Date of version: June 1, 2022

This document contains Important Enhancements, Modifications and Bug Fixes for version 2022.06.1.

New Features

Elasticsearch Snapshot Settings (Backup Settings)

A snapshot, that is, a backup, of the indexes in the defined Elasticsearch Cluster can be made automatically at the specified time interval. When this setting is configured, Snapshot Lifecycle Management (SLM) policy is defined over the cluster. Therefore, backup settings can be managed in the cluster without the need for another extension, and historical information including the result information of the backups can be monitored. Snapshot retrieval can be started manually at any time. For detailed information and usage, see Elasticsearch Snapshot Settings.

Customizing API Portal Settings/Pages

General settings (logo, title) and content of pages or some areas (How It Works, FAQ, Login, Register) on API Developer Portal can be customized optionally. In this way, the Portal Administrator can customize the content that clients will use. Thus, content management can be done according to market dynamics and needs.

Important Enhancements and Modifications

  • By adding Token Settings to the Credential page, authentication settings can also be managed on the basis of Credentials. See.
  • "Enable Download" field and "Use Base64 Encoded Text/Byte Array For Compressed Response (by Accept-Encoding value))" option has been added to the method/endpoint editing dialog in API Proxy to manage the processing to the response content. See.
  • Added search filter by Routing Address on API Proxy screen. See.

  • The level of the log4j setting on API Proxy basis has been changed. See.

  • Screen improvements have been made for easy use of the Authentication Policies. See1. See2. See3. See4.

  • Improved the display of the example body retrieved from the API Definition Document via the Test Console.

  • The appearance of all tabs in the Request and Original Message sections of the API Call Policy has been adjusted. Improved handling of Body parts. See.

  • Cache settings are brought to the Request section of the API Call Policy, and the result of the request is brought from the cache according to the selected variable. See.
  • When the API Proxy is in Trace mode, the information of the API Call policy is logged.

  • In API Proxy, new variable definitions were introduced that limit the characters of the error message or the response message returned from the API with the XML/JSON Error Response Template. See.

  • Improved display of deployment information on API Proxy and API Proxy Group screens. See.
  • By setting the "Apply by" value to the API Based Quota and API Based Throttling screens, these policies are enabled to work over a certain variable. See1. See2.
  • "Context Value" type and its values and "Form" option for Parameter type have been added to the Variables screen. See1. See2.
  • Added new key concepts to the Gateway Environment settings to configure settings for multi-part HTTP requests for file uploads. See.
  • Refreshed the appearance of members and roles on the Projects page. See.
  • Improved display of error messages for XML Transformer and JSON Transformer screens.

  • Improved the display of error messages on the LDAP connection definition and LDAP Identity Provider screens.

  • Quick search feature has been added to the endpoints/methods section of the Development tab of API Proxy. See.

  • Added the option to filter by "Correlation ID" on the logs of the Gateway Engine on the Application Logs screen. See.
  • Username or Key information is displayed on the Token Requests screen. API Proxy, Username or Key and Status Code Bigger Than fields have been added to the filtering options. See.
  • Added new methods for accessing Swagger and OpenAPI definition files via deployment address information. See.
  • The API Definition Document of API Proxy Group and its user-interface display features have been added.
  • On the screen where SOAP2Rest Transformation is configured, the Response Message created according to the settings can be displayed.

  • Keystore file types that will be used for HTTPs termination in the environment settings are also allowed for files of PKCS12 type and PFX extension. See.

  • Added configurations on the Key Stores screen have been edited. See.

  • To manage "isByteArrayContent" values, Byte Array Content Types page has been added to the Predefined Variables menu. See.
  • Required options for API Proxy Group and API Call have been added on the Cache Monitoring screen. See.
  • Authentication information has been added to API Specification information in Swagger and Open API format.
  • When the API Proxy is parsed, name and description information is now fetched from the original API Proxy.
  • Through the selected API Proxy Group page, it is possible to view the endpoints of all APIs in the Swagger interface.
  • It was possible to create API Product with API Proxy Group.
  • If the Apply to API Proxies property of the API Proxy Group settings is activated, it will be possible to manage the settings (CORS, Log Settings, XML/JSON Error Response Template, Forwarded IP Header Parameter ve Log Settings) from the API Proxy Group screen, which will be applied to all API Proxies in it.
  • If API Proxy is added as API Proxy Group, it is provided that it is listed in the deployment information of the API Proxy Group in addition to the relevant API Proxy deployment information.
  • Added selection on which Kubernetes worker server that environment will run on when creating Gateway Instance.
  • The ability to add more than one example response to an endpoint while editing the Mock API definition has been improved.
  • Added API Security role to manage project-based and Identity Management section.
  • Lists showing API Traffic logs and dialog areas where log details are displayed have been added. Added method name to filtering criteria.

  • "Signature Digest Algorithm, Use Single Certificate" fields have been added to the Signature section of the WS-Security to Target policy, and "Key Identifier Type, Custom Identifier Type, Custom Identifier Type Value Type" fields have been added to the Encryption section.
  • The "Log Key" field has been edited to make the deleted Elasticsearch Cluster definition available in another cluster with ILM Policy and Template information. Apart from that, when the boxes showing the ILM and Template statuses on the screen where the clusters are listed are clicked, the relevant ILM or Template status can be updated.
  • Only locally created API Based Quota and Backend API Authentication policies can be created on a global basis via the Global Polices menu.

  • MongoDb collections selected while backing up can be excluded. Thus, the size of the backup file can be controlled by ensuring that the records kept for the log are not included in the backup file.
  • Added 2 operations for generating JWT information on the Environment Settings page; Regenerating and uploading the token and getting the private key information from the file and generating and installing the token.

