Nav

API Manager Release Notes

API Manager release notes include information about changes, new features, improvements, and resolved issues in releases of API Manager and its predecessor, Anypoint Platform for APIs.

Browser Support

Anypoint Platform (https://anypoint.mulesoft.com) supports the following browsers:

  • Firefox (latest version)

  • Chrome (latest version)

  • Internet Explorer 11 and newer

API Manager 1.16.0

July 15, 2017

This release includes bug fixes and an enhancement that warns users when uploading custom policies without the requiredContracts tag, which is necessary for offline behavior.

API Manager 1.15.0

April 8, 2017

In this release, the invalid console path generated for RAML proxies with paths ending with /* was fixed. This release includes the following enhancements:

  • Resource Level Policies

  • Layout Changes

  • Display OAuth Grant Types

Resource Level Policies

This feature provides the flexibility to apply policies to specific resources and/or methods of an API instead to the entire API. This feature is enabled only for RAML-based APIs or proxies. For more information, see "About Resource Level Policies" and "To Apply Policies and SLA Tiers."

Custom policies require changes to enable Resource Level granularity. For more information, see "To Add Resource Level Policy Support to a Custom Policy."

Layout Changes

This release includes layout changes to improve the user experience and align the UX with the rest of the platform.

Display OAuth Grant Types

Now, the OAuth Grant Types of the application are shown on the application detail page and for the API Owner at the time of approving an access request.

API Manager 1.14.4

March 11, 2017

This release introduces the following enhancements:

  • Added pagination on the custom policies page.

  • Increased granularity of the Rate Limiting and Throttling policy configuration.

    You can now specify multiple throughput limits for an SLA tier using different time periods and units.

API Manager 1.14.2

January 14, 2017

This release resolves a number of issues.

Resolved Issues

  • Fixed the "View application" link that wasn’t working with Hybrid.

  • Obfuscated the client secret on the developer portal applications detail page.

  • Fixed the link on the notification email when a new application is pending approval and the API belongs to a sub-organization.

  • Fixed an issue with uppercase WSDL on SOAP proxies.

  • Fixed the Basic Authentication template that was not working properly with Mule Runtime 3.8.1 and later when HTTP is used for LDAP instead of HTTPS.

API Manager 1.14.1

December 3, 2016

This release includes new API Manager features, support for API Designer 0.3.0, and bug fixes.

New Features

API Manager 1.14.1 includes the following new features:

  • The capability to set alerts for policy violations, response time, count, and codes.

  • An advanced configuration to customize the response timeout of the auto-generated proxy.

    To customize the response timeout of the deployed proxy, use the advanced options as described in step 5-h of section "Setting up a Proxy".

Resolved Issues

  • Fixed auto-generated proxy that was configured to an incorrect WSDL.

  • Fixed problems with import/export of an API on Windows.

  • API Designer 0.3.0 support

API Manager 1.14.0

November 19, 2016

This release includes improvements and bug fixes.

Resolved Issues and Improvements

  • Updated the clients API to show multiple owners as well as the app ID.

  • Added a new API to query by client ID.

  • Fixed API Tooling bugs to support new API tooling.

  • Made performance improvements.

API Manager 1.13.0

November 5, 2016

This release includes a new feature, an improvement, and bug fixes.

New Feature

API Manager 1.13.0 includes the capability to enable and disable policies.

Resolved Issues and Improvements

API Manager 1.13.0 fixes API Tooling bugs to support new API tooling. API Manager has been improved to support dependencies between policies that you configure using the required characteristics parameter.

API Manager 1.12.0

September 24, 2016

This release includes bug fixes and a security improvement related to Regular expression Denial of Service (ReDoS).

Resolved Issues

API Manager 1.12.0 resolves the following issues:

  • In previous releases, all apps appeared in the Developer Portal to users in the Organizational Administrator role. Now, users in this role see only their own apps.

  • An incomplete URL of an app deployed to CloudHub appeared on the API Version details page. The URL now includes the AWS region of deployment.

