nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Elements API 2026-06-09: New device fields in devices query response

The latest Elements API release adds new fields to the computer device object returned by the Query devices endpoint (GET /devices/v1/devices). These fields provide richer visibility into device security posture, BitLocker encryption status, and policy configuration.

This is an additive, backward-compatible change. Existing integrations continue to work without modification. New fields are populated when reported by the agent on the device and may be absent on older agents or non-applicable platforms.

New top-level fields

Security policy and tamper protection (reported by the Windows agent):

allowUsersToTurnOffSecurityFeatures (boolean): Whether users are allowed to turn off security features on the device
allowUsersToUninstallProduct (boolean): Whether local users are allowed to uninstall the security product
tamperProtectionEnabled (boolean): Whether tamper protection is enabled
uninstallationPasswordSet (boolean): Whether an uninstallation password has been configured
uninstallationPasswordEmpty (boolean): Whether the uninstallation password is empty (not configured or blank)

BitLocker and disk encryption (reported by the Windows agent):

bitlockerOverallProtectionStatus (string): Overall BitLocker protection status (all, some, or none)
bitlockerRecoveryKeysCollectionEnabled (boolean): Whether BitLocker recovery key collection is enabled in the device’s policy
bitlockerRecoveryKeysCollectionSuccess (boolean): Whether the most recent BitLocker recovery key collection completed successfully
diskEncryptionPolicy (string): Disk encryption policy (profile protection setting) applied to the device
policyUseTpm (string): Policy setting for using the Trusted Platform Module (TPM)
policyUseTpmWithStartupPin (string): Policy setting for using TPM with a startup PIN
tpmAvailable (boolean): Whether a TPM chip is available on the device
encryptedDrives (array): List of drives and their BitLocker encryption status (see below)

Device lifecycle (reported by the agent):

lastRestartTime (string, date-time): Date and time of the last device restart (ISO 8601 format)

New fields in `encryptedDrives` items

Each entry in the encryptedDrives array includes:

drive (string): Drive letter designation (for example c:)
driveType (string): Drive type (system, fixed, or removable)
systemDrive (boolean): Whether this is the system drive
encryptionStatus (string): Current status (fully_decrypted, fully_encrypted, encryption_in_progress, decryption_in_progress, encryption_paused, or decryption_paused)
encryptionPercentage (integer): Percentage of the drive that is encrypted (0–100)
encryptionMethod (string): Encryption algorithm and key size (for example xts_aes_256, aes_128, hardware_encryption)
protectionStatus (boolean): Whether BitLocker protection is active on the drive
protectors (array of strings): Key protector types configured (for example tpm, numeric_password, tpm_and_pin)
bitlockerRecoveryKeyId (string): BitLocker recovery key identifier in Windows GUID format
autounlock (boolean): Whether auto-unlock is enabled for this drive
autounlockStored (boolean): Whether an auto-unlock key for another drive is stored on this drive
pinRequested (boolean): Whether a BitLocker PIN has been requested
pinPostponed (boolean): Whether the user has postponed setting a BitLocker PIN

See the full Elements API specification for details: Query devices