Date of version: March 14, 2023

This document contains New Features, Important Enhancements, Modifications, Removed Features and Bug Fixes for version 2023.03.1.

New Features

APNZ-3339 Creating JSON Web Keypair Set (JWK)

JWK consists of public key or keypair in JSON format. There are four methods to generate a key, key set, keypair or keypair set; generating JWK, retrieving via URL, pasting the content of the JWK, and converting from key store. It can be in 4 different formats; RSA, EC, OCT, OKP. These key definitions are used for validation and signing of the message content on the request line with JOSE policies, while they are used for decryption and encryption of the message on the response line.

APNZ-3477 JOSE (Javascript Object Signing and Encryption) Validation Policy

JOSE is a solution which facilitates the secure transfer of "claim" or JSON data between any two parties. Due to this policy, it is provided both signed data is validated and encrypted data is decrypted.

APNZ-3478 JOSE (Javascript Object Signing and Encryption) Implementation Policy

JOSE is a solution which facilitates the secure transfer of "claim" or JSON data between any two parties. Due to this policy, data is both signed and encrypted.

APNZ-3467 Elasticsearch Configuration

If the logs are desired to be stored and implemented on Elasticsearch by an external system rather than logging directly through Apinizer,

Elasticsearch can be switched to read-only mode. In this case, storing the message logs passing through API Proxy to Elasticsearch cluster is stopped by Apinizer and only querying logs are actively done. Thus, query operations executed on analytics pages are continued.

APNZ-2791 Log Exporting with Webhook Integration

Message sections of a request and response passing through API Proxy are stored on Elasticsearch as default. By integrating Webhook, logging messages can be conveyed another application.

APNZ-3399 Log Exporting with RabbitMQ Integration

By default, Message sections of a request and response passing through API Proxy are stored on Elasticsearch. By integrating RabbitMQ, messages can be transferred another application via queue mechanism.

APNZ-2885 Creating Alerts for System Notification 

In real-time operating system, it is a significant necessity to catch the usage situations of system resources before they turned into problems so that application performance works stably. In this way, a probable difficulty is solved by producing a solution and preventing it from being encountered. Alert provides monitoring the Kubernetes modules of Apinizer Platform and Elasticsearch clusters according to predefined trigger types. If the given threshold value is exceeded, a new notification is generated on the platform.

APNZ-3330 A New Action Type: Creating Notification

When creating an Anomaly Detector, Uptime Monitor, API Integrater or Alert, notification action can be added to handle the result. In this regard, when every business rule is executed, all or defined users are sent out the notification. The user can manage their own notifications through the interface.

APNZ-3431 Managing Notification

Notifications are created as a result of 3 different situations on Apinizer; notifications showing action results, requests for account/developer creation, subscription requests belonging to API Products. All notifications can be viewed from the icon on header of the application and they can be managed by clicking on a relevant notification category. 

APNZ-3452 Creating Connection Definition from MongoDB

A new type of connection configurations, MongoDb, is added.

APNZ-3452 Creating a DB-2-API Find Method with MongoDB 

While creating an endpoint from database with Db-2-API in the API Creator Module, endpoints can be added by writing a "find" query with MongoDB configuration.

APNZ-3472 Managing Log Settings of all API Proxies on the basis of a Project or Application

Previously, it was set on 3 different bases as Project, API Proxy Group and API Proxy, in which region, which message item would be logged or not. To improve the usability and manageability of the log settings, it has been reduced to API Proxy base only. There are 3 pages to enable or disable the log settings. Either it can be set from each API Proxy's own page or multiple API Proxy log settings can be adjust on the Log Settings page on project and application basis.

APNZ-3207 Definition Pod Probes from Kubernetes Resources Page

Kubernetes uses Probes to know when to restart, ready and start its container. Basically, Probes check the health of the containers and make the unresponsive application restart. It is provided to define Probes of Pods via Apinizer.

Important Enhancements and Modifications

APNZ-2884 Improved the user experience of the appearance and actions creation dialog in the Action dialog.

APNZ-3109 When API Proxy is created from Spec Designer, it is possible to continue the design from created spec definition.

APNZ-3111 "Add" operation is added to body's original message data editing in API Call policy. 

APNZ-3272 A new filter has been added to search the API Proxies by deployment status. 

APNZ-3282 Added a refresh button to the table showing the status of pods on Kubernetes Resources page.

APNZ-3329 The features of copying the query as cURL and exporting as excel have been introduced to API Proxy Traffic page.

APNZ-3329 The features of copying query as cURL and editing query and filter have been added to Report Generator page.

APNZ-3368 Storage of JWT token is made independent by the database.

APNZ-3381 Certificate, Key and Key Store pages can also be managed on a project basis.

APNZ-3382 For the audit records, the IP information belonging to Manager Console entries is obtained from X-Forwarded-For.

