Date of version: January 31, 2025

This document contains New Features, Important Enhancements and Modifications, Bug Fİxes and for version 2025.01.0.

Highlighted New Features

APNZ-4085 New API Proxy Types: gRPC and WebSocket

Two new types have been added to API Proxy creation options: gRPC and WebSocket. See

gRPC Proxy Support:

Unary gRPC calls (single request from the client, single response from the server)
Server streaming gRPC calls (single request from the client, multiple responses streamed from the server)
Client streaming gRPC calls (multiple requests streamed from the client, single response from the server)
Bidirectional streaming gRPC calls (two-way data streaming between client and server)
gRPC-Web support (for browser-based gRPC communication)
TLS/SSL secure connection support

WebSocket Proxy Support:

Standard WebSocket protocol (ws://)
Secure WebSocket protocol (wss://)
Text message format
Binary message format

Partial policy execution is supported for API Proxies created using these two new types, and incoming and outgoing messages can be sent to log connectors.

The test console does not yet support these two protocols.

New Environments for the New API Proxy Types

A "Communication Protocol Type" field has been added to environments. Deployment environments for API Proxies have been configured to automatically match proxy types. REST and SOAP API Proxies can be deployed to HTTP-type environments. gRPC API Proxies can be deployed to gRPC-type environments. WebSocket API Proxies can be deployed to WebSocket-type environments. This update ensures compatibility between proxy types and deployment environments, preventing incorrect environment selections. See

Unsupported Policies/Settings: Ws Security Sts Token, mTLS Authentication, Script, Backend API Authentication, API Call, API Proxy Group, CORS Settings, Cache Settings, XML/ JSON Error Response Template, Load Balancing Type, Define Circuit Breaker, Define Client Flow Banner, Define Proxy Server, NTLM Settings, Customize Error Messages

APNZ-4582 Geolocation Management with IP Control

IP checks can now be performed based on Geolocation data (Country, City). See

WARNING! Due to changes in the log data structure, organizations using Elastic Search must update their log index template and perform a rollover index. Please visit this page for the new index structure.

APNZ-4682 Settings Group Management

With the Settings Group screen, it is now possible to create and assign Global Settings to both API Proxies and API Proxy Groups. See

APNZ-4683 Policy Group Management

With the Policy Group screen, it is now possible to create and assign Policy Groups to both API Proxies and API Proxy Groups. See

As part of this development, the structure of the Policy View screens has been redesigned to allow future access for read-only users.

APNZ-4762 APNZ-4784 Deployment Process Synchronization and Result Display Enhancement

Detailed result displays have been enabled for all deployment operations. See

WARNING! As part of this development, significant improvements were made to pod distribution processes carried out via the Kubernetes service. In the previous version, deployment operations sent from the Manager to the Worker were asynchronously broadcasted by the Worker to other pods within its environment. Due to this structure, the Manager could not directly display whether the Worker successfully completed the deployment to other pods, and potential errors could only be identified from system logs. Additionally, since the deployment status of pods within namespaces could not be tracked in real-time, inaccessible pods could cause inconsistencies in the system.

With the new development, the entire deployment process has been made synchronous. Communication between the Manager and Worker has been enhanced, allowing errors to be detected instantly and displayed on the Manager screen when any pod is inaccessible. Deployment results for all pod distribution processes carried out via the Kubernetes service are now comprehensively reported on the user interface.

These improvements have increased the transparency of the deployment process, making it easier to detect and manage errors more quickly. It is important to note that the shift from a partially asynchronous process to a fully synchronous one may lead to a slight increase in deployment times.

New Features

APNZ-4778 AI-Powered Chatbot Integration for API Portal

An AI-powered chatbot has been integrated into the API Portal. See

APNZ-4731 Support Package Request Management for API Portal

A "Support Package Request" screen has been added to the API Portal Manager to facilitate the easy management of Support package requests. See

APNZ-4724 Support Package Feature for API Portal

A "Support Package Feature" screen has been added to the API Portal to view and manage Support packages. See

APNZ-4722 Support Package Type Management for API Portal

A "Support Package Type" screen has been added to the API Portal to manage Support package types. See

APNZ-4721 Support Package Management for API Portal

A Support package screen has been added to the API Portal to manage Support packages. See

APNZ-4713 Jira Integration for API Portal

Jira Integration has been added to the API Portal, enabling users to create requests directly through the API Portal and easily track them via the Jira system. See

APNZ-4712 Jira Integration for the API Portal Admin Panel

Jira Integration has been added to the API Portal Admin panel, enabling users to manage and track requests via Jira. See

APNZ-4698 Cookie Management for API Portal

A Cookie Management feature has been added to the API Portal. See

APNZ-4826 API Product Update - Create Application Button for API Portal

A Create Application button has been added to the API Product update section in the API Portal for users without any existing applications. See

APNZ-3089 WSDL definition files can now be downloaded in Zip format.

APNZ-4649 Maintenance mode has been added to API Proxies. See

APNZ-4783 Timeout values for the deployment process have been made configurable parametrically. See.

APNZ-4728 TLS settings can now be provided parametrically via JVM parameters. See.

