Akana API Platform Release Notes 2022.1


Date April 01, 2022

Version 2022.1.1

Document updated on: 2023-02-01 12:38, Pacific Standard Time

System Requirements

Upgrading Akana API Platform to Version 2020.1.x, 2020.2.x, or 2022.1.x


Create indexes before upgrading

It's recommended to create indexes before upgrading to 2020.2.x. See Create indexes before upgrading.

UI customizations

If you have UI customizations, rebuild styles after upgrade (Admin > Customization > Rebuild Styles), then test your customizations.

Post-GA Updates

Date/release version


March 4, 2022
Removed the section "Known Issues" from Version 2022.1.0, as the issue has been addressed.
March 4, 2022
Enhancements for previous versions 2020.2.16 and 2020.2.17 have been added to this file.
April 1, 2022
Corrected links to "System Requirements" and "Upgrading Akana API Platform..." above.
Feb.1, 2023
Removed all enhancements entries regarding the previous major version 2020.2.x to avoid duplication and simplify these notes. These enhancements are still listed in the 2020.2.x release notes.


Version 2022.1.1

March 7, 2022

Enhancements: 2022.1.1

This release includes no enhancements.

Bug Fixes: 2022.1.1

Standalone container config wizard did not start

The standalone Configure Container Instance Wizard was failing to start due to incorrect configuration of the location of some required bundles. The configuration has been updated to the correct location.

Support ticket: SUPPORT-48823

AMQP messaging issue fixed

For 2022.1.0, the AMQP protocol was not working as expected. With this release, the issue is fixed, and its "Known Issues" entry has been removed.

Support ticket: No related support tickets.

Version 2022.1.0

February 24, 2022

Key Features: 2022.1.0

GraphQL query language now supported

This release adds support for GraphQL, a query language for APIs. Using GraphQL, the client can request information in a single GraphQL request that might previously have required multiple traditional REST API requests. For details, see "Installing and Configuring GraphQL for the Akana API Platform" on the Akana docs site.

New Akana Admin Console

Although the new Admin Console is automatically installed with this release, it is not yet the default console. The current Akana Admin Console will be deprecated in a future release when it will be replaced by the new Admin Console as the default.

We strongly encourage users to try the new Admin Console and provide feedback to Akana via the Support desk.

To use the new Admin Console, navigate to http://host:port/admin/ui/index.html. The default Admin Console will continue to be accessed at http://host:port/admin For more detail, see "Akana Administration Console" on the Akana docs site.

Known issue: In the new Admin Console, in the Add Database task, running this task for a second time only gives the option to connect to an existing database. Workaround: If you want to create a database using the Add Database task, switch to the default Admin Console to make this change. As a best practice, it is preferable to have the database administrator create the database, and then connect to it using this configuration task.

New JOSE Profile-Driven Security Policy

A new policy, the JOSE Profile-Driven Security Policy, allows users to supplement the JOSE Security Policy v2 with additional security standards such as RSA Adaptive Authentication for eCommerce, Visa Token Service, or UK Open Banking Event Notifications.

For details, see "Using the JOSE Profile-Driven Security Policy" on the Akana docs site.

Deprecations and Removals

Apache Axis 1.4 deprecated and replaced by Axis2 1.7.9

Apache Axis 1.4 is deprecated with this release, replaced by Apache Axis2 1.7.9. Axis is a call component used in the Management Point pipeline.

Support ticket: No support ticket

Enhancements: 2022.1.0

MongoDB Operational metric rollup configuration now has purge intervals

Purge intervals were not defined for MongoDB's OPERATIONAL_METRIC rollup configuration, resulting in rollup data for MINUTES and HOURS being kept for a year before being purged. Default settings are based on the value._rolluptype as follows:

Rollup Type Default Purge Interval
MINUTES -> 1 day
HOURS -> 1 week
DAYS -> 1 year
WEEK -> 1 year
MONTH -> 1 year
YEAR -> 1 year

Support ticket: No related support tickets.

OpenJDK JRE version has been updated to 1.8.0_292

The OpenJDK JRE version that ships with the product has been upgraded from 1.8.0_275 to the latest version, 1.8.0_292.

Support ticket: No related support tickets.

API Consumer Application Security Policy now supports HMAC-SHA512

The API Consumer Application Security Policy has added support for cypher suite HMAC-SHA512, available as an option on the policy page. For more information, see "Configuring API Consumer Application Security Policy options" on the Akana documentation website.

Support ticket: SUPPORT-43228

Support added for LDAP users to log in to an OIDC provider

LDAP groups already configured in an LDAP directory can now be accessed within an OpenID Connect configuration in order to log into the Community Manager Development Portal using their LDAP logins.

Support ticket: SUPPORT-41444

For OpenAPI 3.0, parameters, request bodies, and responses can now contain examples

For an API based on OpenAPI 3.0 (OAS), its documentation now supports the inclusion of a full example, or multiple examples, for parameters, request bodies, or responses.

Support ticket: SUPPORT-41503

New MongoDB option to use Aggregation Pipeline for data rollups

MongoDB data rollups can now be performed using a MongoDB Aggregation Pipeline (requiring MongoDB 4.2 or later). A new property in the Admin Console controls whether to use the new pipeline or the previous Map/Reduce option, available under Configuration > Configuration Categories > com.soa.persistence.mongodb.

