Skip to main content
The Apinizer platform was developed with important updates and new features in 2023. All changes made during this year are listed below.

Version 2023.08.1

Release Date: July 28, 2023
Due to the change specified in this version, the following command must be executed in the database during update:For MongoDB v6.0 and later:mongosh “mongodb://MONGOIPADDRESS:25080/apinizerdb” —eval ‘db.getSiblingDB(“admin”).auth(“apinizer”, “MONGODBPASSWORD”); db.getSiblingDB(“apinizerdb”).apinizer_log.drop();’For MongoDB before v6.0:mongo “mongodb://MONGOIPADDRESS:25080/apinizerdb” —eval ‘db.getSiblingDB(“admin”).auth(“apinizer”, “MONGODBPASSWORD”); db.getSiblingDB(“apinizerdb”).apinizer_log.drop();’
Due to the change specified in this version, the following entry must be added to cache deployment during update:
  • name: CACHE_SERVICE_NAME value: cache-http-service.ENVIRONMENTNAME.svc.cluster.local
IMPORTANT CHANGES AND IMPROVEMENTS
  • The ability to set the initial value of Worker’s log level with environment variable has been enabled. Additionally, with this issue, the 1-hour time to live value for application logs stored on MongoDB has been removed, making them unlimited.
  • Creation of JWK from Public Key, Secret Key, and Certificate has been enabled.
  • Improvements have been made on all tasks working within the scope of API Integrator; Enable/disable tasks field has been added, a button to add default parameter value to syntax field of loop-type tasks has been added, variable addition list has been improved, and Output Key field has been added.
  • Connection Settings and Log Settings options working on Routing basis have been added to the API Proxy Template screen.
  • Daily reset of Quota policy has been enabled to be according to local time zone instead of UTC.
  • Anomaly Detector’s working logic has been updated and the screen’s user experience has been improved.
  • Testing of Database and LDAP connection definitions based on environment has been enabled.
  • For API Proxy, API Proxy Group, and Project basis, uniqueness validation of relative path has been removed, and it has been enabled to be unique based on environment.
  • User experience of Gateway Environment screens has been improved.
  • Backend API version metadata field has been added to API Proxy, and this information is displayed in Deployment History.
  • The ability to customize connection pool settings from the routing section of API Proxy has been enabled.
  • All report screens have been gathered under the Reports menu.
BUG FIXES APNZ-3355 : Error is thrown when Basic Authentication policy is added on API Proxy Template in the project. APNZ-3551 : Errors are received during task addition in API Integration; User is not selected from another page in Notification task, not saved, and task execution type is not found, Tasks can be added without entering required fields, Another task cannot be added after one task is added. APNZ-3563 : Connection error is received when Db2Api created with database connection created through Key-Value pair is tested. APNZ-3589 : Form for JWK settings in credential is working incorrectly. APNZ-3593 : Jobs belonging to Alert, Uptime Monitor, Anomaly Detector, and API Integrator are not listed on the Scheduled Jobs page. APNZ-3594 : Required field check is not working in entries in the Memory tab of API Call policy. APNZ-3612 : Proxy Client Id and Client Secret values on the API Proxy update screen are not being updated. APNZ-3618 : Host Alias values can be entered empty in the Gateway Environment screen. APNZ-3621 : Connection error is given when database backup is defined as a scheduled task. APNZ-3622 : Requests continue to go to Kafka even though Kafka connection is manually closed. APNZ-3623 : Error messages are not visible in log results containing errors in Uptime Monitor. APNZ-3624 : Scheduling for database backup cannot be deleted. APNZ-3625 : When advanced filtering is done on the API Proxy Traffic screen, results for header and parameter fields are not working completely. APNZ-3637 : Even though a request is sent to Mock API through a single header value, when the request’s log is examined, this value is seen as double. APNZ-3647 : Uptime Monitor can receive TLS error with code 525 while running as scheduled. APNZ-3648 : Database-type task in API Integrator throws an error. APNZ-3657 : Problems are encountered when data coming in url parameter with application/x-www-form-urlencoded is wanted to be manipulated and forwarded to the backend. APNZ-3658 : When the specified Cache capacity is exceeded, wrong data from cached data is removed from cache according to FIFO principle instead of FILO. APNZ-3663 : Today filtering on the API Proxy Traffic screen lists logs from 03:00 onwards. APNZ-3666 : Imported Uptime Monitor throws an error. APNZ-3673 : Key value comes as null in insert operations made with variable of Form Data type in various policies. APNZ-3685 : In the Gateway Environment screen, if project/projects are selected once, when all are removed again, the environment does not become active in all projects. APNZ-3687 : Error is received when a request is sent with API Call task to an API that is of loop execution type and Db2Api type in the API Integrator module. APNZ-3689 : When quota is given to credential and limit is reached, JWT token acquisition is also blocked. APNZ-3694 : Error related to Sensitive Data Management setting is received when API Proxy is being deployed. APNZ-3695 : Even though Kafka, Rabbit, etc. are open in General settings, these fields are not visible in Api Proxy Log Settings. APNZ-3716 : Problems are experienced when a field coming from API Call policy is wanted to be added to the original message. APNZ-3725 : Error is received when 2 authentication policies are used on an API Proxy, if the first policy is disabled. APNZ-3726 : If HTTP Get method makes a request with x-www-formurlencoded data, it is not visible in the log. APNZ-3728 : When form data is sent in API Call policy with data manipulation, the first sent request is cached. APNZ-3739 : Numbers change in charts on the Overview screen but charts do not change. APNZ-3747 : Variable is created with the same key value based on environment in Key Value pair. APNZ-3748 : Cron value cannot be entered manually in Scheduled Jobs. APNZ-3769 : In REST-to-SOAP transformation, if Body field is also included in the transformation, Body field’s namespace is not added to XML.

