API Manager 2.x Release Notes

Patch operations to existing API portals are no longer supported. For more information, see se API Experience Hub.

Application responses no longer contain unsolicited owner information.

Flex Gateways now report their status as Running or Not Running instead of Connected or Disconnected.

The user owner search UI now includes a username field.

You can now change policy versions when editing Automated Policies.

Now, when the first request from a Mule API Gateway to API Manager is performed for a particular API, API Manager makes an initial setup with the provided information.
NOTE: If additional requests are received for the same API during this setup, the Gateway will receive a 429 error status.

The Service Mesh End Of Life creation blocker is now active.

Customers without a CloudHub entitlement cannot deploy proxy applications through API Manager.

Teams can now be client application owners.

Service Mesh is scheduled for End of Life on May 21, 2025. To integrate your micro services with Anypoint Platform, use Flex Gateway instead.

The automated policy list is now shown in order of application.

You can now view more owners by default on the Client Applications page.

You can now apply policies to APIs deployed to Flex Gateway, even if the Gateway version is unknown (because no replicas are connected).

You can now see APIs with multiple upstreams in the Project View.

You can now create self-managed server APIs using the API wizard.

You now see a notification for API Manager 1.x end of life on organizations that have unclassified APIs.

You can now use both internal and external client providers within the same environment at the same time.
For more information, see Configure Multiple Client Providers for Client Management.

Now, when deploying an API with policies to Flex Gateway for the first time, policy implementations are pinned.

Now, if a user attempts to change the Flex Gateway version where an API is deployed, and one of the applied policies is not compatible with the new target, the operation is rejected.

Now, When changing the Flex Gateway version, if an Automated Policy currently covering the API is lost, the user is now warned and can choose to either proceed or cancel the operation.

You can now see HTTP API instances in Governance reports, as well as AsyncAPI and REST API instances.

API Manager now includes a header x-request-d to include the internal trace ID.

Email URL functionality for contracts generated in API instances within sub-organizations is now operational.

You can now apply different versions of the same policy to various resources within the same API instance.

API instance SLA Tier limits are now validated to ensure that maximumRequests and timePeriodInMilliseconds are integers.

You can now see the SLA Tier in the client application page for APIs from environments.

Now, only users with environment or organization credentials are able to export API instances policies with sensitive fields.

The API Key Metrics experience receives frequent updates. To ensure uninterrupted access, verify that Anypoint Monitoring is enabled:

Mule API Analytics will soon be replaced by Anypoint Monitoring. Start transitioning to Anypoint Monitoring to monitor APIs effectively. Contact your MuleSoft representative for more information.

Audit logs now include a trace id.

GET API Instance Contract by ID

GET API Group Instance Contract by ID

API Manager now limits the number of API Groups, API Group Versions, and API Group Instances per business group. Each business group can have a maximum of:

This release contains accessibility improvements.

When multiple Mule gateways are connected to the same API instance, API Manager now saves the highest gateway version.

This release contains accessibility improvements, including additional focus indicators and fixes for some contrast color issues.

Manage Client Applications: Enables users to create and manage client applications in the root organization. Users with this permission can view and modify application credentials and can add and remove client owners.

View Client Applications: Enables users to view client applications in the root organization. Users with this credential cannot view an application’s secrets and cannot modify applications.

You can now upgrade your policies and API proxies to Java 17. See Upgrading Policies and Upgrading API Proxies.

Resource-level configuration options are no longer shown when applying a policy that does not support resource-level configurations.

The UI is now improved for accessibility by including the addition of alternative text for images, and alternative visual and non-visual indicators.

A warning is now displayed when policies are incompatible with the API runtime version.

Mule 4.4.x is now the default version for API proxies deployed to CloudHub, CloudHub 2.0, and Runtime Fabric.

For API instances deployed to CloudHub 2.0, the space name is now visible in the API Settings.

You can now dismiss Mule 3 end of life notifications for 14 days.

For API instances deployed to Flex Gateways version 1.5.0 or later, API Manager automatically sets the upstream’s Weight to 100% and disables the field when only one upstream service exists for that route. Adding an additional upstream to the route enables you to configure the upstream Weight.

This release contains accessibility improvements in the UI, including the addition of alternative text for images and alternative visual and non-visual indicators.

For requests made from Connected Apps, API Manager Audit logs now include the Connected App’s name and ID.

The Mule API Analytics tab is now visible to users with View APIs Configuration permission.

Some error messages are now improved for clarity.