To reduce the memory footprint of the Mongo _id, the new Mongo Aggregation framework now compresses all the individual fields. The ContainerKey in the _id remains intact for sharding purposes.

Note: This will result in two sets of rollup data until the old documents with individual fields are purged.

For details, see "Using the Aggregation Pipeline for data rollups" on the the Akana docs site.

Support ticket: No related support tickets.

Business Metrics Policy includes the app ID for mapping to a custom dimension

In the Business Metrics Policy, you can now map the Application ID to a custom dimension in the Operational Dimension list.

Support ticket: SUPPORT-39779, SUPPORT-39605

Community Manager developer portal's logo is now more customizable

In addition to width customizations, the logo in the top left corner of the Community Manager developer portal is also now customizable by height and padding.

Support ticket: No related support tickets.

Bug Fixes: 2022.1.0

In Policy Manager, internet restrictions could impact viewing policy details

Some policy configuration details did not display when access to the internet was restricted for the application.

Support ticket: SUPPORT-46233

The RAML parser was not processing global schemas correctly

The RAML parser was incorrectly parsing global schemas in some cases, resulting in the global models not appearing in the wsdl:types section of the schema.

Support ticket: No related support tickets.

Analytics pie chart could incorrectly report operation chart values

The API Analytics pie chart (API > Analytics > Overview) could display incorrect operation chart values in some cases.

Support ticket: SUPPORT-38763

Setting API Default as request media type for an operation did not work as expected

API request payloads of content-type "application/json" were being transformed to XML before the request was sent downstream, if the request media type for the operation used API Default, and if the Default Media Types for the API were set to "Any in and out".

Support ticket: SUPPORT-43265

Some Swagger documents did not display correctly on the API Details and Designer pages

Swagger documents containing operations with responses of different content types did not display correctly on the API Details and API Designer pages.

Support ticket: SUPPORT-40901

Custom policies did not display when a PM Context path was not "/"

In Policy Manager, custom policies now work when the PM context path is something other than /. Previously, if the context path was not at root, the policies would not display correctly in the UI.

Support ticket: No related support tickets.

Support added for checking for an "email.from" message part

The "email.from" message part was always part of the developer portal notification email templates, but if a custom value was provided, it was not used.

Support has now been added for checking if a value was provided for this message part on the email message template before sending a notification. If a value has been set, it is used as the "from" address on the email.

Support ticket: SUPPORT-21396

Enabling/disabling basic authentication setting did not persist after container restart

When disabling or enabling basic authentication on the Health tab (Admin Console > Health tab), the setting did not always persist after restarting the container.

Support ticket: SUPPORT-40551

Installing, then uninstalling, Lifecycle Coordinator/Repository could render the Community Manager console inaccessible

After installing the Lifecycle Coordinator and Lifecycle Repository features onto a Policy Manager or Community Manager container but never using them, uninstalling these features could render the Community Manager console inaccessible.

Support ticket: SUPPORT-41627

Password security updates from 2020.2.5 reinstated

Work related to the entry "General updates to strengthen password security" from the 2020.2.5 release was reverted in 2020.2.6, but has now been reinstated.

Support ticket: No related support tickets.

API creation could fail when importing an OpenAPI 3.0 file with a circular reference

API creation was failing when importing an OpenAPI (OAS 3.0) file that had a circular reference to a schema, returning a "Recursion Depth Exceeded" exception.

Support ticket: SUPPORT-41462

Modifying a target endpoint could return an error

In some cases, modifying a target endpoint in the Community Manager Development Portal could return a general system error without modifying the endpoint.

Support ticket: SUPPORT-26334

A returned fault string could display details and risk content injection while searching

Malicious content injection was possible during a search because a returned fault string could display implementation details to the user. Implementation details are now hidden.

Support ticket: SUPPORT-41473

API descriptions for APIs and apps now limited in length

To accommodate a potential right column, such as in a promotion environment, the descriptions for APIs, API versions, apps, and app versions are now limited to 480 characters.

Support ticket: No related support tickets.

Enhanced validation added for external OAuth provider URLs

All external OAuth provider URLs are validated against the allowed hosts for a tenant.

Support ticket: No related support tickets.

The "Set Lifecycle Repository Password" option could fail in some cases

For the Lifecycle Repository, running the "Set Lifecycle Repository Password" action and unchecking the "Set superuser password" option could prevent access to the superuser login page.

Support ticket: No related support tickets.

Some APIs were accessible without authentication

Two APIs were accessible to users without proper authentication: GET /api/businesses/{BusinessID}/apisettings and GET /api/login/domains.

Support ticket: No related support tickets.

The OAuth Authorization header was not setting the scheme

For an API using OAuth, an error could be returned for a Swagger or OAS 3.0 Test Client when the required OAuth Authorization header was configured in the API. This occurred because a dummy incorrect format authorization header value was passed.

Support ticket: SUPPORT-37435

Network Director: Script execution allowed requests for unsupported script languages

Script execution is now validated at runtime against the engine types listed in com.soa.script.framework.properties in the Admin Console for the Network Director container. If the script type is not found in the script.engine.manager.engines properties list, script execution will fail.

Support ticket: No related support tickets.