APNZ-3405 Removed at least 2 added address validation for Circuit Breaker on API Proxy's Routing tab.

APNZ-3411 The time information fields (Total Time, API Proxy Time, Backend Time) on Report Generator and Query page have been revised.

APNZ-3413 Connection management pages regarding database are merged.

APNZ-3429 By adding Log Settings tab on API Proxy page, all log settings on Settings Tab have been moved here.

APNZ-3440 Uptime Monitor and Anomaly Detector definitions can be also managed on the application basis.

APNZ-3456 Credentials, which must be mandatory for database connections, have been made optional so as to support connections that do not require credentials.

APNZ-3456 The selection of password field in the Plain-Text Authentication Policy has been made optional so that it was possible to authorize services using only API Key.

APNZ-3457 In the Authorization policy, only roles can be taken without role control.

APNZ-3459 In JWT, OAuth2 and JOSE Validation policies, if Identity/Role/Group Service is selected, roles in this service can be added to the request headers. 

APNZ-3473 Pages namely, Privacy Management and Syslog Integration have been moved to Log Settings menu.

APNZ-3473 Pages namely, KPS Setting and ProCrpyt Setting have been moved to System Settings menu.

APNZ-3473 API Proxy Report has been moved to Analytics.

APNZ-3473 ACL Report page has been moved to Identity Management menu. Additionally, the page that used to work on the application basis has been moved to a project menu. 

APNZ-3473 The API Proxies page on Analytics menu has been removed, and the tabular data there has been merges with the tabular data on the list mode of API Proxy Report page.

APNZ-3478 JWK Settings tab is brought on Credentials page to select JWKs to be used for JOSE policies.

APNZ-3497 OpenAPI version 3.0.3 is supported.

Removed Features

APNZ-3411 Removed "Upload from Spec File" option to create a API Proxy.

APNZ-3411 Removed the JWT 3rd Party policy as the JOSE Validation policy includes the JWT 3rd Party policy.

APNZ-3467 Due to editing with APNZ-3472, the ability to configure log settings per API Proxy Group has been removed.

APNZ-3467 Due to editing with APNZ-3472, Project Log Settings page has been deleted. 

APNZ-3467 APNZ-3472 ile yapılan düzenlemeden dolayı Genel Ayarlar bazında log ayarlarının önem derecesini ayarlama özelliği kaldırıldı.

Bug Fixes

Issue NoDescription
APNZ-2958Even if the schedule is executing on Report Generator, Anomaly Detection and Uptime Monitor pages, no report data is generated.
APNZ-3247Advanced search and filtering with X-Forwarded-For field do not work on API Proxy Traffic.
APNZ-3308When multiple API Call policies are added to API Proxy, it also affects other Data Manipulation sections of API Call policies.
APNZ-3344In JWT and OAuth2 policies, if Grant Type is Password selected, Identity Service does not default to Security Manager.
APNZ-3345The import operations contain errors.
APNZ-3353Requests sent to the endpoint with an empty response with only content-type in Mock API are not logged in API Traffic.
APNZ-3354Problem creating a new API Integration module from Kubernetes Resources.
APNZ-3363After canceling API Proxy Group deletion, deletion cannot be performed again.
APNZ-3364Host aliases belonging to the environment cause an error in every republish operation.
APNZ-3383The search for "starts with" and "ends with" options on the query creation page does not work.
APNZ-3392While defining parameters to the method for Db-2-API, parameter names containing each other cause the query to not work.
APNZ-3393The quota applied to the API Proxy can force the cache when the size of the data grows.
APNZ-3395Execution of new query with pagination change on API Proxy Traffic is not synchronous.
APNZ-3398Although the size of a log record is less than 500kb on the API Proxy Traffic page, it does not open.
APNZ-3401Kubernetes Resources page is having issues if there are excessive resources.
APNZ-3410It is possible to create another API Proxy or API Proxy Group containing the same relative path value.

On the API Proxy Group ACL, the change in the credential editing process is reflected after the page is refreshed.

APNZ-3415When a log record is created in one of the different API Proxies with a method containing "/{id}" in the API Proxy Group, it is also displayed on the other.
APNZ-3416XSD processing error is received in definition files that reference the local address of the schemaLocation information in the WSDL address.
APNZ-3419If parameterized query with Db-2-API is converted to parameterless, it cannot be saved.
APNZ-3438An error is received when trying to go to log detail of a API Proxy typed Rest2SOAP on Trace tab.
APNZ-3441There is no audit record of transactions performed in bulk.
APNZ-3449Even if SOAP methods are found, iterating other methods also causes the wrong method to be found in methods with the same request body.
APNZ-3450Unexpected characters such as spaces in query parameters in db-2-API, URL is not decoded.
APNZ-3466API Proxy or API Proxy Group with the same relative path value cannot be created.
APNZ-3490Getting an error when saving and canceling in Rest2Soap Transformation policies.