External Bad Request (400) errors do not convert to Bad Gateway (502) errors.

This release contains accessibility improvements in the UI, including the addition of alternative text for images and alternative visual and non-visual indicators.

API Manager now supports API instances with multiple upstream services for Flex Gateway running in Connected Mode.

Deployments to deprecated Flex Gateway versions are now blocked.

This release contains accessibility improvements in the UI, including the addition of alternative text for images and alternative visual and non-visual indicators.

When adding a new API instance, there are now separate pages for the upstream and downstream configuration settings.

When editing an API instance from the settings page, there are now separate sections for the upstream and downstream configuration settings.

Selecting an API instance from API Administration now navigates you to the new API Summary page instead of the API Settings page. The API Key Metrics and the API instance information such as the type, API version, and API instance ID now appear on the API Summary page. Only the runtime and endpoint configuration still appear on the Settings page.

In API Administration, the Analytics tab is now Mule API Analytics.

Connected Apps can create and manage client applications. For more information, see Creating Client Applications with the Connected App Feature.

API status is now shown as active only when deployment is successful.

API Manager uses a standalone replica list to report configuration status based on the version of each connected replica.

Policy execution order

TLS and mTLS context configuration

Validate if the specified URL is a valid URL.

Support parameterization using {}, <>, or <<>>.

The API actions are now inside the Actions button in the page header title.

The API header is now only informative. The content in the API header is not editable, and the edit buttons were removed. The API instance label and API consumer endpoint fields editable in the API header are now only editable in the Endpoint configuration section following the API header.

For Mule 4 APIs, since the auto-discovery ID is the same as the API instance ID, the auto-discovery ID was removed for clarity. The API Manager docs are updated to highlight this change and instruct users where to find the API instance ID.

The API notification messages are now displayed at the beginning of the API header.

APIs running on Mule 3.8, which has already reached end of life and whose extended support ended on November 16, 2021.

APIs running on Mule 3.9, whose standard support ended on March 20, 2021.

Adding port sharing validation.

Flex Gateway data representation on API Manager charts is improved.

Message logs can now be viewed and downloaded in order from latest to oldest.

The message log streaming information now specifies log level, such as Info, Warn, and Error.

For SLA Tiers, the delete and deprecate actions are now found in the context menu at the end of each tier.

For Contracts:

For Client applications:

For Contracts:

API Manager now notifies you when policy implementations are incompatible with your current Flex Gateway version.

Applying a Message Logging policy to your API instance in API Manager allows you to view basic message logs for APIs managed by Flex Gateway within API Manager.

You can now sort by the Error Rate and Total Requests columns in the API Manager API Administration page.

Enhanced the UI to have the Mule 4 version selected by default for APIs.

Fixed bugs and implemented security improvements.

Support for WSDL and RAML payload validations for Mule 3 and Mule 4 proxy applications.
See API Proxy Validations for more information.

Improved UI modal for changing Mule 3 custom policy version.
See Change a Custom Policy Version for Mule 3 for more information.

Support for Mule 4 API proxy versions in API configuration

Automated policy for Mule 4 APIs

Adding RAML support for "Create new API"

While creating an API instance, API version and asset version are prepopulated

When deploying Mule 4 to CloudHub it is possible to choose specific runtime version

Notification for a managed API if API spec changes or newer version available in Exchange

JWT policy for Mule 4 APIs

Domain support for Mule 4

API Manager 2.x users will get access to Secrets Manager.

Configure, secure & deploy HTTPs proxies using certificates (keystore/truststore) stored in Secrets Manager. This feature will be available for Mule 4 APIs deployed to CloudHub & Hybrid deployment targets.

User-defined ports for CloudHub deployments

Added "Manage Runtime Fabric" proxy link

Auto populate implementation URI from Exchange

Support for Analytics chart to every granular permission

Caching Policy for Mule 4 APIs

Changes in platform APIs for unclassified environments to facilitate CI/CD pipelines.

Fine-grained access control for the November release of API Manager 2.0.

Logging and Header injection and removal policy for 3.8.5+ runtimes.

On the API Settings page "Client Applications" has been renamed to "Contracts".

Bug fixes.

Support for 3.9 proxies.

Fixes an issue when approval email was not sent after requesting access for published APIs with manual approval.

Fixes an issue with autocomplete on import from Exchange.

Improved error message when deleting Client Applications with OKTA as the IM provider.

When autodiscovery looks for API ID that does not exist, Platform returns 403 instead of 404.