Version 2022.1.1
Upgrading Akana API Platform to Version 2020.1.x, 2020.2.x, or 2022.1.x
It's recommended to create indexes before upgrading to 2020.2.x. See Create indexes before upgrading.
If you have UI customizations, rebuild styles after upgrade (Admin > Customization > Rebuild Styles), then test your customizations.
Date/release version |
Changes |
| March 4, 2022 2022.1.1 |
Removed the section "Known Issues" from Version 2022.1.0, as the issue has been addressed. |
| March 4, 2022 2022.1.1 |
Enhancements for previous versions 2020.2.16 and 2020.2.17 have been added to this file. |
| April 1, 2022 2022.1.1 |
Corrected links to "System Requirements" and "Upgrading Akana API Platform..." above. |
| Feb.1, 2023 2022.1.1 |
Removed all enhancements entries regarding the previous major version 2020.2.x to avoid duplication and simplify these notes. These enhancements are still listed in the 2020.2.x release notes. |
March 7, 2022
This release includes no enhancements.
February 24, 2022
This release adds support for GraphQL, a query language for APIs. Using GraphQL, the client can request information in a single GraphQL request that might previously have required multiple traditional REST API requests. For details, see "Installing and Configuring GraphQL for the Akana API Platform" on the Akana docs site.
Although the new Admin Console is automatically installed with this release, it is not yet the default console. The current Akana Admin Console will be deprecated in a future release when it will be replaced by the new Admin Console as the default.
We strongly encourage users to try the new Admin Console and provide feedback to Akana via the Support desk.
To use the new Admin Console, navigate to http://host:port/admin/ui/index.html. The default Admin Console will continue to be accessed at http://host:port/admin For more detail, see "Akana Administration Console" on the Akana docs site.
Known issue: In the new Admin Console, in the Add Database task, running this task for a second time only gives the option to connect to an existing database. Workaround: If you want to create a database using the Add Database task, switch to the default Admin Console to make this change. As a best practice, it is preferable to have the database administrator create the database, and then connect to it using this configuration task.
A new policy, the JOSE Profile-Driven Security Policy, allows users to supplement the JOSE Security Policy v2 with additional security standards such as RSA Adaptive Authentication for eCommerce, Visa Token Service, or UK Open Banking Event Notifications.
For details, see "Using the JOSE Profile-Driven Security Policy" on the Akana docs site.
Apache Axis 1.4 is deprecated with this release, replaced by Apache Axis2 1.7.9. Axis is a call component used in the Management Point pipeline.
Support ticket: No support ticket
Purge intervals were not defined for MongoDB's OPERATIONAL_METRIC rollup configuration, resulting in rollup data for MINUTES and HOURS being kept for a year before being purged. Default settings are based on the value._rolluptype as follows:
| Rollup Type | Default Purge Interval |
|---|---|
| MINUTES | -> 1 day |
| HOURS | -> 1 week |
| DAYS | -> 1 year |
| WEEK | -> 1 year |
| MONTH | -> 1 year |
| YEAR | -> 1 year |
Support ticket: No related support tickets.
The OpenJDK JRE version that ships with the product has been upgraded from 1.8.0_275 to the latest version, 1.8.0_292.
Support ticket: No related support tickets.
The API Consumer Application Security Policy has added support for cypher suite HMAC-SHA512, available as an option on the policy page. For more information, see "Configuring API Consumer Application Security Policy options" on the Akana documentation website.
Support ticket: SUPPORT-43228
LDAP groups already configured in an LDAP directory can now be accessed within an OpenID Connect configuration in order to log into the Community Manager Development Portal using their LDAP logins.
Support ticket: SUPPORT-41444
For an API based on OpenAPI 3.0 (OAS), its documentation now supports the inclusion of a full example, or multiple examples, for parameters, request bodies, or responses.
Support ticket: SUPPORT-41503
MongoDB data rollups can now be performed using a MongoDB Aggregation Pipeline (requiring MongoDB 4.2 or later). A new property in the Admin Console controls whether to use the new pipeline or the previous Map/Reduce option, available under Configuration > Configuration Categories > com.soa.persistence.mongodb.
