Releases: Azure/API-Management
Releases · Azure/API-Management
Release - API Management service: June, 2024
New features, improvements, and changes
- HTTP/2 connections are now drained and gracefully terminated before node restarts
- We added support for decryption keys to the
validate-azure-ad-token
policy azure-openai-semantic-cache-lookup
andazure-openai-semantic-cache-store
policies now work in both V2 and Classic tiers.- We've improved prompt token estimation accuracy for GPT-4 models in the
azure-openai-token-limit
policy - We've made request tracing more secure and it's now available in both Classic and V2 tiers
- Now customers can use Azure portal to migrate their VNet-injected stv1 service instances to stv2
Fixes
- We fixed an issue which caused GraphQL resolver runtime errors when primitive type fileds had null value
- We fixed a bug and stopped the fields of type array-of-objects from causing GraphQL resolver runtime errors
- Expressions now work as expected for in the
<audience/>
elements in thevalidate-jwt
policy - We fixed a bug causing XML elements within Liquid templates in policy documents to be needlessly decoded
- URL properties in the Backend entity no longer accept URLs containing query parameters. We've made the change to fix a bug. Please use
set-query-parameter
policy andbackend.credentials.query
to set query parameters - We fixed an issue preventing backend load balancing feature from working properly with
retry
policy
Self-hosted developer portal releases
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: May, 2024
New features, improvements, and changes
- We added support for Interface type to GraphQL resolvers.
- Customer-managed public IP is no longer required when deploying a service instance into a virtual network. Changing the subnet will remove public IP from a previously deployed service instance.
Fixes
- We now correctly import schemas from OpenAPI 3.1 specifications.
- API imports will no longer fail because of OData specification warnings. However, errors will still cause import failures.
- Liquid template and policy expressions with XML special characters, such as "<" or ">", no longer result in runtime failures.
- We did not respect the JWT specification in validate-jwt policy and did not enforce "sub" claim to be a string or URI
Self-hosted developer portal releases
Self-hosted gateway container image releases
- No new releases
Self-hosted gateway Helm chart releases
- No new releases
Release - API Management service: March 2024
‼️ Breaking changes ‼️
- On June 14, 2024, we’re introducing breaking changes to the Workspaces feature. You may have to take action to continue using workspaces beyond June 14, 2024.
New features, improvements, and changes
- We’ve introduced several new features and improvements to workspaces:
- You can now create and manage certificates, backends, diagnostics, and loggers inside a workspace with the
2023-09-01-preview
management API version.Azure portal interface will be released soon. - You can now use
context.Workspace
in policy expressions. - "default-workspace" is now a reserved workspace resource name.
- You can now create and manage certificates, backends, diagnostics, and loggers inside a workspace with the
- We now preserve the
format
andschema
properties of the form-data parameters when importing OpenAPI APIs. - HTTP version information will now be included in the request trace.
- We’ve added support for HS512 and RS512 algorithms in the
validate-jwt
policy. client-application-ids
element is now optional invalidate-azure-ad-token
policy.- We've made a couple improvements to the GraphQL support:
- We've added support for Union Type in GraphQL resolvers
- Arrays can now be used within the
set-body
policy to project the data obtained by a resolver onto the list of primitive data types specified in the GraphQL schema
- An Azure Advisor notification will be sent to customers when they inadvertantly delete the FQDN property from the public IP resource assigned to API Management.
- We've made several improvements to the VNet integration in the Standard v2 tier:
- We will now detect if the prerequisites for VNet integration are not being met - i.e., subnet delegation and service association link, and fail the deployment faster.
- All traffic from the VNet-integrated Standard v2 service instances to the Internet will be now routed via the integrated VNet.
- The outbound IP will now be populated and shows its respective value.
Fixes
- We’ve resolved the issue where Azure API Management would incorrectly log requests that were rejected due to public network access is disabled. This fix ensures that logs and metrics in Azure Monitor now exclude these rejected requests when API Management is set up with a private endpoint.
- An attempt to create diagnostics in a workspace that doesn't exist will now return a
404 Not Found
error. Previously, API Management returned a500 Internal Server Error
response. - Workspace users can no longer override diagnostics settings defined for all APIs on the service level.
- Exporting APIs with empty or whitespace-only examples no longer produces an error.
- Optional string query parameters are no longer added to the API operation's URL template.
$DevPortalUrl
variable in the developer welcome email template now returns a new developer portal URL. Previously, it returned a legacy developer portal URL.- The
authenticate-certificate
policy now performs a case-sensitive certificate ID validation. Previously, request processing would fail when the casing between the certificate ID in the policy and in the request didn’t match. - We've fixed an issue preventing recovery of the soft-deleted Basic v2 and Standard v2 service instances.
Self-hosted developer portal releases
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: February 2024
New features, improvements, and changes
- TLS 1.3 and related cipher suites are now supported.
- The
validate-jwt
policy now works with tokens signed PS256 signature algorithm. - We raised the content size limit in the
validate-content
policy to 4MB. - A current API revision can now be addressed using a revision-specific URL in addition to the API's base URL.
Fixes
- Self-hosted gateway using EntraID authentication to connect to the associated Azure API Management service instance are now showing heartbeats in the Azure Portal.
- We fixed the issue preventing “Scheduled Maintenance” events from being shown in the Activity log.
- The
set-body
policies contained within GraphQL resolver policies (see example) is now executed for streamed responses. - The issue making resolver get incorrect values from the cache for some GraphQL requests is now fixed.
