What’s New for Oracle API Platform Cloud Service

Learn about the new and changed features of Oracle Oracle API Platform Cloud Service .

Release 20.3.3 - September 2020

Management Tier
Feature or bug number Description
31697984 - Allow API Application access restriction based on resources end points Customer cannot attach uri endpoints to constraints in plans. They requested to restrict access to resource endpoints using plan and entitlements.
30997643 - Gateway node having API deployment issue When same API with key validation policy is deployed to a logical gateway with 2 registered nodes, one of the gateway nodes successfully validates the key whereas the other node fails to validate it. The bug is intermittent.
31425082 - Request Payload Validation policy is not displaying PATCH method exposed by REST end point Customer requested to use the PATCH method exposed by the REST end point in the request payload validation policy.

Gateway

Note:

To get the following fixes/features, download new Gateway installer and install it. See Install the First Gateway Node for a Logical Gateway.

This Gateway Installer contains Critical Security Fixes. It's a mandatory upgrade for all customers.

Feature or bug number Description
Latest Patch Sets

WLS Patch Set Jul 2020 Update 12.2.1.3.200624 Patch 31535411. This patch contains fixes for several Oracle WebLogic Server Vulnerability and performance. More details here

Coherence Patch 12.2.1.3.10 #14 July 2020

31546291 - Calls to external service fails with HTTP 400 after new gateway installation After the installation of Gateway version 20.2.3 certain SOAP requests were failing because additional "=" sign got added at the end of the URL. This resulted in API requests failing

The following bug fix is rolled back in the 20.3.3 release because it causes a regression in the 20.2.3 release (June 2020).

Bug fix rolled back Workaround
31042350 - Query parameters like "?param=" were incorrectly forwarded to the service request. The workaround for that issue to not pass a query parameter like "?param=“, this gets trimmed into “?param”. If you pass “?param” or “?param=val” they all work fine.

Release 20.2.3 - June 2020

Management Tier
Feature or bug number Description

28665774 - Need simple way to identify the version of the installer

To determine the version of the gateway to download and install from the Management Portal, navigate to Gateways/<gateway>/Nodes and hover over Download Gateway Installer. The version numbers of the latest available gateway and core engine are displayed in the tooltip.
31318456 - Problem with deploying APIs that use Apiary Blueprint specification with query parameters When an endpoint specified in Apiary Blueprint contains query parameter definitions, this bug prevented the API from being deployed to the gateway.
API Request Endpoint URL is exposed on the runtime context Groovy interface The configured request endpoint URL can now be referenced as the runtime context.ApiEndpointUri property from Groovy scripts.

Gateway

Note:

To get the following fixes/features, download new Gateway installer and install it. See Install the First Gateway Node for a Logical Gateway.

This Gateway Installer contains Critical Security Fixes. It's a mandatory upgrade for all customers.

Feature or bug number Description
Latest Patch Sets

WLS Patch Set Update Apr 2020: Critical patch containing fixes for several Oracle WebLogic Server Vulnerability. More details here

Coherence Patch #9 May 2020

30836924 - Problem with adding parameters in the Accept Header One way to version an API is to add a version parameter to the Accept header. This caused API calls to fail.
31042350 - Not able to get desired response while calling rest API with empty query params Query parameters like ?param= were incorrectly forwarded to the service request.
31121699 - API Search-SQL Injection-Response is not the same when compared to local machine Query parameters with an = (equal) sign in the value were incorrectly forwarded to the service request.
31198805 - Request to pass the application key header to the service If an API uses header-based key validation policy, the gateway does not forward the header to the service request by default. This enhancement enables API developers to add a header configuration rule to the service request to forward the application key header.

Release 20.2.2 - May 2020

Feature or bug number Description

Bug 28958520 - APIs deployed with Apiary specification return HTTP 405 response

Potential conflicts between the base path configured in the Apiary spec and the API Request endpoint are detected. The user is given the option to resolve these conflicts.

Bug 30929197 - Limited amount of characters for documentation filename

The documentation file name length for APIs, Plans and Services has increased from 50 characters to 80 characters.

Release 20.1.1 - February 2020

Feature or bug number Description

Bug 30680643 - Increased default timeout of APICS Gateway's Client to handle bulk API deployment

The timeout has increased from 120000 ms to 300000 ms.

Bug 30459243 - Fixed issue of incorrect time being displayed for Sao Paulo BRT timezone

The correct time is now displayed.

Release 19.4.3 - December 2019

Feature or bug number Description

Bug 30349940 - Service Account with an empty "Scope" - JSONObject scopes not found

An error no longer occurs when the Service Account is configured without a scope.

Bug 30237081 - Not able to consume given service in APICS

Increases the allowed length of API service URL.

Bug 30329761 - OCSG 19.3.3 REST getApplication and updateApplication response slow

Reduces response time of API deployment during load conditions.

Bug 30400113 - Oracle API Platform Cloud Service GW http response message

Returns Internet Standards error message Unprocessable Entity for error code 422.