Version 2023.06.1

Release Date: June 7, 2023 NEW FEATURE

  • Manual Kubernetes Management

By default, definition and management of Gateway and Cache servers on Kubernetes was being done through Apinizer. With this version, the ability to manually manage existing Kubernetes clusters has been enabled by only making relevant metadata definitions. Thus, the requirement for Kubernetes environments to be managed through Apinizer management console has been made optional.

  • Personal API Access Token Creation

Personal API Access Token is token information used to authenticate the user’s identity instead of password in the process of accessing Apinizer Management API. It is produced specifically for the user by the user logging into the management console.

  • Restoring API Proxy According to Deployment History

API Proxy can be restored to its previous revision (deployed state) through API Proxy deployment history. IMPORTANT CHANGES AND IMPROVEMENTS
  • User experience of date filtering fields in screens where job results are displayed has been improved.
  • User experience of General Settings screen has been improved.
  • With the save and update method added to ApiOps for API Proxy, registration addition if API Proxy does not exist, update if it exists has been enabled.
  • In ApiOps API, in API Proxy save/update operations, if it exists in the request message, deployment after registration operation and ability to set routing information in settings operation have been enabled.
BUG FIXES APNZ-3434 : When Environment information is updated, pod statuses are not updated. APNZ-3602 : When API Proxy is deleted, all monitor information connected to it is deleted, but if there are scheduled jobs, they are not unscheduled. APNZ-3608 : When a request is made to API Proxy created with DB2API, error message for database connection does not appear correctly. APNZ-3636 : In the Routing tab on the API Proxy screen, if there are multiple Routing addresses, the first address is always written instead of the last address gone to in API Traffic logs.

Version 2023.05.1

Release Date: May 18, 2023
Since the encryption method of sensitive data stored in the database has been upgraded in this version, it is strongly recommended to back up the database before performing the update.
NEW FEATURE

  • Defining SNMP Connection Configuration

SNMP connection definitions can be made to enable sending data to monitoring tools supporting SNMP protocol through Apinizer.

  • Creating Action with SNMP

Sending data in actions created using SNMP Connection definitions to monitoring systems is enabled.

  • Completely Disabling Elasticsearch Logging

Apinizer manages the logging process with Elasticsearch by default and performs all its queries on Elasticsearch for analytical operations on the Manager console. If desired, this feature can be disabled. When disabled, it should be noted that the analytics module, some policies, and monitoring features will be unavailable.

  • Transferring Logs to Another System with Kafka Integration

By default, elements of messages coming to and going from API Proxy are stored on Elasticsearch. By making Kafka Integration, transfer of messages to a different application through the queue system can be performed.

  • mTLS Authentication Policy

mTLS Authentication (Mutual Transport Layer Security Authentication) Policy is one of the authentication methods performed on the Apinizer side. This method is a type of TLS protocol used to create a secure channel between client and server. When mTLS Authentication is used, Apinizer checks the validity of the client’s certificate in incoming requests and ensures that a trusted certificate authority (CA) is used to ensure it comes from a specific certificate authority.

