API Manager 2.x Release Notes

For requests made from Connected Apps, API Manager Audit logs now include the Connected App’s name and ID.

The Mule API Analytics tab is now visible to users with View APIs Configuration permission.

Some error messages are now improved for clarity.

External Bad Request (400) errors do not convert to Bad Gateway (502) errors.

This release contains accessibility improvements in the UI, including the addition of alternative texts for images and alternative visual and non-visual indicators.

API Manager now supports API instances with multiple upstream services for Flex Gateway running in Connected Mode.

Deployments to deprecated Flex Gateway versions are now blocked.

This release contains accessibility improvements in the UI, including the addition of alternative texts for images and alternative visual and non-visual indicators.

When adding a new API instance, there are now separate pages for the upstream and downstream configuration settings.

When editing an API instance from the settings page, there are now separate sections for the upstream and downstream configuration settings.

Selecting an API instance from API Administration now navigates you to the new API Summary page instead of the API Settings page. The API Key Metrics and the API instance information such as the type, API version, and API instance ID now appear on the API Summary page. Only the runtime and endpoint configuration still appear on the Settings page.

In API Administration, the Analytics tab is now Mule API Analytics.

Connected Apps can create and manage client applications. For more information, see Creating Client Applications with Connected Apps.

API status is now shown as active only when deployment is successful.

API Manager uses a standalone replica list to report configuration status based on the version of each connected replica.

Policy execution order

TLS and mTLS context configuration

Validate if the specified URL is a valid URL.

Support parameterization using {}, <>, or <<>>.

The API actions are now inside the Actions button in the page header title.

The API header is now only informative. The content in the API header is not editable, and the edit buttons were removed. The API instance label and API consumer endpoint fields editable in the API header are now only editable in the Endpoint configuration section following the API header.

For Mule 4 APIs, since the auto-discovery ID is the same as the API instance ID, the auto-discovery ID was removed for clarity. The API Manager docs are updated to highlight this change and instruct users where to find the API instance ID.

The API notification messages are now displayed at the beginning of the API header.

APIs running on Mule 3.8, which has already reached end of life and whose extended support ended on November 16, 2021.

APIs running on Mule 3.9, whose standard support ended on March 20, 2021.

Adding port sharing validation.

Flex Gateway data representation on API Manager charts is improved.

Message logs can now be viewed and downloaded in order from latest to oldest.

The message log streaming information now specifies log level, such as Info, Warn, and Error.

For SLA Tiers, the delete and deprecate actions are now found in the context menu at the end of each tier.

For Contracts:

For Client applications:

For Contracts:

API Manager now notifies you when policy implementations are incompatible with your current Flex Gateway version.

Applying a Message Logging policy to your API instance in API Manager allows you to view basic message logs for APIs managed by Flex Gateway within API Manager.

You can now sort by the Error Rate and Total Requests columns in the API Manager API Administration page.

Clicking an alert will now show its details. To edit an alert, you can use the context menu icon.

Added an icon in the State column explaining each state in detail when you hover on it.

You can now manage Flex Gateway APIs.

The new API Wizard introduces a streamlined way to create APIs.

Policy and automated policy management have been improved.

The release introduces a new way to create custom policies for Mule 4 and Flex Gateway.

The behavior of some policies has changed. For example, The IP Allowlist and IP Blocklist policies no longer accept a comma-separated list. The policies now accept data formatted as an array.

The API list view has been redesigned to enable quick glances at important information, without having to click into specific API instances.

In the redesigned API list, you can now view total requests and error rates for an API (for the previous 24 hours).

Incorrect user information received in request api access email

Federated users unable to create APIs

Bug when users download a HTTPS proxy without TLS context.

Changed policy display order, sorting version in descending order.

Bug when users couldn’t add tags

Bug when users with custom roles weren’t receiving email notifications for API access

Bug when cannot save a change in API configuration. (AP-4030)

Bug when Mule 4 Runtime in a business group is unable to retrieve contracts. (AP-4081)

Bug when displaying client ID enforcement details. (AP-3976)

Exporting a Mule 4 API containing a policy resulted in a "TypeError: Cannot read property" message. (AP-3941)

If a valid URL with OAuth was copied from API Manager, and the user then logged out, subsequent attempts to access the URL failed with an NPE. (AP-3907)

Redeploy button incorrectly disabled after a deploy. (AP-3955)

When a user only has Asset Admin permission in Anypoint Exchange, the action of making the API Instance public or private fails. (AP-3860)

Allow updating these fields, which were set to read-only after the November upgrade: api.name, api.groupId (also updates the apiversion.groupId), api.assetId (also updates the apiversion.assetId), and apiversion.name. (AP-4020)

A tight integration of Anypoint Platform components extends the use of environments to API management.

API permissions are now environment-based.

You can now create multiple instances of an API.

APIs in Exchange can be managed from API Manager.

There are two new APIs for managing APIs:

Support for Mule 4 Early Access. Mule 4-related changes to API Manager are:

Custom policy development has changed.

Header propagation no longer occurs by default and needs to be configured.

Resource level policy support, which was restricted to RAML-based APIs, is extended to any HTTP API.

API Manager does not support auto-generation and deployment of proxies.

The Throttling policy is not supported in this Mule release.

Mule 4 replaces the security manager policies with two HTTP Basic Authentication policies:

You can configure the Rate Limiting policy if the quota is shared among the cluster nodes or not. By default, the quota is shared among the cluster nodes.