Red Hat 3scale API Management Platform SaaS Release Notes

Updated -

For use with Red Hat 3scale API Management Platform SaaS. These release note(s) contains important information related to Red Hat 3scale API Management Platform SaaS.

About Red Hat 3scale API Management Platform SaaS

3scale SaaS is managed and operated by Red Hat as a cloud service. To get access just create an account on 3scale.net/signup. The product updates listed in this page refer to the 3scale SaaS version only. For other versions, check out the corresponding release notes in the 3scale customer portal page.

New Features and Enhancements

Date Type Summary Details
November 3rd, 2017 Feature Request Ability to unsubscribe developers from a service API providers can now unsubscribe developers from any of their API services (either individually or in bulk) using the Admin Portal interface. JIRA #258
October 31st, 2017 Enhancement Ability to access id_token returned by the SSO provider A new liquid drop has been introduced so it’s possible to access the id_token returned by the SSO provider from the developer portal. This way API providers can offer simultaneous authentication both to the 3scale powered developer portal and to any other external apps. JIRA #259
October 9th, 2017 Enhancement Warning when changing status of a developer account A warning has been introduced to make it explicit that changing the status of a developer account doesn’t automatically change the status of their applications. JIRA #244
September 18th, 2017 New Feature Trial days left shown in developer portal It’s now possible to expose, in the developer portal, how many trial days a customer has left. This can be achieved via liquid tags, documentation can be found here (replace ‘DOMAIN’ with your own domain name) https://DOMAIN-admin.3scale.net/p/admin/liquid_docs
September 14th, 2017 New API Endpoint Add / update invoices and invoice lines via API Admins are now able to programmatically add and update invoices and invoice lines via API. Enterprise only. You can read further on our ActiveDocs (the new endpoints are: Invoice Update, Create Line Item for an Invoice, and Delete Line Item of an Invoice, Invoice Create, ). JIRA #171
September 8th, 2017 New Feature New webhook to detect deleted applications A new webhook to detect when an application is deleted has been added to the existing list of available webhooks. To activate it go to Settings > Webhooks. JIRA #231
September 8th, 2017 ActiveDocs Upgrade Swagger UI upgrade to v. 2.2.10 in ActiveDocs We have upgraded our ActiveDocs to version 2.2.10 of Swagger UI in the Developer Portal. With this change a few known issues like ability to set the default view for the response class (Model or Model Schema), or request headers not shown, are now solved. JIRA #147
September 6th, 2017 Enhancement Support for 4-byte UTF-8 Unicode characters Added support for 4-byte UTF-8 Unicode characters in the CMS (Developer Portal) templates.
August 31st, 2017 New Feature Ability to delete applications from the developer portal Providers can now allow their API consumers to delete applications from the developer portal (it was only possible via API until now). Applies to all provider accounts created after Aug. 31st, 2017. JIRA issue #153
August 21st, 2017 Enhancement UX / UI: navigate to individual apps from Analytics It’s now possible to navigate directly from the Analytics > Top Applications view to individual applications. Small fix, big time savings. JIRA issue #150
August 17th, 2017 Enhancement Ability to use same email address in admin and developer portal As an admin user you can now use the same email address to sign up in the Admin Portal and in the Developer Portal (within the same 3scale provider). Note that admin users won't be able to log in to the developer portal with their admin user credentials. But they can have a completely separate user account in the developer portal with the same email address. JIRA issue #152.
August 6th, 2017 Enhancement Update customer billing status via API It is now possible to programmatically update the billing status of a customer (fields 'monthly_billing_updated' and 'monthly_charging_enabled'). To do so, use the Account update' endpoint (Account management API). JIRA Issue #154.
August 6th, 2017 New API Endpoint Update invoice status via API A new endpoint called 'Invoice' has been added to the 3scale billing API so providers can update the state of an invoice programmatically. JIRA issue #155.
July 5th, 2017 Enhancement SSO for Admin Portal improvements Where Single Sign-On for the developer portal is mostly motivated by making signups easier for developers, when it comes to Single Sign-On for the admin portal an important consideration is centralized access management. That’s why it’s now possible to enforce SSO for the admin portal and thus completely disable password based sessions. Furthermore, it’s now possible and required to test an SSO integration from within the admin portal before publishing it on the sign in page.
May 25th, 2017 New Feature New 3scale status page From now on, in addition to our 3scale status Twitter account, you can check 3scale system status updates here. You can also subscribe to email notifications from there if you wish to do so.
May 24th, 2017 New Feature Single Sign-On (SSO) for Admin Portal Support for Single Sign-On for the admin portal- both for admins and members- using Red Hat Single Sign-On or Auth0. Enterprise only.
May 17th, 2017 Enhancement Revamped application export file The application export file contains new fields matching all the information available in the UI: Account name, Service name, Paid or Free, and Last traffic on (date).
May 17th, 2017 Enhancement Ability to edit developer accounts information Members can now edit developer accounts information. Note that developer accounts have a presence across services, so if a member with visibility into service A but not into service B makes changes, members with access to service B will also see those changes.
May 16th, 2017 New API endpoint Manage roles and permissions via API Admins are now able to programmatically configure member service permissions via API (changing member_permission_service_ids[]). Enterprise only. You can read further on our documentation site.