  • The error message associated with a URI conflict during auto-discovery API deployment has been improved and now returns the appropriate HTTP error code.

  • Mule Runtime 3.8.1 now supports the configuration of scopes for the OpenAM token enforcement policy.

  • The Anypoint Platform UI indicated the 3.8.0 version of Mule. Now, the UI indicates 3.8.x.

  • The Client ID Enforcement policy problem that occurred during migration from API Gateway 2.2.0 or earlier to Mule 3.8.1 has been resolved.

API Manager 1.10.0

July 16, 2016

This release includes an important entitlement change, new sorting features, and several bug fixes.

Entitlement Change

As of this release, Anypoint Platform accounts must have the appropriate API entitlements to continue running apps and using APIs. User accounts not properly entitled will no longer have access to API Manager functionality. If you have purchased API Management and experience account access issues following this release, contact your account representative.

New Features

API Manager 1.10.0 includes the capability to sort the list of API Portals and the list of applications on the Developer Portal, as described in the Developer portal documentation.

  • Search/sort API portals on the Developer portal

    On the API portals tab you can now search for and sort the list of API portals.

  • Search/sort apps that access an API

    On the My applications tab, you can search for and sort apps approved to access an API.

Resolved Issues

API Manager 1.10.0 resolves the following issues:

  • Fields are no longer missing when rendering custom policies with multiple configurations.

  • The RAML parser now applies Traits and ResourceTypes to the final RAML output.

  • The spinning activity indicator now works in FireFox.

May 2016 Release

This release includes the following enhancements:

  • Early Access RAML 1.0

    This release introduces API Gateway Runtime 3.8.0 that provides early access to RAML based on the RAML 1.0 specification. RAML 1.0 introduces several new features, listed in the RAML.org comparison of releases. For those users migrating to RAML 1.0, see the list of breaking changes between RAML 0.8 and RAML 1.0. Before using the early access RAML 1.0, see Important Information about the May 2016 Release.

  • Client ID enforcement

    When you apply client ID-based policies, the credentials are expected in the form of expressions, the default being query parameters named client_id and client_secret. The default configuration of the policy requires the Client Id and Client Secret expressions. In Mule Runtime 3.8.0, another option is available. You can also select HTTP Basic Authorization Header to use Basic Authentication as the origin of the credentials.

  • Add property referencesUserDomain to endpoint

  • Add validation to avoid having CloudHub endpoints with custom port

  • Include referencesUserDomain when exporting API Version

  • Include v3 proxy assets in Mule Runtime 3.8.0

  • Add logic for Mule Runtime 3.8.0 support

Important Information about the May 2016 Release

For details about these issues, see RAML 1.0 Early Access.

  • API Manager relies on API Gateway runtime 3.8.0 for auto-generated proxies based on RAML 1.0. In most cases, the proxy generation feature works well on for RAML 1.0-defined APIs. However, if a user tries to auto-generate proxies based on a RAML 1.0 file, and the definition has known gaps, which are not covered by the Java parser on API Manager, the deployed proxy fails.

  • Proxies generated for the latest version, Mule 3.8.0 runtime, will fail to deploy on previous API Gateway runtime versions. Previously created proxies will continue to work on Mule 3.8.0 runtime because Mule 3.8.0 runtime is backward compatible.

Resolved Issues

  • Research feasibility of RAML/Swagger roundtrip.

  • Support map of objects on custom policies.

  • Update RAML snippets in Policies tab.

  • When generating a proxy for Mule Runtime 3.8, a new option to use a domain is needed.

April 2016 Release

In this release, MuleSoft has improved accessibility to certain features of our API solution. Customers without the appropriate API entitlement may also notice some features have been disabled within their account. These capabilities continue to be available in Anypoint Platform, but only for customers with the required API entitlement.

Customers with API entitlements will now see more controls and analytics on the API version page:

api-entitlement2

Customers without API entitlements will notice the following:

  • The controls for deploying an API to CloudHub do not appear.

