You're viewing Apigee Edge documentation.
Go to the
Apigee X documentation. info
On Tuesday, February 2, 2016, we released a new cloud version of Apigee Edge for Public Cloud.
New features and enhancements
Following are the new features and enhancements in this release.
Redesigned API proxy wizard
The API proxy wizard has been redesigned. When you click "+ API Proxy" on the API Proxies page in the management UI, the new wizard guides you through the API proxy creation process. All the same settings as the previous API proxy wizard are available. (MGMT-1376)
Create API proxies with OpenAPI (Swagger) documents
As part of the new API proxy wizard redesign, you can now create an API proxy from a OpenAPI (Swagger) document. On the first page of the API proxy wizard, click Use OpenAPI when selecting Reverse Proxy, Node.js App, or No Target. In the field that appears, enter the URL to your OpenAPI document. For more information, see Build a simple API proxy. (MGMT-1376)
WSDL 1.2 support for SOAP proxies
Apigee Edge supports WSDL 1.2 in creating API proxies to call SOAP services. (MGMT-2835)
SSLInfo variables in TargetEndpoint configurations
In an API proxy TargetEndpoint, you can dynamically set SSL/TLS details to support flexible runtime requirements. In the following example of how SSLInfo would be set in a TargetEndpoint configuration, the values can be supplied at runtime by a Java Callout, a JavaScript policy, or an Assign Message policy. Use whichever message variables contain the values you want to set.
<TargetEndpoint>
...
<SSLInfo>
<Enabled>{myvars.ssl.enabled}</Enabled>
<ClientAuthEnabled>{myvars.ssl.client.auth.enabled}</ClientAuthEnabled>
<KeyStore>{myvars.ssl.keystore}</KeyStore>
<KeyAlias>{myvars.ssl.keyAlias}</KeyAlias>
<TrustStore>{myvars.ssl.trustStore}</TrustStore>
</SSLInfo>
...
</TargetEndpoint>
This feature is covered in the following docs:
- API proxy configuration reference
- https://community.apigee.com/articles/21424/dynamic-sslinfo-for-targetendpoint-using-variable.html
(APIRT-1475)
RSA_SHA256 algorithm support for SAML assertion policies
The SAML assertion policies now support the RSA_SHA256 algorithm in addition to RSA_SHA1. (APIRT-1779)
Validation on certificate uploads
To help prevent the uploading of expired or invalid certificates to keystores and truststores, the management API validates certificates on upload. Certificates are validated to ensure that the size of the file is not larger than 50KB and that the format is either PEM or DER. Certificate expiry is also validated. To override the default expiry validation (to not validate for certificate expiration on upload), use the following query parameter: ?ignoreExpiryValidation=true
For more information, see Upload a JAR file to a Keystore and Upload a Certificate to a Truststore. (SECENG-516) and (APIRT-2213)
Auto-polling on Node.js Logs page
When viewing Node.js logs from the proxy editor, the Node.js Logs page is automatically refreshed periodically to list new logs that are available. Click "Stop Auto Refresh" to turn off auto-refresh. (MGMT-1692)
API product page performance, no developer apps listed
When viewing an API product in the management UI, the developer apps associated with that product are listed. To improve UI performance, the list of developer apps is not shown when editing the API product. (MGMT-2869)
Subscription to daily analytics emails
Organization administrators must now explicitly subscribe to daily analytics report emails. Subscribe/unsubscribe by setting a user preference in the management UI, or with the management API. For more information, see Subscribe to daily analytics emails. (AXAPP-1949)
sum( ) function on response time metrics
In analytics custom reports and API calls, the "sum" aggregate function is now available for Target Response Time, Total Response Time, and end_point_response_time. For example, in the /stats API (/management/apis/get/organizations/%7Borg_name%7D/environments/%7Benv_name%7D/stats/%7Bdimension_name%7D-0), you can now use the following "select" query parameter: ?select=sum(total_response_time). (AXAPP-2006)
Latency Analysis report: API proxy names sorted
In the Latency Analysis report UI (Apigee Edge enterprise plans only), the API proxies are listed alphabetically in the Proxy drop-down list. (MGMT-2858)
Developer Apps on dashboard shown by display name
On the management UI dashboard, the Developer Apps bar chart lists developer apps by display name rather than internal name. (MGMT-2853)
New date/time widget on custom reports
The date/time picker widget on a custom reports page in the management UI has been enhanced. (MGMT-2881)
Monetization: Edit API package names
You can update the name of an API package at any point during the monetization lifecycle, even when the API package contains a published rate plan. (DEVRT-2177)
Monetization: Decimals allowed in custom attributes
When using a "Rate Card with Custom Attribute" plan, the custom attribute in the message header that is used as a multiplier for the transaction can now be a decimal value of up to four decimal places. For more information on this type of plan, see Specify rate card custom attribute details. ( DEVRT-2191)
General improvements
This release also contains multiple usability, performance, security, and stability enhancements.