- Requests resulting in a log entry larger than 32KB, previously not logged at all, are now logged to Azure Monitor after trimming.
Developer portal releases
- No releases.
Self-hosted gateway container image releases
• 2.5.0
Self-hosted gateway Helm chart releases
• 1.9.0
Release - API Management service: December, 2023
New features, improvements, and changes
- We reserved
default
Workspace name for internal use. After the update, users will not be able to create Workspaces with that name.
Fixes
- We fixed an issue causing degraded performance when creating new service instance.
- We fixed an issue with
DevPortalHost
property not being passed correctly into the email notification template. - We eliminated inconsistency in Security Scheme and Security Requirement objects in OpenAPI exports when performed by authenticated vs. anonymous users.
Developer portal releases
- No releases.
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: November, 2023
New features, improvements, and changes
- We will now provide specifics about token validation failures in
validate-azure-ad-token
policy in API Inspector. - We made the password policy stronger for users creating accounts on the developer portal - e.g., it now requires using a special character. Complete password requirements will be shown on the sign-up page.
- Users now must provide their current password before changing it on the developer portal.
- Pagination controls on the developer portal now feature only the Next and Previous buttons.
Fixes
- We fixed an issue that caused tokens of logged-out developer portal users signed in via Azure AD B2C to remain valid under some circumstances.
- We fixed a regression that caused POST requests issued from the try it console on the developer portal not to work correctly.
- We fixed an issue in the Content Access Control feature of the developer portal that allowed unauthorized access to pages via direct link.
Developer portal releases
- No releases.
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: October 2023
Highlights
- We're excited to announce availability of the Public Preview of our latest Azure API Management pricing tiers: Basic v2 and Standard v2.
- API Management is now Generally Available in the Israel Central and Italy North Azure regions.
New features, fixes and improvements
- You can now specify timeout in milliseconds in the the
forward-request
policy via the newtimeout-ms
attribute. - We fixed an issue where a large request log entry blocked Azure monitor log stream.
- We fixed an issue where the
emit-metric
policy could fail the request when no diagnostic entries are configured at any of the scopes. - We fixed an issue where a request to a GraphQL API with empty GraphQL resolver policy fails the request.
- We fixed a few bugs in the developer portal test console.
- We fixed an issue in the publisher component of the developer portal which caused it to fail when there was not enough memory for creating a snapshot.
Developer portal releases
- No releases.
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: September 2023
New features, fixes, and improvements
- We have introduced new Azure Advisor recommendations:
- Use Azure AD authentication instead of gateway token for Configuration API
- Identity self-hosted gateways using gateway tokens that will expire in < 7 days
- Identity validate-jwt policy usage with insecure key size
- We have removed support for the retired set-graphql-resolver policy which had already been replaced with GraphQL API resolvers.
- We have fixed an issue where the OpenAPI would fail if the parameter names where empty.
- We have fixed an issue where nested objects were being overridden when import OpenAPI was used.
- We have fixed an issue where the FixOpenApi parameter schema can now import complex schemas.
- We have fixed a bug where validate-azure-token policy was not properly using expressions to resolve tenant-id.
- We have fixed an issue where deleting the API release will now return 204 instead of 404 if release does not exist.
- We have fixed an issue where the Deletion of API was not removing all of the releases. When deleting an API it will now delete all of its releases.
- We have fixed an issue where the DELETE operation for API endpoint was synchronous and timing out. The DELETE operation has been made asynchronous to fix this issue.
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: April 2023
Highlights
- Azure API Management and Microsoft Defender for APIs integration is now in preview. Learn how Microsoft bolsters cloud-native security in Defender for Cloud with new API security capabilities.
- Workspaces in Azure API Management are now in preview.
- Synthetic GraphQL is now generally available.
- Authorizations in Azure API Management are now generally available.
- Incoming traffic to Azure API Management's gateway can be secured to clients running in a virtual network through Azure Private Link.
New features, fixes, and improvements
- We fixed an issue, where the customers potentially could not change organization or email in the email notifications.
Developer portal releases
Self-hosted gateway container image releases
Self-hosted gateway Helm chart releases
Release - API Management service: February & March 2023
A regular Azure API Management service update was started February 9, 2023. This release concluded rollout on March 31, 2023.
New features, fixes, and improvements
- We added the new
context.Deployment.Gateway.*
object with several properties for accessing gateway information in runtime policies. (Learn more) - We fixed an issue, where the definition names in the API schema would display blank spaces.
- We fixed an issue, where the developer portal was hiding default domain, a parameter has been added to include default domain in the hostnames.
- We fixed an issue, where the API revisions were not being properly filtered.
- We fixed an issue, where adding API schemas with the same namespace resulted in an error.
- We fixed an issue, where policies contained all named values which caused a problem for secrets. The policy failed to check if given user had access to secret.
- We fixed an issue, whereby Azure Active Directory v1 tokens could be validated with
validate-azure-ad-token
policy, but v2 tokens could not be validated. With this release, both v1 and v2 tokens are supported. - Previously,
validate-azure-ad-token
would only validate tokens against the public cloud instance of Azure Active Directory (AD). With this release, token validation is supported in every Azure cloud where Azure Active Directory is available. - Previously, the gateway would not refresh the GraphQL schema when it was updated from the Azure portal. The gateway now correctly refreshes the GraphQL schema after it's updated in the Azure portal.
- We implemented a GraphQL context variable to allow access to all portions of the GraphQL context within policy expressions.