apache Spark. These workloads run inside pods across a multi-tenant environment. With the new Tenant manager and YuniKorn integration, you can now manage YuniKorn queues entirely through the NexusOne Tenant Manager. Specifically, you can create, adjust, or remove queue hierarchies, which are the top-level structures for organizing workloads. Within these hierarchies, you can also add, remove, or tune user-managed subqueues. System-reserved subqueues remain protected. All of these integrations replace the previous manual process of editing YAML files and deploying them as ConfigMaps via Helm charts

Bug fixes

  • Corrected the default catalog location for Gravitino shared catalogs. Gravitino was previously shared with a default warehouse used by other NexusOne apps; it now has its own warehouse.
  • Downgraded the Kafka client library in the Spark image to restore compatibility with the current broker version.
  • Fixed Gravitino metrics endpoint configuration.
  • Fixed Vault encryption failure on struct-type columns in Spark. Struct columns are now cast to JSON before applying string encryption.
  • Fixed credential vending flow bug for Trino.
  • Fixed multiple SDK bugs across data mirroring, data engineering, jobs, files, data products, apps, and metastore commands.
  • Resolved failures during Trino catalog provisioning.
  • Resolved shared catalog creation failure caused by a missing AWS region.
  • Synchronized Python package versions between the Spark and Jupyter Docker images.

Enhancements

Enhancements to existing app features on the NexusOne platform. It includes the following:
  • Configured Airflow to load DAGs directly from an S3 bucket instead of a mounted volume.
  • Introduced audit logging support so you can use external observability tools, such as Prometheus to expose dashboards of user activity on the NexusOne platform.
  • Migrated the IAM sub-features used in the Govern feature on the NexusOne client portal from a legacy custom implementation to a shared @nexuscognitive/nx1-keycloak TypeScript package. Because the package is a shared asset between the Portal and NexusOne Tenant Manager, there’s no longer a need to rewrite the same code in the two apps.
  • Migrated all sensitive credentials from environment variables and config maps to Kubernetes Secrets.

Upgrades

Version upgrades to existing apps on the NexusOne platform. It includes the following:
  • Upgraded DataHub to v1.4.0.1
  • Upgraded Keycloak to v26.5.2