Release 19.4.2 - November 2019

Feature or bug number Description

Bug 30349940 - Service Account with an empty "Scope" - JSONObject scopes not found

An error no longer occurs when the Service Account is configured without a scope.

Bug 30439829 - Arabic characters do not display properly To ensure that Arabic characters display properly in the HTTP response message, include charset=utf-8 in the HTTP request message header.

Release 19.4.1 - October 2019

Feature or bug number Description

30164347 - Incorrect calculation for number of gateway hours when API invocation count is 35000

Gateway hours are now calculated correctly when the API calls exceed multiples of 35000. Previously, the calculated hours were overestimated.

30299293 - Oauth token cache is an unsynchronized HashMap

A problem with cache synchronization was fixed in this release.

Release 19.3.3 - September 2019

Feature or bug number Description

Universal Credit accounts do not use My Services Dashboard

After signing into Oracle Cloud, you use the Oracle Cloud Infrastructure Console to access your Platform Services. Previously you were required to access these services from the My Services Dashboard. See Access Oracle API Platform Service in Using Oracle API Platform Cloud Service.

Release 19.3.3 - August 2019

Management Tier

Feature or bug number Description

28952509 - The Subscriptions that are pending in the Requesting tab show Requesting(0) in the default display. Clicking this tab shows the actual count.

The actual count in default display is showing correctly now.

Gateway

Note:

To get the following fixes/features, download new Gateway installer and install it. See Install the First Gateway Node for a Logical Gateway.
Feature or bug number Description

Installer now supports customized temp directories

You can now specify a custom temp directory as follows:

java -Djava.io.tmpdir=${CUSTOM_TEMP} -jar ocsg_generic.jar

The path for the temp folder can only contain the following characters: a-z, A-Z, 0-9, -, and _.

29930427 - The API Gateway IP is available after API deployment.

In release 19.3.3, the API Gateway IP is immediately available after API deployment. In previous releases, the IP was blocked for up to 30 minutes due to threat protection.

Apply patch sets

The following patch sets are now available:

  • WLS Patch set 2019-Jul WLS (P29814665)

  • WLS Patch set 2019-Jul Coh PSU (P29961519)

Release 19.3.2 - August 2019

Feature or bug number Description
Multiple identity domains are now supported

You can create a service instance within a specific identity domain among multiple identity domains in Oracle Identity Cloud Service. Each identity domain has an independent set of users. For example, you might create separate identity domains for test users and production users. By default, service instances are created in the primary identity domain in Oracle Identity Cloud Service.

See About Multiple Instances in Administering Oracle Identity Cloud Service.

29971533 - User cannot access the API Management Portal User names and email addresses are now case-insensitive. Previously, a change in the capitalization of user names (e.g. john.doe to John.Doe) blocked access to the API Management Portal for the affected user.

Release 19.3.1 - July 2019

Bug number Description
30041495 - Bad certificate in the call to the Oracle Cloud from the gateway You can now successfully update configuration changes, and retrieve and save these them.
30034548 - API endpoints are not displayed in Developer Portal In the Application Details page, Subscriptions tab in the Developer Portal, the endpoint URLs are now displayed as expected when you have subscribed to a published plan from an application.
29839614 - REST2SOAP policy template generation incorrect for XML attributes When creating an XML template for a SOAP request, REST2SOAP now generates XML attributes correctly.

Release 19.2.3 - June 2019

Feature or bug number Description

Multiple identity domains now supported

You can now select among multiple identity domains in which to create your API Platform Cloud Service instance. Each identity domain has an independent set of users, so you can create different instances with different sets of users. By default, instances are created in the primary identity domain in Oracle Identity Cloud Service.

29741887 - Developer portal custom pages do not persist across managed servers

When you create a custom page on the Developer Portal and upload it through the consumption service, the page will be serviced from all Managed Servers, not just the Managed Server that processed the upload.

28980520 - Developer Portal API list page stops loading after you click the Bottom button on Safari and Chrome

When you publish APIs to the Developer Portal and click Bottom on the API list page, the APIs are displayed properly. In previous releases, the APIs did not load.

Note: If you don't see the APIs right away, wait. Loading the APIs takes some time.

29749975 - Add validation for reserved context paths

The Management Portal now issues an error message if context paths start with the following reserved prefixes: ws, management, portal, prm_pm_rest, daf-network.

29629939 - Enabled Oracle Identity Cloud Service federated single sign-on for Developer Portal

You can now configure your Oracle Identity Cloud Service instance so that you can sign in to Developer Portal with your federated single sign-on login.

29676868 - Policy SDK not reflected properly on the Management Portal

Updates to the Policy SDK after a gateway is deployed are now reflected accurately in the Management Portal.

29533933 - Gateway node name length restriction

The maximum length of the name for the gateway node is now 256 characters. Previously, the gateway node name maximum length was 50 characters.