Bugs fixed
The following bugs are fixed in this release.
| Issue ID | Description |
|---|---|
| MGMT-2964 | New proxy editor does not accept comments inside Flows tag |
| MGMT-2957 | Adding a new pod to an org returns the deployment status of the bundle as error for routers in the new pod |
| MGMT-2937 | Insufficient Permissions errors with custom roles |
| MGMT-2875 | WSDL SOAP generation has incorrect headers for SOAP 1.2 |
| MGMT-2739 | Developer Apps report, Analytics tab doesn't show anomaly graph |
| MGMT-2735 | Refreshing Node.js logs never completes/stops |
| MGMT-2734 | Save button doesn't get enabled after any error while trying to save a deployed bundle |
| MGMT-2729 | Updating port for TargetServer in the UI wipes out SSLInfo |
| MGMT-2702 | Cross-site security vulnerability for Firefox and IE Fixed a security vulnerability that could happen because of FireFox and IE vulnerabilities that improperly allow cross-site requests. |
| MGMT-2681 | Proxy Editor: When using a Regex match in the Condition, the Flow Navigator does not show the verb |
| MGMT-2361 | Deployment of proxies fails with RPCException: Call timed out |
| MGMT-1662 | API proxy deployment fails during Apigee Public Cloud releases |
| DEVRT-2286 | sync-organization Monetization API is broken The API used to synchronize Apigee Edge data with monetization has been fixed with the latest refresh of the 16.01.20 release. |
| DEVRT-2173 | Need to rename the Package but unable to edit because of active rate plan |
| DEVRT-1661 | Developer is blocked for making API requests before rate plan start date, but
block is never released If an API developer accepted a monthly flat, volume-banded, or bundle rate plat that starts at a future date, and then sends API requests before the specified start date, the API developer is blocked from making further requests. Once the rate plan start date is reached, the block is now released. |
| DEVRT-1643 | Draft rate plan corrupted after it is saved |
| AXAPP-1991 | OptOut of Apigee Analytics Summary and emails don't stop |
| AXAPP-1946 | Analytics cleanup not releasing disk space |
| AXAPP-1708 | Analytics API appears to produce different numbers for the same statistic depending on how I ask |
| AXAPP-1293 | Non-existing Developer App names in Analytics Summary email |
| APIRT-2518 | Problems connecting to https backend with JavaScript policy |
| APIRT-2398 | Invalid/expired authorization code counted as Apigee error |
| APIRT-2397 | steps.assignmessage.SetVariableFailed counted as Apigee error |
| APIRT-2396 | IllegalArgumentException, ArrayIndexOutofBoundsException in OAuth counted as Apigee error |
| APIRT-2362 | JavaScript compilation error |
| APIRT-2322 | Invalid Client ID incorrectly reported as Apigee error |
| APIRT-2159 | Add message_id to the logging prefix |
| APIRT-2145 | High failure of transactions for Facebook API Validation for header values starting with ':' has been removed. |
| APIRT-2137 | MP: Chunked transfer encoding and 205 with content length 0 |
| APIRT-2124 | Nginx router does not update the MP pool for newly added MPs |
| APIRT-2117 | Message Logging policy not respect DNS updates |
| APIRT-2110 | Only one X-Forwarded-For header is passed on by router |
| APIRT-2062 | Response cache doesn't work correctly when SkipCacheLookup condition is met |
| APIRT-2061 | Message processor not pushing messages to QPID |
| APIRT-2052 | High number of CLOSE_WAITs due to management port not responding |
| APIRT-2024 | Nginx without a load balancer is not properly populating X-Forwarded-For HTTP
headers X-Forwarded-For deprecation notice added to the 150930 release notes and the Access Control policy. |
| APIRT-1933 | Proxy-specific classloaders still delegate to MP classloader |
| APIRT-1877 | Unable to mask XML responses that have namespaces |
| APIRT-1838 | Apigee-127: VerifyAPIKey returns only one API product when multiple products exist |
| APIRT-1827 | Low concurrent streaming limit observed |
| APIRT-1820 | Intermittent latency (> 1%) in 4.15.04 Private Cloud environment |
| APIRT-707 | NPE during runtime if the <GenerateResponse> element is in the VerifyAccessToken policy |