  • Analytics and controls for deploying a proxy, listing applications, setting up SLAs, applying policies, and changing permissions do not appear on the API version page.

As a result, the API version page will look a bit different:

api-entitlement

Please contact your account team if you have any questions on these changes.

Enhancements and Bug Fixes

Additionally, this release includes the following enhancements and bug fixes:

Enhancements

  • UI redesign

    The user interface has a new look, designed for easier use.

  • Policies numbers show order of application

    In addition to listing applied policies in the order that you apply them, Anypoint Platform now includes the order number.

  • Improved audit log detail

    The audit log now reveals the permission level of the users when you assign a permission to a user.

Bug Fixes

  • A tooltip is now displayed when the full API name is truncated in the UI.

  • The problem related to resetting the client secret when using Internet Explorer 11 has been resolved.

  • A list of grant types are now displayed in the application sidebar.

  • An example or default value that you set in the RAML is no longer hidden in the console.

  • The API Designer is no longer overriding example files. The import process now overrides example files when configured to do so.

January 2016 Release

This release includes the following new features and functionality:

  • Redesign of API management page which now makes more information available at a glance and provides a drop-down API version menu for easier access. The analytics panel has been removed, providing more space for the display of API management-related information. To access, you can use the navigation menu towards the top and right of the page.

  • New applications management page, the single point of access for all client applications for an organization’s APIs. Explore and manage your client applications from here. To reach it you can use the navigation menu towards the top and right of the API management page.

  • From the applications management page, clients can now add or remove owners of an application. This feature makes it easier to keep information about applications up to date.

  • Gateway Awareness and Policy Ordering. Policy configuration is now aware for the set of policies supported by the Gateway tracking your API proxy. Because of this, unsupported policies are not available to be applied, and applied policies that are not supported by the tracking gateway are highlighted so that you can easily detect and correct problems.

There are no new known issues or any changes that impact compatibility or that require migration considerations.

November 2015 Release

This release has the following updates:

  • IP whitelisting and blacklisting policies provide the option to specify a comma-separated list of IPs for bulk edits.

  • API owners can modify the configuration of a policy without having to add or remove the policy every time

  • Ability to select an API Gateway Cluster as the target of deployment from the API platform proxy auto-deployment window.

September 2015 Release

This release includes the following new features and functionality:

  • Layered SLAs that can impose multiple limiting policies on the API.

  • Audit Logging of change events made within the API management and platform services capabilities of the Anypoint Platform.

  • Adding Terms and Conditions of an API Portal can now be defined in two different ways.

  • Files and Attachments can be imported/exported to an API Portal.

  • Improved API for portal search.

There are no new known issues or any changes that impact compatibility or that require migration considerations.

April 2015 Release

The April 2015 release of the Anypoint Platform for APIs offers the following new feature:

You can now use OpenAM as a SAML 2.0 identity federation provider across the platform. Additionally, you can use OpenAM as an external OAuth 2.0 server if you are using API Gateway version 1.3.2 or later. For more information, see Setting up External Identity.

February 2015 Releases

There were two releases in the February 2015 timeframe for the Anypoint Platform for APIs.

February 24th Release

The February 24th release of the Anypoint Platform for APIs offers the following new features and functionality:

  • Improved API Portal Publishing Experience: We have made improvements to the API portal publishing experience to make it more user-friendly.
    Specifically: 

    • Simplified draft editing and publishing

    • Ability to bulk publish and delete pages

    • Now easier to preview the entire portal

February 18th Release

The February 18th release of the Anypoint Platform for APIs offers the following features and functionality:

  • New RAML Console: We have made significant improvements to the RAML console to drive even greater developer productivity. We’ve redesigned the interface as well as introduced a number of new capabilities that makes using an API easier including the ability to add custom query parameters/headers as well as support for all OAuth 2.0 grant types.

  • Proxy Auto-Deployment to CloudHub Gateways: As part of the configuration of a proxy, users can now automatically deploy the proxy to CloudHub (within the same organization) thus removing the need for manual configuration.

