On Thursday, January 30, 2014, we released a new cloud version of Apigee Edge.
If you have questions, go to Apigee Customer Support.
For a list of all Apigee Edge release notes, see Apigee Edge Release Notes.
- OAuth 2.0 update custom attributes on tokens
A new "Set OAuth v2.0 Info" policy lets you update custom attributes on OAuth 2.0 tokens.
- OAuth 1.0a policy updates
This release includes the following updates to the OAuth 1.0a policy:
- As with OAuth 2.0 tokens, you can now set custom attributes on OAuth 1.0a tokens.
- A new GenerateVerifier operation lets you generate and return an OAuth 1.0a verifier (similar to an authorization code in OAuth 2.0).
- SSL info in flow variables
Apigee Edge now lets you propagate and access SSL information in flow variables. By setting a new "propagate.additional.ssl.headers" property on a ProxyEndpoint, you have access to the same SSL information available on an Apache web server.
- JMS headers as HTTP headers
All JMS headers are now propagated as HTTP headers for downstream processing.
- Node.js module update
Apigee’s built-in Node.js module has been updated to include the following modules: argo 0.4.9, async 0.2.9, express 3.4.8, underscore 1.5.2, usergrid 0.10.7, volos-cache-memory 0.0.3, volos-oauth-apigee 0.0.2, volos-quota-apigee 0.0.2.
- Custom roles in the management UI - BETA
In addition to the existing user roles of “Business User”, “Operations Administrator”, “Organization Administrator”, and “User”, this release includes a beta feature that lets you create custom roles in the management UI. You can control access to various Edge features using custom roles.No documentation is provided with this beta. Use the following guidance for working with custom roles.
- To create a custom role, select Admin > Organization Roles in the management UI.
- Assign roles to different resources in the management UI by clicking the Roles button next to a resource.
- Use the existing User roles API to work with custom roles programmatically.
|Custom role permissions||Permissions set using custom roles now work as expected.|
|API latency analytics||In an API proxy flow, when a call to the target system results in a timeout (such as an HTTP read timeout), the target latency times included in the API analytics.|
|“type” attribute on policies||The “type” attribute now functions correctly in all Apigee policies.|
|OAuth 2.0 invalidating tokens||The invalidating tokens functionality for Apigee OAuth 2.0 policies now matches the OAuth spec. You are no longer required to provide a “type” when setting the “token” parameter.|
|RBAC with key/value maps||Role-based access control now works for key/value maps created at the environment level.|
|OAuth 1.0a policy response format||When making requests to an API with an OAuth 1.0a policy, the response is now returned in the format of the Accept header.|
|HTTP 1.0 request,
HTTP 1.1 response
This issue involves a scenario where a client sends a request using HTTP 1.0 with the
To successfully handle this scenario, you can remove the
<AssignTo createNew="false" type="response"></AssignTo>