APNZ-4844 The log structure now includes location data, which contains latitude and longitude fields. See.

Important Enhancements and Modifications

APNZ-4734 The "Redeploy All" option has been added to API Proxies and API Proxy Groups using global policies, policy groups, and settings groups. See, See, See

APNZ-4693 The loading of settings and fonts in the portal has been configured to be performed automatically when the system is first launched.

APNZ-4765 When creating a new API Proxy, the default value for the "Ignore Error Response Template In Case Of Error On Backend API" parameter in the Routing section has been set to false.

WARNING! This change ensures that, in the event of a backend error, the error response is returned using the error response template, preventing potential security vulnerabilities.

APNZ-4770 The formatted display of data in the API Traffic Log, Test Console Response Log, AuthToken Registration Log, and Trace Logs has been removed to prevent misinterpretation risks. This change ensures logs are presented in a safer and more understandable manner.

APNZ-4793 The title and description sections on the API Product page of the API Portal have been made dynamic.

APNZ-4573 The test button for undeployed environments has been removed from the API Proxy Group Endpoints section. See

APNZ-4575 The "Members and Roles" section has been removed from the list on the Admin Projects page, and the table now includes the active/passive status of the Relative Path and the Relative Path itself, if applicable. See

APNZ-4827 The visibility of the "Try It" button in the API Portal has been made dynamic for each API Product. See

APNZ-4714 The supported Content-Encoding values for responses returned by the API have been expanded. Previously, only gzip, deflate, and br were supported; now, gzip, deflate, br, compress, and zstd encoding types are also supported.

Bug Fixes

Issue No	Description
APNZ-4755	The test console does not open correctly when accessed for the second time.
APNZ-4746	When values such as product or responsible are deleted in the API Portal, pages fail to load due to null errors.
APNZ-4737	If the test console is closed via the close icon (X) in the top-right corner, the body field does not load during the next test endpoint request.
APNZ-4720	API Proxy exports are being generated as empty zip files.
APNZ-4697	The nightly job that deletes application logs at 1:00 AM should be removed, as it prevents app purge jobs from functioning correctly.
APNZ-4626	Policies exported from API Proxy cannot be imported into Policy Groups.
APNZ-4204	In CORS, during the deletion of Access-Control-Allow-Origin values, the wrong value is being deleted.
APNZ-4702	A duplicate export option appears in the Export/Import menu.
APNZ-4780	An incorrect library is imported during mail imports in Groovy.
APNZ-4771	On the API Traffic Log screen, when switching between tabs, the body field does not update unless clicked.
APNZ-4752	Errors related to policies: In the Script Policy, when saving a Groovy script, the script type is not saved correctly. In Business Rule, when adding a new rule, the variable selection slides to the background, and after canceling, the page becomes unresponsive. Some API calls in Trace appear multiple times. After saving a policy, the "Updated" message appears twice. Despite no errors in the console, error messages are not reflected on the read-only screen.
APNZ-4741	SOAP messages returned from the backend are truncated in the log.
APNZ-4714	When the "zstd" encoding is used in the Accept-Encoding header, the content in the response is not encoded correctly and becomes corrupted.
APNZ-3933	Policies exported from API Proxy cannot be imported into Proxy Groups.
APNZ-4756	In Mock Proxy, errors occur in previously logged and functioning API calls. The relevant error messages are not displayed on the screen, and logs show a 404 error.
APNZ-4790	In the test console, the "name" and "value" modals for adding headers open in the background.
APNZ-4787	When switching from "one way" to "two way" in API Call, the "not change default" option does not appear selected or active by default.
APNZ-4822	When sending files using multipart/form-data, if the file content is not provided, the corresponding part data is not sent to the backend.
APNZ-4815	Newly added Context Values in the script are displayed as "Translation Not" entries.
APNZ-4812	Search filters for Portal Accounts do not work in API Manager.
APNZ-4799	The "Activate All" and "Disable All" policies operations on the request line affect the response and error methods, but the "All" options do not affect this.
APNZ-4678	When a DB2 API connection is deleted, unusable DB2 APIs remain.
APNZ-4286	On the Admin Projects page, instead of displaying 10 records, all records are shown.
APNZ-4806	The direct API Product link does not open in the API Portal.
APNZ-4831	When adding WSS user information, only the username field should be added; however, an extra timestamp field is displayed in read-only mode. Additionally, the password field is shown in plain text. After performing a deployment operation on the API Proxy Group page and refreshing the page, the system incorrectly displays the redeploy option. However, on the API Proxy Groups page, the group is shown as correctly deployed. In the test console, the CodeMirror body section is displayed indented by 3 characters. When an API Proxy is imported, the relative path field unnecessarily includes the word imported.
APNZ-4829	When the failover setting is disabled in the log connector, the system waits for a long time during the "Apply" process without reaching the timeout. Even if the user refreshes the page, the setting cannot be disabled, and the changes cannot be completed.
APNZ-4836	In Business Rule, the string exist condition does not work correctly.
APNZ-2889	When an API Product is deleted, gaps appear in the ApiProductAppRegister table on the Account screen.