April 26th, 2017 APIcast Upgrade APIcast upgraded to v.3.1.0 APIcast hosted (up to 50k calls/day) has been upgraded to v.3.1.0. For more details on changes, please check out the APIcast changelog. This is an opt-in feature for existing users. If you’re using APIcast self-managed, learn how to upgrade to the latest version of APIcast. Note: if you are using a dockerized version of APIcast, make sure you upgrade to the latest image version available.
March 31st, 2017 New API endpoint Update inbound email addresses via API A new endpoint called ‘Provider Account Update’ has been added to the Account Management API so providers can update email settings for inbound email addresses programmatically.
March 29th, 2017 New API endpoint Update general settings via API A new endpoint called ‘Settings Update’ has been added to the Account Management API so providers can update general settings of their account programmatically.
March 7th, 2017 Enhancement Easier navigation from Analytics to Applications A new link has been added from the Analytics > Limit violation notification view so it’s easier to navigate to specific applications from there.
February 22nd, 2017 Support Configuration Plugins community supported only Our code plugin integrations are now a 100% community effort and as such no longer officially supported by Red Hat. This change should not affect the operation of your API(s) integration. For more information see the open source GitHub repositories.
February 5th, 2017 Enhancement Better handling of SSL certificate issues (with RH-SSO) When using a RH-SSO instance without a valid SSL certificate, you now have the ability to disable SSL verification from 3scale in order to be able to continue with the integration.
January 20th, 2017 New API endpoint Create ActiveDocs API A new endpoint called ‘ActiveDocs Spec Create’ has been added to the Account Management API so providers can create ActiveDocs programmatically. See API documentation at https://YOUR-DOMAIN-admin.3scale.net/p/admin/api_docs
January 20th, 2017 New API endpoint Get a list of all ActiveDocs IDs API A new endpoint called ‘ActiveDocs Spec List’ has been added to the Account Management API so providers can get a list of all their ActiveDocs programmatically. See API documentation at https://YOUR-DOMAIN-admin.3scale.net/p/admin/api_docs
January 5th, 2017 APIcast Upgrade APIcast dockerized image upgrade to v.2.0 For more details on changes, please check out the APIcast changelog. The image can be downloaded from the Red Hat Container Catalog. Read more about this in the Red Hat Middleware Blog.
December 1st, 2016 New Feature Deleting services from the UI From now on if you’re on a plan that lets you create multiple API services, you’ll also be able to delete them. The only restriction is that you always need to keep at least one service under your account. Note: If you signed up before Dec. 1st, you’ll be able to delete any service but the very first one that was created.
October 13th, 2016 Enhancement SSO for invitations in the developer portal No matter if you are using RH-SSO, GitHub, or Auth0 to allow your developers to use SSO to login into your developer portal, with this change, invited developers (and not only the ones that sign up directly) will also be able to take advantage of it.
October 13th, 2016 Enhancement Only admins have access to account info In order to make it possible to providers to restrict access for members to certain sensitive areas of the Admin Portal, from now onwards only admin users will be able to access the ‘Account’ section. This means that member users will no longer be able to see the account-wide API key (they should use personal access tokens instead), export account data, or perform other actions at the account level.
October 11th, 2016 Enhancement SSO developer portal transparent signup A couple of months ago we introduced the ability to integrate with RH-SSO for a more flexible developer portal authentication configuration. Now you can offer an even better signup experience to your developers by creating their 3scale account on behalf of them in cases where all the information needed is provided by the IdP.
October 3rd, 2016 Enhancement New access tokens Introducing a new, more secure way to authenticate against all the 3scale APIs: 3scale tokens. See Documentation.
September 30th, 2016 Enhancement Analytics view enhancements Visualize traffic by metrics (new view) and keep filter selection when switching from one view to another. These changes are part of a broader revamp of the Analytics UI.
August 19th, 2016 Upgrade Upgrade to Liquid v.3.0.0 Upgrades Liquid to version to 3.0.0, see documentation. Liquid can be used to include developers information both in your Developer Portal and in emails sent to developers.
August 17th, 2016 Enhancement Integration with RH-SSO for the developer portal Use Red Hat Single Sign-On (RH-SSO) to authenticate users on the Developer Portal. This will allow you to enable SSO with social logins (Twitter, Facebook, LinkedIn, Google etc.) as well as connecting with existing user databases (AD/ LDAP). See documentation. Read blog post published in the Red Hat Middleware Blog.
August 11th, 2016 Enhancement New notification system No more noise in your inbox! The new notification system for providers allows admins and members under the same 3scale account to subscribe to notifications independently. Notifications will show in your dashboard, and you can decide which ones to receive by email as well. See documentation.
August 9th, 2016 Enhancement Ease of roll-back gateway configuration Adds ‘updated at’ information to JSON endpoint so it’s possible to roll-back the gateway configuration in an automated deployment scenario. Undocumented.
July 21st, 2016 Enhancement Ease of use in API definition New ‘API Definition’ page to centralize creation of methods and metrics. These will then be available both under Integration > Mapping rule and under Applications Plans to define rate limits and pricing rules. See documentation.
June 16th, 2016 New Feature Roles and rights by service From now on different API teams under the same 3scale account can have independent access to different services. Admins can invite and give permissions to members from the Admin Portal. Enterprise only. See documentation.
May 16th, 2016 New Feature Adyen - New payment gateway integration In addition to the already available gateway integrations such as Stripe or Authorize.net, Adyen has now been added. The Adyen platform is recommended for monetize large volumes of API transactions across continents, currencies, and payment methods. See documentation.