  • "SOAP Action" field has been added to the WSA setting that can be updated on a method basis for the SOAP type API Proxy.

  • General settings on Privacy Management are applied to requests other than API Proxy. Thus, even if the requests are sent to the wrong address, their sensitive data is protected.

Bug Fixes

Issue No



Gateway Environments re-encrypts the saved password for HTTPS when redeploying or deploying.

APNZ-2903Path parameter with spaces is incorrectly sent to API.
APNZ-2899An error is received when clicking the method from the API Design screen.
APNZ-2983Policy icon(s) in the API Proxy flow structure disappears when method/endpoint is added or updated.

Searching with keyword criteria for parameter and header section on the Queries page does not work.

APNZ-2974If "example" in the API Definition file on the Test Console is empty, selection should be made according to the API type in "examples".
APNZ-2963When a request is sent to the StoredProcedure type method created with DB2API via API Proxy, the format in large numbers in the response is garbled and appears with scientific notation.
APNZ-2956The example body of request created from the Design tab of API Proxy does not appear in the test console.
APNZ-2955An error occurs when trying to create sample request and response body from API Proxy's Design tab.
APNZ-2952Parameter information of web services added from WSDL type is not coming to the test console.
APNZ-2948After the Rest2SOAP Protocol Transformation is saved, the changes are not reflected in the Design tab.
APNZ-2947It throws an error while parsing the WSDL of KPS services.
APNZ-2943Any edits to Gateway Environments ruin the pod selection to "all".

The operation order of the policies in the response line of the logs in the Trace tab of API Proxy is shown in reverse.


The username and password field values are used incorrectly while testing with the Database Identity Provider.


Sample message values in DB2API do not come automatically when API Proxy is created and tested.

APNZ-2923When the policy added in the API Proxy Group is removed, the status information remains deployed.
APNZ-2895Error occurs when importing local policy to API Proxy.
APNZ-2881In API Proxy Group, Apinizer is not using error message templates.
APNZ-2880Adding CORS breaks the status codes of responses to requests other than HTTP method Options.
APNZ-2876Errors appear when API Spec information is displayed as Swagger 2.x format.
APNZ-2873The pagination component on the API Proxy Traffic screen disappears.

An error is returned if "application/x-www-form-urlencoded;charset=UTF-8" is sent as the value of Content-Type in JWT Token retrieval message.

APNZ-2868Models do not appear in some services in the specification information in Open API format produced for WSDL.
APNZ-2864In the dialog where API Proxy is added to the API Proxy Access Control List (ACL) list of any credential information via the Credentials menu, the filter selection, such as the project, is not reflected in the list without pagination.
APNZ-2862In case the API Proxy Group is installed in more than one environment, if one of them is redeployed, the others become redeploy required.
APNZ-2861The time fields in JWT Token responses are not in ISO 8601 format.
APNZ-2855When the instance of Rest2Soap type API Proxy is changed via the Design tab, this situation is not reflected in the Swagger documentation and Test Console.
APNZ-2846More than one response with the same status code can be created for the same endpoint in the Mock API.
APNZ-2841Although the "does not contain" function is selected while adding a condition on the Routing tab of the API Proxy page, it does not appear in the component while updating the condition.
APNZ-2836API Integration only returns one result when run.
APNZ-2829When the SOAP web service is created as a REST API, the changes made during the protocol transformation are not reflected in specification documentation on the Design Tab.
APNZ-2828In Rest2SOAP type API Proxies, when changes are made via Jackson Transformation, Test Console does not appear automatically.
APNZ-2826When the API Proxy is re-parsed, the labels appear incorrectly in the dialog.
APNZ-2824It gives a CSP error when testing the endpoint with the document of the API via API Portal.
APNZ-2819It gives an error when trying to create API Proxy via Open API.
APNZ-2818When trying to create API Proxy by uploading a file, the file component in the dialog that opens gives an error.

When the exported REST to SOAP API is imported and parsed again, an error is received when clicking on the methods on the Development tab.

APNZ-2805When more than one API Proxy is created from DB-2-API, all buttons for deploying  API Proxy on the DB-2-API screen does not work.
APNZ-2797The Log tab in the Test Console gives an error.

Open API documentation example section is not coming properly.

APNZ-2787Crashes when adding Authentication policy on API Proxy Template screen.
APNZ-2783The Collection tab on the Test Console and the collection list in the Collection List do not look the same.
APNZ-2782A second Key Store definition is not added to the WS-Security policy.

Condition error in routing; When conditional redirect is added, query cannot distinguish by parameters.

APNZ-2760API Proxy does not work properly when too many credentials are added to an API Proxy via ACL or when selections are made on different pages of the table. In addition, after the filters are deleted in the dialog where the credential is selected, the added credential can be selected again.
APNZ-2756When the endpoint addition and editing operations of the Empty API type API Proxy are made in the Design tab or the Develop tab, the changes here cause the data of the relevant path's fields (Backend Path, Name, Description) to not work simultaneously.
APNZ-2749When adding endpoints to the Mock API, the body of the default response in the Response Information has been edited and saved. Afterwards, when this response was wanted to be displayed, it was seen that this information did not change with the value given.
APNZ-2744While trying to create API Proxy by uploading the spec file of the API, when more than one file operation is made in the input field, this input gets stuck and the assigned data does not change.
APNZ-2742Even when "Use a variable" is selected and saved in the Modify Original Message field in the API Call Policy, the "Specify the Value" option is selected.

The value for the Identity/Role/Group Service field cannot be selected in the Digest Authentication policy.

APNZ-2572While selecting certificates with the same name belonging to different environments in the Test Console, it is not clear which certificate belongs to which environment.
APNZ-2723After the API Proxy Group is created or redeployed, API Proxies switch to redeploy mode.