Date of version: August 13, 2024

This document contains New Features, Important Enhancements, Modifications and Bug Fixes for patch version 2024.05.4.

WARNING With the security patch made in this version, it has been made mandatory to check the value of client IPs where the browsers are located in the Apinizer Management Console. For this reason, organizations that connect to the interface using "Kubernetes Ingress Controller" will need to set the X-Forwarded-For header setting. See

New Features

APNZ-4418 Viewing of the ports being used in the Environment screen has been enabled.

APNZ-4383 XML and JSON data formatting (pretty) features have been added to the test console. See.

APNZ-4480 It has been ensured that an authorized super project admin user can access all projects. See.

APNZ-4391 The 'Unused Clients Report' screen has been added to the reports. See.

APNZ-4390 The 'Unused Endpoints Report' screen has been added to the reports.  See.

APNZ-4205 Retrieving user information through LDAP API authentication has been enabled. See.

Important Enhancements and Modifications

APNZ-4459 The Java and operating system versions of Apinizer Container images have been updated. 

APNZ-4424 Autofill has been disabled for the field in the API Proxy development tab in Chrome.

APNZ-4098 Case-insensitive search for methods has been enabled in the API Proxies Development tab.

APNZ-4449 Processing of hop-by-hop headers during routing has been made case-insensitive.

APNZ-4455  The option 'System should continue to work if the cache does not respond' has been added as a configurable preference in quota and throttle policies, as well as in the authentication throttle and quota screens. See. See.

APNZ-4443 Testing of API Proxy Group endpoints has been enabled, and only Proxy and Proxy Group options are now visible in the test console. See.

APNZ-4450 Manually added methods are now preserved during the reparse process. See.

APNZ-4431 Customization of logos and colors has been enabled in the portal interface. Additionally, the API Product list is now displayed categorized, with filtering options added. See.

APNZ-4370 A tab has been added to the Portal Test Console to directly obtain a JWT through the application (can be encoded for basic authentication). Additionally, the ability to display the authentication type on the portal has been enabled on the service.

APNZ-4490 New options related to connection routing have been added to the API Proxy routing settings. See.

APNZ-4470 Dynamic addition of CORS settings to the API Gateway Token Service has been enabled. See.

APNZ-4452 In the API Portal's endpoint testing, the authentication information is now automatically applied when 'application' is selected.

APNZ-4478 A setting has been added for proxies using proxy groups, allowing them to be 'accessible only through proxy groups'.

Bug Fixes

Issue NoDescription
APNZ-4485When an account or an associated credential is disabled in the Portal, all credentials not associated with the account should not be disabled.
APNZ-4483The Portal menu in the Navbar does not appear when logged in and does not load without refreshing the page.
APNZ-4479On the Project Member page, dropdown menus are appearing below the table.
APNZ-4474If the user has only the Proxy Group (PG) role, clicking on the Proxy Group > Endpoints tab redirects to the login page.
APNZ-4432An HTTP error occurs in the Cache, and it fails to start when two caches are present.
APNZ-4471

Proxy Group Permission Issues and Permission Adjustments: 

  • The API Tester role cannot view analytics data. 
  • Users with permission to view API Proxy Groups can see the connection on the variables page but cannot access its content.
APNZ-4463There is an issue with the 3-hour time range on the Trace screen.
APNZ-4453Some API Proxies do not appear when adding an API Product in the API Manager.
APNZ-4441An error occurs when credentials are first created and when they are first called with basic auth.
APNZ-4430The count of unsent messages was turned off; this situation should be checked.
APNZ-4412A project cannot be deleted; a rollback error is encountered.
APNZ-4433

Errors encountered when a newly registered user tries to log in to the Portal:

  • The user is added as disabled despite auto-approve being enabled.
  • If a disabled user tries to log in, an error occurs, but no proper log is recorded in the pod.
  • The user remains pending approval even though auto-approve is enabled.
  • A newly registered user should not be required to be added to and activated within an organization
APNZ-4473

In the GitOps Environment screen, a transaction error occurs when saving a connector if multiple environments have been previously opened.

APNZ-4491The initial values of fields with missing values in the routing section of PolicyConfigurationTemplate should be populated.
APNZ-4457Certificates in Apinizer should also be valid for WSS (WebSocket Secure) and STSToken.
APNZ-4499File downloads through the API Portal are being blocked by the browser.
APNZ-4497An error has been detected in the Auth policy configuration: 'configuration is null or empty!' error was received.
APNZ-4496During the MongoDB connection test, the connection is considered successful even if the entered password or address is incorrect.
APNZ-4434Regarding the missing XML namespace prefix in Rest2Soap, when exporting a service running in the production environment and importing it into the test environment, a namespace is missing in the XML in the test environment.
APNZ-4501In the WS-Security From Target policy, IDs are displayed instead of Keystore names.