API Platform: Release Notes 03/08/2013

BID 2165

Not able to modify the default proxy in Code view
This issue is fixed such that changes made in proxy or target endpoint xml in code view won’t be lost.

BID 2781

Users cannot be created in the Developer Portal if there is a connection failure
This issue is fixed such that you can register in a customized developer portal even if there is a failure in connecting to the API Platform.

BID 2724

Users cannot reset password in the Developer Portal if there is a connection error
This issue is fixed such that you can reset your password in a customized developer portal even if there is a failure in connecting to the API Platform.

BID 3023

Passwords with special characters not working during sign up and password reset
This issue is fixed such that you can now login with a  password that contains special characters (such as ~!@#$%).  You can also reset a password to one that contains special characters.

BID 2901

The resource path shown in the UI is not correct
The API detail page now correctly shows the URL for each API resource. An example of an API resource path is /users. Previously, the URL for each resource path displayed an extra “/” character before the resource’s URL fragment, for example, //users.

BID 2736

Removing query parameters from the Assign Message policy does not work as expected
Query parameters can now be successfully removed from an Assign Message policy. Previously, query parameters removed in the policy editor reappeared after the API was deployed.

BID 2666

Removing a policy in the policy editor UI isn't reflected in code and generates a server error during deployment
This issue is fixed such that a policy can be successfully removed from an API. Previously, if you created a policy using the policy editor and then removed the policy, it would generate a server error when the proxy was deployed.

BID 2373

Apps page shows information in incorrect format
The Apps page in the API Platform UI now shows information in the correct format. Previously, information for some fields was presented in an incorrect format.

BID 2349

Users or operations administrators cannot view custom report configuration
Users or operations administrators can now view the configuration for a report. Previously, there was no button available for users in these roles to view the configuration.

BID 2346

Users or operations administrators get server error message if they have insufficient permission to delete product
Users or operations administrators now get the following error message if they attempt to delete an API product: “Error while deleting product. Insufficient permissions.” Previously, the following error message was generated: “Server error. API product not deleted.” This suggested a server issue rather than a permissions issue.

BID 1786

Dashboard metrics are incorrect when the "All Environments" option is selected
The metrics displayed in the API Platform dashboard when “All Environments” is selected now correctly displays the sum of the metrics for all environments.

BID 1766

Change password confirmation rules not enforced
This issue is fixed such that password confirmation rules are enforced on all password changes, and passwords that are not confirmed result in an error. Previously, the password confirmation was not correctly enforced.

BID 1359

Deleting multiple policies in the Code view at the same time does not work
This issue has been fixed such that you can successfully delete multiple policies in the Code view at the same time..

BID 2221

It is possible to import and deploy different policy files with the same name attribute
This is fixed so that if you create two policy files but name them the same, an error message is displayed. Previously, the API proxy deployed without errors.

BID 1412

Unable to extract data from the Request.URI through the Extract Variables policy
This issue has been fixed such that data is now correctly extracted by the Extract Variables policy and is available for custom analytics.

BID 3131

The Source field of the XML-JSON policy configuration does not accept flow variables
This issue has been fixed such that you can specify flow variables in the Source field of the XML-JSON policy configuration.

BID 2948

Unable to reset the quota in the same proxy multiple times
This issue has been fixed such that you can use the Reset Quota policy in the same proxy multiple times.

BID 2637

User able to inject JavaScript into callback URL for Developer Portal application
This issue been fixed such that you cannot inject JavaScript into the callback URL field for a Developer Portal application. This removes a potential vulnerability cause by script injection.

BID 2557

Unable to undeploy or delete an application when the app bundle is invalid or has an incorrect configuration
This issue been fixed such that a deployed application can be undeployed or deleted even if the app bundle is invalid or has an incorrect configuration.

BID 2562

The Extract Variable policy cannot accept variables in JSONPath
This issue been fixed such that you can specify variables in the JSONPath field of an Extract Variable policy.