  • Applying mTLS Setting to Request

mTLS configuration can be activated through Routing settings. Thus, the Apinizer client that will send from Apinizer to the target service verifies the target service’s certificate and indicates that it also has a certificate and needs to be verified by the target service. The target service also verifies the client’s certificate, and thus secure communication is established with the client.

  • Applying mTLS Setting to Credential

If it is desired for the certificate to be verified with mTLS Authentication Policy of Credential, certificate upload for Credential can be performed.

  • Log Settings Based on API Proxy Group

Settings can be made for whether message information coming to and going from API Proxies added to API Proxy Group will be logged in Elasticsearch database according to message elements (header, parameter, body) or transfer logs to a defined system (Syslog, Webhook, RabbitMQ, Kafka). IMPORTANT CHANGES AND IMPROVEMENTS
  • For API Call policy’s cache feature to work, instead of whether there is a header named Cache-Control in the request coming to Api Proxy, it has been enabled to look at the header named Cache-Control at the moment the request arrives at API Call Policy in the request line.
  • Export option has been added to the menu in screens where Global policies are listed.
  • Definitions within Decryption, Encryption, and Digital Signing policies have been made editable.
  • Information about which project it is in has been added to the list of API Proxy EKL and API Proxy Group EKL information.
  • Creation of Query, Filter, and Report Generator based on application has been enabled.
  • API Proxies and Overview screen in the Analytics menu (based on application) have been merged on the Overview page.
  • Importing or Exporting IP Group Values
  • Search filters according to Object name and Keyword information have been added to the Audit Records screen.
  • Search operation in project dialog has been improved.
  • Importing or Exporting Credential
  • Importing or Exporting Database Connection Definitions
  • Filtering options and table reading in the detail screen belonging to API Integration section have been improved.
  • JOSE Validation and JOSE Implementation policies have been enabled to be added to both request and response lines.
  • Authorization fields have been added inside JOSE Validation policy added to the request line.
  • Warning icon has been enabled to come if a policy in API Proxy Group will not be applied to API proxy.
  • Fields have been added to DB2API method creation settings to optimize when processing JSON data.
  • Display of Keypair or Keypair Set information produced with JWK has been arranged clearly.
  • Encryption algorithm of sensitive data stored in the database has been upgraded.
  • A new option (Status Code List) has been added to the Error Handling Type feature in connection settings belonging to Routing.
  • Management of log transfer for requests not coming to API Proxy in traffic log exports has been enabled from general settings.
BUG FIXES APNZ-3360 : When entering the detail of a record and returning on the Audit Records page, filters are cleared. APNZ-3365 : Problems are encountered when filtering is done according to advanced search fields on the API Proxy page. APNZ-3366 : Relative path information based on project is not added to imported API Proxy. APNZ-3386 : When the project’s General Settings page is clicked, the screen opens in a very long time. APNZ-3387 : On the Anomaly Detector screen, detail of the record with error cannot be accessed. APNZ-3304 : Snapshot Settings page contains screen errors. APNZ-3415 : When a log record is created for one of different API Proxies with a method containing ”/” within API Proxy Group, it is also displayed in the other API Proxy. APNZ-3417 : If uppercase is given to relative path value in API Proxy Group, path cannot be found. APNZ-3445 : When Apply by value in Cache tab of API Call policy is empty, the policy does not work. APNZ-3468 : Validation cannot be done with LDAP in JWT Policy. APNZ-3494 : Role information of Issuer cannot be retrieved when Authorization is enabled in JOSE Validation policy. APNZ-3502 : Error messages are not visible in JOSE Validation policy. APNZ-3504 : Credentials with the same name can be created. APNZ-3518 : Monitor tab on Kubernetes Resources page does not provide correct data. APNZ-3519 : Problems are encountered in OpenAPI documentation. APNZ-3524 : Problems are experienced in operations made on Manager settings on Kubernetes Resources page. APNZ-3532 : SSL-type notification does not work according to control value. APNZ-3538 : Error is thrown when Rest2SOAP type API Proxy is being saved. APNZ-3540 : Method/endpoint cannot be disabled from API Proxy page. APNZ-3549 : In the stage of finding the data type of requests, the data type of file-type data is not understood. APNZ-3555 : Error is given when Decrypt By Issuer/Credential’s JWK option is active in JOSE Validation policy. APNZ-3584 : API Proxy cannot be created or updated from DB2API containing out parameter through MySQL connection. APNZ-3588 : Database connection configurations cannot be deleted. APNZ-3593 : Jobs belonging to Alert, Uptime Monitor, Anomaly Detector, and API Integrator cannot be listed on the Scheduled Jobs page.

