From b48954545f1a3a3a80f7f265536ee302b01d7d6b Mon Sep 17 00:00:00 2001
From: Mohamed Ezzamouri <mohamed.ezzamouri@eset.nl>
Date: Wed, 7 Jan 2026 21:07:51 +0100
Subject: [PATCH 1/2] eset_protect: remove client_id/secret entries from OAuth
 password grant config

---
 packages/eset_protect/changelog.yml                    | 10 ++++++++++
 .../data_stream/detection/agent/stream/cel.yml.hbs     |  3 ---
 .../data_stream/device_task/agent/stream/cel.yml.hbs   |  3 ---
 packages/eset_protect/manifest.yml                     |  2 +-
 4 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/packages/eset_protect/changelog.yml b/packages/eset_protect/changelog.yml
index c942591b85e..2daeef525d3 100644
--- a/packages/eset_protect/changelog.yml
+++ b/packages/eset_protect/changelog.yml
@@ -1,4 +1,14 @@
 # newer versions go on top
+- version: "1.12.0"
+  changes:
+    - description: "Remove deprecated OAuth2 client_id/client_secret fields from the cel and device_task data streams"
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/16897
+- version: "1.11.3"
+  changes:
+    - description: "Fix batch_size default/max to match the ESET API page_size limit (1000)."
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/16896
 - version: "1.11.2"
   changes:
     - description: "Fix `404 Not Found` responses caused by a stale cached `response-id` header by correctly clearing `cursor` on API errors."
diff --git a/packages/eset_protect/data_stream/detection/agent/stream/cel.yml.hbs b/packages/eset_protect/data_stream/detection/agent/stream/cel.yml.hbs
index e1184e9e2ff..1134a7c2f4f 100644
--- a/packages/eset_protect/data_stream/detection/agent/stream/cel.yml.hbs
+++ b/packages/eset_protect/data_stream/detection/agent/stream/cel.yml.hbs
@@ -15,9 +15,6 @@ resource.timeout: {{http_client_timeout}}
 {{/if}}
 resource.url: https://{{region}}.incident-management.eset.systems
 auth.oauth2:
-  client.id: ' '
-  client.secret: ' '
-  # Client Credentials are required in the password grant type due to an oversight in the token authentication logic. This issue is set to be resolved in version 8.14.0.
   user: {{escape_string username}}
   password: {{escape_string password}}
   token_url: https://{{region}}.business-account.iam.eset.systems/oauth/token
diff --git a/packages/eset_protect/data_stream/device_task/agent/stream/cel.yml.hbs b/packages/eset_protect/data_stream/device_task/agent/stream/cel.yml.hbs
index 7ddd4635496..ca32ad8f35e 100644
--- a/packages/eset_protect/data_stream/device_task/agent/stream/cel.yml.hbs
+++ b/packages/eset_protect/data_stream/device_task/agent/stream/cel.yml.hbs
@@ -15,9 +15,6 @@ resource.timeout: {{http_client_timeout}}
 {{/if}}
 resource.url: https://{{region}}.automation.eset.systems
 auth.oauth2:
-  client.id: ' '
-  client.secret: ' '
-  # Client Credentials are required in the password grant type due to an oversight in the token authentication logic. This issue is set to be resolved in version 8.14.0.
   user: {{escape_string username}}
   password: {{escape_string password}}
   token_url: https://{{region}}.business-account.iam.eset.systems/oauth/token
diff --git a/packages/eset_protect/manifest.yml b/packages/eset_protect/manifest.yml
index 88cb6d7f33b..144f242c009 100644
--- a/packages/eset_protect/manifest.yml
+++ b/packages/eset_protect/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.3.2
 name: eset_protect
 title: ESET PROTECT
-version: "1.11.2"
+version: "1.12.0"
 description: Collect logs from ESET PROTECT with Elastic Agent.
 type: integration
 categories:

From beb9945b9ae4747ddb692c0039352c908a384136 Mon Sep 17 00:00:00 2001
From: Mohamed Ezzamouri <mohamed.ezzamouri@eset.nl>
Date: Fri, 16 Jan 2026 11:26:18 +0100
Subject: [PATCH 2/2] Remove entry from previous PR

---
 packages/eset_protect/changelog.yml | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/packages/eset_protect/changelog.yml b/packages/eset_protect/changelog.yml
index 2daeef525d3..18a9ac99b83 100644
--- a/packages/eset_protect/changelog.yml
+++ b/packages/eset_protect/changelog.yml
@@ -1,14 +1,9 @@
 # newer versions go on top
 - version: "1.12.0"
   changes:
-    - description: "Remove deprecated OAuth2 client_id/client_secret fields from the cel and device_task data streams"
+    - description: "Remove deprecated OAuth2 client_id/client_secret fields from the detection and device_task data streams."
       type: enhancement
       link: https://github.com/elastic/integrations/pull/16897
-- version: "1.11.3"
-  changes:
-    - description: "Fix batch_size default/max to match the ESET API page_size limit (1000)."
-      type: bugfix
-      link: https://github.com/elastic/integrations/pull/16896
 - version: "1.11.2"
   changes:
     - description: "Fix `404 Not Found` responses caused by a stale cached `response-id` header by correctly clearing `cursor` on API errors."