Known Issues in the February Releases

  • APIkit’s RAML console in Anypoint Studio is not yet updated with the new functionality described above. Updates to Studio can be downloaded by clicking Help and then Check for Updates in the Studio menu.

  • Auto-deployment to CloudHub may fail for some users. If your deployment fails, simply retry the deployment. This issue was fixed shortly after this release.

November 2014 Release

The November 2014 release of the Anypoint Platform for APIs offers the following new features and functionality:

  • API Version deprecation

  • Support for API Gateway 1.3

  • Custom Terms and Conditions per API version

  • Folder support in API Designer

  • File import support in API Designer (Beta)

  • Swagger file import and conversion in API Designer (Beta)

  • Automatic role assignment from external groups via SAML assertion

  • Improved SLA tier management workflow

  • Improved proxy support for load balancing, shared port, and HTTPS configurations

  • API Gateway logging enhancements for improved API request troubleshooting

  • Proxy configuration UI enhancements

  • Policy violation analytics tracking

  • Stacked bar chart support in Analytics

Known Issues in the November 2014 Release

The following issues are already being tracked by our development team. See this list before reporting any issues with the platform.

  • Custom policies are only supported on API Gateway version 1.3.

  • In API Designer, when importing RAML files, an error may indicate that included files are not present. Clicking the included file resolves the error.

  • Proxy applications generated prior to November 19th are not compatible with API Gateway version 1.3.

  • If an API version that is being managed is deleted and then a new API is created with the same name and version name, the API Gateway must be restarted in order to manage the API version.

  • When viewing a public portal for an API in an organization other than the one your user belongs to you, you may be required to login again.

July 2014 Release

The July 2014 version of the Anypoint Platform for APIs offers the following new features and functionality.

This release includes selected limitations that you need to be aware of as you create new organizations and populate them with your API metadata.

Known Issues in the July 2014 Release

Localhost Behavior

Note that defining an endpoint using localhost has important behavior implications for on-premises deployments of APIs and proxies.

Limitations

  • The REST APIs for the Anypoint Platform for APIs are not currently exposed publicly for customer use.

  • It is not possible to visit the Developer Portal or any public API Portals when signed in as a user of a different organization.

  • Developers cannot currently revoke their contracts with API Versions, only API Version Owners have the ability to revoke and delete contracts.

  • API Portals cannot currently be deleted.

  • Throttling and Rate Limiting policies do not currently work for APIs or proxies deployed to multiple API Gateway workers in CloudHub.

  • It is only possible to register new applications from a portal for a specific API version rather than globally from the main Developer Portal page.

  • Batch approval of applications is not currently supported.

  • Copying content from one API Version to another is not currently supported.

  • The IP whitelisting and IP blacklisting policies do not function for endpoints defined with the Jetty transport.

  • Session timeouts occur after a three-hour window irrespective of user activity.

Key Differences for Users Migrating from Previous Versions

If you have an existing Anypoint Platform for APIs account on a previous version, you need to migrate to this version during the migration period. Be aware of the following major differences between the previous versions and the July 2014 release:

  • Terminology has changed to standardize around APIs and applications rather than services and consumers.

  • Each API version now has only a single endpoint. 

  • The administrative view of your API version (called the API version details page) is now accessible only to API Version Owners or Organization Administrators. The Developer Portal, containing the API Portals that you create and share, now acts as the developer-facing view of your API.

  • Policy application has been streamlined to a single step for each policy. Contract enforcement and related policies have been replaced with client ID and secret enforcement. SLA-based policies now incorporate client ID and secret enforcement automatically.

  • Application management flows have changed. You can now set SLA tiers for automatic approval to reduce your management overhead. Manual approval is also available.

  • Analytics are now available only to Organization Administrators.

  • Taxonomies, policy characteristic tags, and environments are deprecated.

  • API Designer is now accessible through the API Version Details page rather than in the Developer Portal.