Version 2023.03.1

Release Date: March 14, 2023 NEW FEATURE

  • JSON Web Keypair Set (JWK) Creation

JWK holds public key or keypair information in JSON format. Keys, key sets, keypairs, or keypair sets can be created in 4 different types (RSA, EC, OCT, OKP) with 4 different methods (convert from key store, get from URL connection, paste from clipboard, generate). While these key definitions are used for validation or signing operations on message content in requests with JOSE policies, they are used for decryption or encryption of content in the response line.

  • JOSE Validation Policy

JOSE (Javascript Object Signing and Encryption) is a solution used to facilitate secure transfer of “claim” or generally JSON data between any two parties. With JOSE Validation Policy, signature validation of signed data and decryption of encrypted data are performed.

  • JOSE Implementation Policy

JOSE (Javascript Object Signing and Encryption) is a solution used to facilitate secure transfer of “claim” or generally JSON data between any two parties. With JOSE Implementation Policy, signing and encryption operations of data are performed.

  • Elasticsearch Configuration

If logging is desired to be written to Elasticsearch by an external system rather than directly through Apinizer, Elasticsearch can be switched to read-only mode. In this case, writing of message logs coming to and going from API Proxy to Elasticsearch cluster is stopped on Apinizer and only reading logs is actively performed. Thus, query operations run by analytics screens continue.

  • Transferring Logs with Webhook Integration

By default, elements of messages coming to and going from API Proxy are stored on Elasticsearch. By making Webhook Integration, logging of messages can be transferred to a different application.

  • Transferring Logs to Another System with RabbitMQ Integration

By default, elements of messages coming to and going from API Proxy are stored on Elasticsearch. By making RabbitMQ Integration, transfer of messages to a different application through the queue system can be performed.

  • Creating Alarm for System Information

In real-time systems, catching situations related to system resource usage before they turn into problems is an important requirement to prevent application performance from decreasing. Thus, solutions are produced for possible problems, preventing their occurrence. Alarm enables monitoring of Kubernetes modules and Elasticsearch clusters where the Apinizer Platform is located according to predefined trigger types. If the given threshold value is exceeded, a notification is created on the application.

  • Creating a New Action Type: Notification

When creating Anomaly Detector, Uptime Monitor, API Integrator, or Alarm, a new action called notification creation action can be added to process the result at the end of the timer. Thus, whenever each job definition runs, notifications are sent to all users or users who want to receive notifications. Users can manage their notifications from the application’s interface.

  • Managing Notifications

Notifications are created on Apinizer as a result of 3 different situations; notifications showing action results, Account/Developer creation requests, and API Product subscription requests. All notifications can be viewed from the icon in the application’s header section, and notification management can be done by clicking on the relevant notification category.

  • Creating Connection Definition from MongoDB

MongoDB has been added as a new type to database connection configurations.

  • Creating DB-2-API Find Method with MongoDB

When creating endpoints from database with Db-2-API in the API Creator module, endpoints can be added by writing find query with MongoDB configuration.

  • Controlling All API Proxy Log Settings Based on Project or Application

Previously, settings were made on 3 different bases as Project, API Proxy Group, and API Proxy for which message elements’ log records would be taken in which region. To improve the usability and manageability of log settings, it has been reduced to only API Proxy basis. There are 3 different screens to enable or disable log settings; they can be set from each API Proxy’s own page, or multiple API Proxy log settings can be made through the Log Settings screen found based on Project and application.