To reduce the memory footprint of the Mongo _id, the new Mongo Aggregation framework now compresses all the individual fields. The ContainerKey in the _id remains intact for sharding purposes.
Note: This will result in two sets of rollup data until the old documents with individual fields are purged.
For details, see "Using the Aggregation Pipeline for data rollups" on the the Akana docs site.
Support ticket: No related support tickets.
In the Business Metrics Policy, you can now map the Application ID to a custom dimension in the Operational Dimension list.
Support ticket: SUPPORT-39779, SUPPORT-39605
In addition to width customizations, the logo in the top left corner of the Community Manager developer portal is also now customizable by height and padding.
Support ticket: No related support tickets.
Some policy configuration details did not display when access to the internet was restricted for the application.
Support ticket: SUPPORT-46233
The RAML parser was incorrectly parsing global schemas in some cases, resulting in the global models not appearing in the wsdl:types section of the schema.
Support ticket: No related support tickets.
The API Analytics pie chart (API > Analytics > Overview) could display incorrect operation chart values in some cases.
Support ticket: SUPPORT-38763
API request payloads of content-type "application/json" were being transformed to XML before the request was sent downstream, if the request media type for the operation used API Default, and if the Default Media Types for the API were set to "Any in and out".
Support ticket: SUPPORT-43265
Swagger documents containing operations with responses of different content types did not display correctly on the API Details and API Designer pages.
Support ticket: SUPPORT-40901
In Policy Manager, custom policies now work when the PM context path is something other than /. Previously, if the context path was not at root, the policies would not display correctly in the UI.
Support ticket: No related support tickets.
The "email.from" message part was always part of the developer portal notification email templates, but if a custom value was provided, it was not used.
Support has now been added for checking if a value was provided for this message part on the email message template before sending a notification. If a value has been set, it is used as the "from" address on the email.
Support ticket: SUPPORT-21396
When disabling or enabling basic authentication on the Health tab (Admin Console > Health tab), the setting did not always persist after restarting the container.
Support ticket: SUPPORT-40551
After installing the Lifecycle Coordinator and Lifecycle Repository features onto a Policy Manager or Community Manager container but never using them, uninstalling these features could render the Community Manager console inaccessible.
Support ticket: SUPPORT-41627
Work related to the entry "General updates to strengthen password security" from the 2020.2.5 release was reverted in 2020.2.6, but has now been reinstated.
Support ticket: No related support tickets.
API creation was failing when importing an OpenAPI (OAS 3.0) file that had a circular reference to a schema, returning a "Recursion Depth Exceeded" exception.
Support ticket: SUPPORT-41462
In some cases, modifying a target endpoint in the Community Manager Development Portal could return a general system error without modifying the endpoint.
Support ticket: SUPPORT-26334
Malicious content injection was possible during a search because a returned fault string could display implementation details to the user. Implementation details are now hidden.
Support ticket: SUPPORT-41473
To accommodate a potential right column, such as in a promotion environment, the descriptions for APIs, API versions, apps, and app versions are now limited to 480 characters.
Support ticket: No related support tickets.
All external OAuth provider URLs are validated against the allowed hosts for a tenant.
Support ticket: No related support tickets.
For the Lifecycle Repository, running the "Set Lifecycle Repository Password" action and unchecking the "Set superuser password" option could prevent access to the superuser login page.
Support ticket: No related support tickets.
Two APIs were accessible to users without proper authentication: GET /api/businesses/{BusinessID}/apisettings and GET /api/login/domains.
Support ticket: No related support tickets.
For an API using OAuth, an error could be returned for a Swagger or OAS 3.0 Test Client when the required OAuth Authorization header was configured in the API. This occurred because a dummy incorrect format authorization header value was passed.
Support ticket: SUPPORT-37435
Script execution is now validated at runtime against the engine types listed in com.soa.script.framework.properties in the Admin Console for the Network Director container. If the script type is not found in the script.engine.manager.engines properties list, script execution will fail.
Support ticket: No related support tickets.