BID 2481

Changes to the default proxy are ignored
This issue been fixed such that you can update the default proxy. Previously, updates made in the Policy Editor to the default proxy were ignored.

BID 2041

Only the first header value is sent to the client when setting a list of headers in a response message using JavaScript
This issue has been fixed such that a client will receive all header values when you update a list of headers in a response message using JavaScript.

Additionally, the client will receive all header values if a header is set with multiple values separated by commas. Previously, the client received only the first value in the list.

BID 3018
 

Available quota counter returns incorrect numbers
This issue been fixed such that the available quota counter flow variable (ratelimit.available.count) shows the correct value for the remaining quota when used with the Reset Quota policy

BID 2628

Distributed synchronous quota doesn't expire and can't be reset
This issue has fixed such that a distributed synchronous quota will expire at the end of its defined interval and can be reset.

BID 2600

Access Entity policy returns incorrect response when entity does not exist
When the Access Entity policy is executed for an entity that doesn’t exist, it now returns an empty response with HTTP response code 200 instead of only HTTP response code 500.

BID 2579

The Refresh Token policy does take an external refreshtoken as input
This issue has been fixed such that the Refresh Token policy now takes an external refreshtoken as input.

BID 2477

API revision numbers are not returned in sequence
This issue has been fixed such that calls that return API revision numbers will return those numbers in proper sequence.

BID 2207

The Access Entity policy does not accept the developer ID as input
The Access Entity policy will now accept the developer ID as input to retrieve a developer entity.

BID 2151
 

Generating an access token with the OAuth 2.0 policy returns all values for the accesstoken object
This issue has been fixed such that generating an access token with the OAuth 2.0 policy will not return those attributes whose 'display' property is set to "false". By default, the 'display' property is "true".

BID 1503

The trace logs do not capture service callout requests and responses
Trace logs now include the request, response and request URI, and execution time for service callouts to enable better troubleshooting.

BID 1855

Updating flows in a ProxyEndpoint or TargetEndpoint record does not work
This issue has been fixed such that you can successfully update flows in a ProxyEndPoint or Target Endpoint.

BID 2521

Unable to retrieve audit logs for organizations
This issue has been fixed such that you can successfully retrieve audit logs for an organization.

BID 2603

In an Access Entity policy, when the entity app is referenced using the identifier name, the app id also returns the corresponding app
This issue has been fixed such that the Access Entity policy returns information only for the referenced entity type.

BID 2545

No validation is performed on the purge token properties
This issue has been fixed such that  validation is now performed on purge token properties.

BID 2544

Purge does not happen when the purge.after.seconds property is not provided for PurgeToken
This issue has been fixed such that a token is immediately purged once it is expired, even if the purge.after.seconds property is not provided.

BID 2413

There is no support for mapping the OAuth "state" parameter  when creating an auth token
If the OAuth 2.0 policy is used to generate an access token, all  specified OAuth parameters will be mapped. Previously, the “state” parameter was not mapped.

BID 1692

Analytics uses an 'NA' string to record custom variable data even when the user specifies a default string
This issue has been fixed such that if you use the UI to specify a default string for a custom variable, Analytics will use that string to record data for the custom variable.

BID 1633

Client credentials other than the client_id and secret are not supported
This issue has been fixed such that clients that use authentication models other than client_id and secret are supported.

BID 1468

The OAuth 2.0 Generate AccessToken policy supports more character sets in the ContentType
The OAuth 2.0 Generate Access Token policy now supports more character sets (such as utf-8) in the Content-type.

BID 1450

Trace logs do not show variables modified in a step
The Trace logs now correctly show variables that are updated during a step. Previously, these updates were not recorded.

BID 1335

The ratelimit.{name}.used.count variable is set incorrectly in the Spike Arrest policy
The ratelimit.{name}.used.count variable is now correctly set in the SpikeArrest policy. Previously, the variable was set to a value of 100000 in all cases.