  • Defining Pod Probes from Kubernetes Resources Screen

Kubernetes uses Probes to know when containers will be restarted, ready, and started. Basically, Probes check the health of containers and ensure that unresponsive applications are restarted. Definition of Pods’ Probes has been enabled through Apinizer. IMPORTANT CHANGES AND IMPROVEMENTS
  • User experience of appearance and action creation dialogs in Actions dialog has been improved.
  • When API Proxy is created through Spec Design, it has been enabled to continue design from the created spec definition.
  • Addition operation has been added to the original message data editing operation of body in API Call policy.
  • Filter to search API Proxy list according to loading status has been added.
  • Refresh button has been added to the table showing pod statuses on Kubernetes Resources screen.
  • Features to copy query as cURL and export as excel have been added to API Proxy Traffic screen.
  • Features to edit query and filter and copy query as cURL have been added to Report Generator screen.
  • Storage of JWT tokens has been made independent of the database.
  • Certificate, Key, and Key Store screens have been enabled to be managed based on project as well.
  • IP information in Manager Console logins for Audit record has been enabled to be retrieved from X-Forwarded-For field.
  • Control to add at least 2 addresses for Circuit Breaker to appear in API Proxy’s Routing tab has been removed.
  • Fields for time information (Total Time, API Proxy Time, Backend Time) in Report Creation and Query screens have been revised.
  • Connection configuration screens for databases have been merged.
  • Log Settings tab has been added to API Proxy screen, separating all log settings from Settings tab.
  • Management of Uptime Monitor and Anomaly Detector definitions based on application has been enabled.
  • Required credentials to be entered in Database connections have been made optional to support connections that do not require credentials.
  • Selection of password field in Plain-Text Authentication Policy has been made optional. Thus, services can be authorized using only API Key.
  • In Authorization policy, only roles can be retrieved without performing role control.
  • In JWT, OAuth2, and JOSE Validation policies, if Identity/Authorization Validation Service is selected, the ability to add roles in this service to the request header has been enabled.
  • Sensitive Data Management, Syslog Integration screen has been moved to Log Settings menu.
  • KPS Setting and ProCrypt screen have been moved to System Settings menu.
  • API Proxy Report has been moved to Analytics menu.
  • ACL Report screen has been moved to Identity Management menu. The screen that previously worked based on application has also been added to the project menu.
  • API Proxies screen in Analytics menu has been removed, and table data here has been merged with table data in list mode of API Proxy Report screen.
  • JWK Setting tab has been added to Credential screen, enabling selection of JWK to be used for JOSE policies.
  • Support for OpenAPI 3.0.3 version has been enabled.
BUG FIXES APNZ-2958 : Even though schedule works on Report Generator, Anomaly Detection, and Uptime Monitor screens, no report data is created. APNZ-3247 : Filtering with X-Forwarded-For field with advanced search on API Proxy Traffic screen does not work. APNZ-3308 : When multiple API Call policies are added to API Proxy and Data Manipulation is done, it also affects other API Call policies. APNZ-3344 : In JWT and OAuth2 policies, when Grant Type value is selected as Password, Identity Service Security Manager does not come selected by default. APNZ-3345 : Import operations contain errors. APNZ-3353 : Logs of requests sent to endpoints with only content-type (content-type) empty response in Mock API do not appear in API Traffic. APNZ-3354 : Problems are experienced when creating a new API Integration module through Kubernetes Resources. APNZ-3363 : After API Proxy Group deletion operation is cancelled, deletion operation cannot be performed again. APNZ-3364 : Host aliases belonging to environment cause errors in every republish operation. APNZ-3383 : Search for “starts with” and “ends with” options in query creation screen does not work. APNZ-3392 : When defining parameters for method for Db-2-API, parameter names containing each other cause the query not to work. APNZ-3393 : Quota applied to API Proxy can stress the cache when data size grows. APNZ-3395 : When a new query is applied to records whose pagination is changed on API Proxy Traffic, it does not work synchronously. APNZ-3398 : Log record on API Proxy Traffic screen does not open even though it is smaller than 500kb. APNZ-3401 : Kubernetes Resources page experiences problems if there are excessive resources. APNZ-3410 : Another API Proxy or API Proxy Group containing the same relative path value can be created. APNZ-3411 : In API Proxy Group ACL screen, changes in identity editing operation are reflected after page refresh. APNZ-3415 : When a log record is created for one of different API Proxies with a method containing ”/” within API Proxy Group, it is also displayed in the other. APNZ-3416 : XSD processing error is received in definition files referencing local address of schemaLocation information in WSDL address. APNZ-3419 : When parameterized query with Db-2-API is converted to parameterless, it cannot be saved. APNZ-3438 : Error is received when wanting to go to Tracing log detail of Rest2SOAP type API Proxy. APNZ-3441 : Audit record is not created for operations performed in bulk. APNZ-3449 : Even if method is found in SOAP methods, iterating other methods leads to finding wrong method in methods with the same request body. APNZ-3450 : Unexpected characters like spaces in query parameters in Db-2-API are not URL decoded. APNZ-3466 : API Proxy or API Proxy Group with the same relative path value should not be created. APNZ-3490 : Errors are received in save and cancel operations in Rest 2 Soap Transformation policies.