Deprecated Features

Date Summary Details
July 17th, 2017 TLS 1.0 support discontinued We have now discontinued TLS 1.0 support for our services.
June 1st, 2017 Request logs no longer available A mix of the request logs feature not being very popular and users preferring standard logging infrastructures were the reasons why we made this call. We recommend using a log management tool for aggregating NGINX logs. Open source tools such as ELK (Elasticsearch, Logstash, Kibana) offer great flexibility.
April 1st, 2017 TLS 1.0 support We are in the process of deprecating TLS 1.0 support for our service. Some security flaws have been identified in the past few years that relate to this protocol and there are some international services that require a server not to support this protocol in order to be certified as compatible (i.e. PCI-DSS).
August 22nd, 2016 Provider templates no longer available from the UI Due to the introduction of a new notification system on Aug. 11th, email templates for provider notifications (notifications) are no longer available in the UI. As part of the new notification system implementation, the email copies have been reviewed and changed to cover most common needs (e.g. including necessary user data). If that’s not the case, feel free to reach out to us. You will still be available to edit email templates for provider to developer communications from the UI (messages).

Resolved Issues

Date Summary Details
November 13th, 2017 Mandatory SSL authentication in developer portal Fixed issue that was preventing users from being authenticated with RH-SSO in the developer portal when skipping SSL authentication. JIRA #412
November 6th, 2017 Analytics view not properly working (Internet Explorer 11 on Microsoft Windows 10) The analytics view has been fixed and now properly works when using Windows 10 and Internet Explorer 11. Note that the recommended browser for Windows 10 is Microsoft Edge.
October 18th, 2017 Feature system name can’t be accessed via liquid tags Feature system names can now be accessed via liquid tags to be used in the developer portal. JIRA #410
October 10th, 2017 ‘Invoice create’ ActiveDocs doesn’t work The ‘Invoice Create’ endpoint (Billing API) wasn’t working in the ActiveDocs due to the way the params were being passed (path vs. query). It has been fixed now. JIRA #382
October 10th, 2017 Duplicated “Invoice” endpoint in Billing API The issue has been fixed by renaming the previously named GET Invoice to “Invoice Read” and the PUT Invoice to “Invoice Update”. JIRA #385
September 18th, 2017 Incorrect credit card year saved When adding a credit card year, both 2-digit and 4-digit values are accepted. Whenever a 2-digit year is provided, the system will normalize it to a 4 digits automatically. JIRA #330
September 18th, 2017 Incorrect credit card shown (Adyen) When a customer updates a credit card, the latest one will always be the one saved and shown in the UI, apart from being the one used for the next transaction. See documentation.
September 18th, 2017 Client secret update doesn’t update update_at field When the client secret of the application object is updated, the updated_at field is now also updated accordingly. JIRA #290
September 18th, 2017 Service name not shown in app view (Dev portal) Service name wasn’t being shown in the developer portal, making it difficult to distinguish apps automatically created by the same developer in different services (they all get the same name by default). JIRA #298 Solution
August 21st, 2017 Bypassing account approval with SSO If account approval is required, users authenticating with a trusted IDP will not be able to log in until their account is approved. JIRA issue #127
August 7th, 2017 Fixed billing issues with ‘0’ values preventing saving credit card details When adding credit card details, values ‘000’ in the CVV field and ‘00000’ in the zip code are now accepted. JIRA issue #162. Read more

Known Issues

  • OAuth Authorization Code flow is fully configurable in the admin portal. Other OAuth flows currently require customizations in APIcast.

Technology Preview

WARNING: The following configurations and features are provided as technology previews only. They are not supported for use in a production environment, and may be subject to significant future changes. See this note on the Red Hat Customer Portal on the support scope for Technology Preview features.

Date Summary Details
Apr 27th, 2017 APIcast integration with OpenID Connect for RH-SSO Use Red Hat SSO and APIcast with OpenID Connect to authenticate API connections. Check out the upstream documentation.

Was this helpful?

We appreciate your feedback. Leave a comment if you would like to provide more detail.
It looks like we have some work to do. Leave a comment to let us know how we could improve.
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.