Release Notes

Red Hat 3scale API Management 2.2

For Use with Red Hat 3scale API Management 2.2

Red Hat Customer Content Services


Release Notes for Red Hat 3scale API Management 2.2.

Chapter 1. Red Hat 3scale API Management 2.2 On-Premises Release Notes

1.1. New Features

1.1.1. Major Changes

  • Some functionality that was previously controlled by environment variables is now controlled by policies.
  • Wildcard router functionality is no longer technology preview and is now fully supported.
  • Billing (JIRA 549)
  • Multitenancy (JIRA 452)
  • New APIcast policies system
  • APIcast out-of-the-box policies and config from UI (JIRA 553, JIRA 419 and JIRA 627)

  • Oracle database support
  • Upgrade from 3scale AMP 2.1 to 2.2 (JIRA 551)

1.1.2. Minor Changes

  • Mutual SSL (single certificate)
  • Added support for multiple backends to one 3scale service (JIRA 618)
  • Added warning to inform the users that before suspending accounts its applications must be suspended (JIRA 244)
  • Ability to unsubscribe developers from a service (JIRA 258)
  • Ability to access id_token returned by the SSO provider (Auth0) from the developer portal (JIRA 259)
  • Add service name to the name of an application in the apps developer portal view (JIRA 298)
  • reCAPTCHA used on the developer portal is upgraded to v2 (JIRA 557)
  • Retrieving a list of service contract IDs. This endpoint complements the ability to unsubscribe developers from a service via the Service Subscription Delete endpoint. (JIRA 525)
  • API providers can now allow their developers to consume different API services using the same user key.
  • Two new fields, first_daily_traffic_at and first_traffic_at, have been added to the ‘Account create’ and ‘Account update’ Account Management API endpoints. Use these new fields to retrieve information, such as date of most recent traffic, for a particular application.

1.2. Resolved Issues

  • Wildcard router doesn’t correctly pass headers with underscore in name (JIRA 409)
  • [IE11] JavaScript code uses Array.prototype.find(), which IE11 doesn’t support (JIRA 605)
  • In liquid tags feature.system_name is missing implementation (JIRA 410)
  • The option ‘Skip SSL certificate verification’ is not working (JIRA 412)
  • 3scale version is not shown in admin portal footer (JIRA 477)
  • Missing breadcrumb in the Account menu (JIRA 486)
  • CMS preview mode always redirects to draft after saving template
  • The analytics view has been fixed and now properly works when using Windows 10 and Internet Explorer 11

1.2.1. Patch release: Red Hat 3scale API Management 2.2.1 (11th July, 2018)

  • In OpenID Connect mode, authorization mechanism is not working properly (JIRA 1080)
  • Add the ability to configure path based routing in APIcast using APICAST_PATH_ROUTING environment variable (Info)

1.3. Documentation

1.4. Known Issues

  • Developer portal spam protection renders developer portal inaccessible if there is no key for reCaptcha set
  • Dashboard stream and email notifications are not filtered according to the admin member permissions (JIRA 629)
  • Servers on which 3Scale API Management is installed must use the UTC time zone for correct invoice generation in postpaid mode (JIRA 534)
  • Internal Server Error when accessing signup page with spam protection enabled (JIRA 908)
  • 500 internal error response when accessing Service settings view (JIRA 878)
  • Incorrect line item created using "Instant Bill Plan Change" feature
  • Backend-listener fails to reconnect to backend-redis (JIRA 608)
  • Wildcard router overrides unsecured routes (Resolved in OpenShift Container Platform 3.9.33)
  • Ogone and payment gateways are not supported. Nevertheless, these options are shown in the billing settings

1.5. Deprecation Notices

  • Native OAuth 2.0 implementation (Authorization Code flow) for API traffic authentication is still supported in 2.2 (documentation). However, in 2.3, the only supported option for OAuth 2.0 will be the OpenID Connect integration with Red Hat Single Sign-On which includes support for multiple OAuth 2.0 flows (documentation).
  • The following APIcast environment variables have been deprecated:

  • Changes in Content-Type accepted by the Service Management API: The only Content-Type accepted by the Service Management API will be application/x-www-form-urlencoded

Legal Notice

Copyright © 2019 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.