Release Notes for Red Hat 3scale API Management 2.10 On-premises

Red Hat 3scale API Management 2.10

Document intended for use with Red Hat 3scale API Management 2.10

Red Hat Customer Content Services


This document informs users about the latest and Technology Preview features, as well as resolved issues, associated documentation, and known issues in Red Hat 3scale API Management 2.10


This document is intended for use with Red Hat 3scale API Management 2.10 On-premises.

Chapter 1. New features

1.1. Major features

  • Support for zero downtime upgrades (JIRA #4722 and JIRA #4723).
  • Additional operator enhancements: added monitoring resources for System & Zync components though Grafana and Prometheus (JIRA #4743 and JIRA #4744).
  • Support for Oracle as an external database on OpenShift 4.x deployments (JIRA #2998).
  • APIcast gateway adapted to support a validated cryptographic module with FIPS 140-2, exclusively for all operations relating to the decryption and encryption of SSL/TLS and HTTP/2 traffic (JIRA #5337).
  • Possibility to configure the limits for request and response payload size (JIRA #5244).
  • Support for PROXY protocol in IP Check Policy of APIcast (JIRA #5366).
  • Enhancements in the user experience and user interface for a renewed Dashboard, and standalone pages for Products and Backends.

1.2. Minor features

  • Automatic redirection of users to Single Sign-On if it is enforced for an account (JIRA #2795).
  • Added GET endpoint to read the Active document in the Account Management API (JIRA #5826).
  • Improved performance of the proxy config and /admin/api/service.json endpoints, resulting in a faster retrieval of configurations when there is a large number of services (JIRA #4528).
  • Monitoring resources to debug specific components (JIRA #4801).
  • Added configuration of the storage space in the 3scale operator (JIRA #3652).
  • Customizable resource requirements in the APIcast operator (JIRA #5964).
  • Empty as a default value for the Caching policy (JIRA #1514).
  • Extended features for the URL Rewriting with Captures policy (JIRA #6270).
  • In the 3scale Admin Portal, Account Settings is now listed in the context switcher (JIRA #6241).
  • After you finish the installation, you will get a link to the 3scale Master account portal in the OpenShift dashboard for your namespace (JIRA #5444).

Chapter 2. Technology Preview features

  • High Availability (HA) and Evaluation (Eval) OpenShift templates (JIRA #1168).
  • 3scale operator for capabilities: It allows using custom resources to define 3scale tenants, APIs, plans, limits, metrics and other definitions to set them into a 3scale installation (JIRA #1798).

Chapter 3. Resolved issues

  • Changes made to the Stripe and Braintree payment gateway integrations:

    • Ensure you have understood the implications for each one of these payment gateways before upgrading 3scale to 2.10. These implication are described in Changes in 3scale: Integrating 3scale with payment gateways.
    • Using billing and integrating with Stripe:

      • Fixed issues preventing credit card charging when Strong Customer Authentication (SCA) is enforced (JIRA #6515).
      • As a result of these fixes, the text for unsuccessfully charged email response has been updated (JIRA #6767).
      • Documentation with the steps to configure 3scale with Stripe will be available soon.

    • Using billing and integrating with Braintree:

  • The autocomplete feature for OpenAPI Specification 3.0 is not operational in the Developer Portal (JIRA #6088).
  • Adding custom policies to APIcast fails on OpenShift 4 (JIRA #5515).
  • The position of a mapping rule defined in a YAML file is overlooked (JIRA #5747).
  • A member can see and modify ActiveDocs even if this user type is restricted to access APIs (JIRA #952).
  • The complete domain name of the API can be specified in the Private Base URL (JIRA #4752).
  • Messages in Trash cannot be viewed or restored (JIRA #1503).
  • The Search feature of mapping rules operates inaccurately (JIRA #5817).
  • When importing an OAS 3.0.2 spec, the 3scale toolbox converts custom ports to the default protocol in the Backend definition (JIRA #6192).
  • 3scale-operator version is wrong in the operator overview page (JIRA #5631).
  • Multiple apicast- services in the same OCP project results in APIcast errors (JIRA #6315).

Chapter 4. Known issues

  • Integrating with Braintree: If you upgrade to 3scale 2.10 integrated with a Braintree account without 3DS version 2, payment integration does not work. You have two alternatives:

    • Integrate 3scale with a Braintree account having 3DS version 2 enabled.
    • Consider not upgrading to 3scale 2.10, until we announce the availability of a solution for integrations with Braintree without 3DS.
  • 3scale monitoring with Prometheus and Grafana performs inaccurately when showing values (JIRA #6446 and JIRA #6403).
  • Sphinx searches return all the existing records if you search by the name of the class (JIRA #6405).
  • Search does not work for newly created services and backends until these items are indexed the next day (JIRA #6205).
  • System/Zync sometimes fails to create routes when deploying 3scale (JIRA #6391).
  • User names in 3scale must be 40 characters or fewer. When a user name has more than 40 characters, 3scale usually truncates it. Consider this when you do any of the following:

    • Create a developer account.
    • Create a provider account as the master.
    • Add a user to a provider account as the provider or as the master.
    • Add a user to a developer account in the Developer Portal or in the Admin Portal.

    User names must be 40 characters or fewer when using Red Hat Single Sign-On to authenticate access to the Admin Portal or Developer Portal.

Chapter 5. Documentation

Supported configurations

Security updates

Upgrade guides

  • Check the procedures to upgrade your 3scale installation from 2.9 to 2.10, for the following deployments:

Chapter 6. Changes in 3scale

This section announces current and future changes for 3scale 2.10

6.1. Integrating 3scale with payment gateways

  • 3scale 2.10 introduces changes in the Stripe and Braintree payment gateway integrations to support Strong Customer Authentication (SCA) regulations. If you are using one of these payment gateway integrations, ensure that you understand the following points before upgrading 3scale to 2.10:

    • Integration with Stripe: Documentation with the steps to configure 3scale with Stripe will be available soon. When the content is available, we will update this notice.

    • Integration with Braintree: If you are integrating 3scale 2.10 with Braintree, ensure your Braintree account is enabled with 3DS version 2.

6.2. Deprecated features

  • Support for APIcast deployments running as a container in RHEL7 and Docker is deprecated. In future releases we will only support RHEL8. In case of running APIcast self-managed as a container, the recommendation is to move to RHEL8 and Podman.

6.3. Removed features

  • Support for Oracle 12c was replaced with Oracle 19c.

6.4. Future changes

  • Currently, when Proxy Update is used, it creates a new APIcast configuration version for the Staging environment with the updated settings. This will not be the case in future releases; users will need to use the new Proxy Config Promote endpoint for this purpose.
  • Support for Redis 3.2 will be removed in future versions.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Legal Notice

Copyright © 2021 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.