Release 19.2.2 - May 2019

Feature or bug number Description

Template-based parameter causes API in plan to fail

In the Apiary blueprint for an API, you can now specify Actions having Query parameters.

Query using quotation marks (") results in Error

In the Management Portal, you can now surround a search string in quotes.

Microsoft Internet Explorer - Unexpected error calling REST service

From the APIs menu on the API Management portal, API implementations are now displayed without error in the Windows Internet Explorer browser, in addition to Chrome and Firefox.

Release 19.2.1 - March 2019

A new tab, Security Settings, was added to the Platform Settings page in Release 19.2.1. This new tab allows you to view the Client ID, Client Secret, and scope for your instance. See View Security Settings.

Release 19.1.5 - February 2019

Feature Description

Enhancement to the Search feature on list pages

On list pages for APIs, plans, applications, services, service accounts, and gateways, you can now enclose a search term in quotes to find an exact match. See Understand the APIs List Page for an example.

Enhancement in Application-Based Routing policy

A button has been added to display a list of applications for selection. See Apply Application-Based Routing Policies.

Enhancement in Gateway-Based Routing policy

A button has been added to display a list of gateways for selection. See Apply Gateway-Based Routing Policies.

Release 19.1.3 - February 2019

Feature Description

List page redesign

The pages in the interface that list the APIs, plans, applications, services, and service accounts have been redesigned to make it easier to view information.

Added options in Resource-based Routing Policy

When applying the resource-based routing policy, you can now route requests based on actions and methods as well as resources from an Apiary specification. If you are configuring it manually, you can also now route requests on methods and method+path combinations in addition to paths. See Apply Resource-Based Routing Policies.

Gateway installation

If the installed version of your gateway is 18.4.3 or later, there is no need to re-install the gateway for 19.1.3.

Release 19.1.1 - January 2019

Feature Description

Outbound WSS Username Token Policy

This new policy allows you to enable an end-user identity to be passed over multiple hops before reaching the destination web service. See Apply Outbound WSS Username Token Policies.

Inbound WSS Username Token Policy

This new policy allows you to enforce verification of credentials sent within the SOAP payload and allow only authorized users to access APIs. See Apply Inbound WSS Username Token Policy.

Release 18.4.5 - December 2018

There were no new features in release 18.4.5. This release contained internal infrastructure updates and bug fixes.

Bug number Description
28943090 - APIs and Plans pages time out in Deveoper Portal The query was optimized to reduce the number of IDCS calls and make the query faster.
28957876 - remove "links" as fields in API list page When rendering the API list page, REST calls to /plans and /apis are made. In both cases, the field "links" was included, explicitly for /apis and implicitly for /plans. The REST call to /plans was updated to pass ?fields=id to ensure the links are not looked into, and REST call to /apis was updated to remove "links" as a field to return.
28642385 - Some analytics data did not allow the time to display in the local time zone Charts and tables in Analytics will now display in the local time zone, not the platform time zone.
28881998 - Republish button in Plan tab is extra Plans have no iterations, so any change to the plan is immediately visible in the Developer Portal. The Republish button is uneccessary and is removed.
28925217 - Remove roles from grants pages and dialogs The queries for grants took a long time to execute due to the role parts of the queries. The query parameters for roles and the Role columns were removed from the UI.
28963833 - Show/Hide navigation menu doesn't open in Internet Explorer 11 The navigation menu now opens in Internet Explorer 11.
28883652 - Redesign the Requests by Resource grid to scroll the data virtually Queries on the Gateway analytics page were very slow, or hung up. To resolved this, auto refresh was removed and there is now a Refresh button. Also, the grids have been redesigned to "virtually scroll" the data.
28948363 - Application-based routing not working as expected after release 18.4.3 The application selection drop-down list now shows all available applications.

Release 18.4.3 - November 2018

Feature Description

Action Level Plan Constraints

You add rate limits on entitlements to control requests from a specific API to a plan. If an API uses an Apiary specification, you can now set rate limits for specific actions in the API. See Setting a Rate Limit for an Entitlement.

Support Apiary Actions in the Interface Filtering and Method Mapping Policies

If an API uses an Apiary specification, you now have the option of configuring the resources using actions from the API specification or configuring them manually in the Interface Filtering and Method Mapping policies. See Applying Interface Filtering Policies and Applying Method Mapping Policies.

Analytics Filters for Plans, Services, and Methods

You can now filter analytics results by plans, services, and methods. See Filtering Analytics.

Support JSON values for scopes in OAuth

There is a new element called ScopeClaimDataType, which allows you to specify whether the scope values in JWT are space-separated or in JSON structure. See The OAuth Profile XML File.

Custom Pages in the Developer Portal

You can now add custom pages to the Developer Portal. See Managing Custom Pages.

Release 18.4.1 — October 2018

A new navigation menu sidebar on the left of the window was introduced in 18.4.1. It contains options to access the pages for APIs, Plans, Applications, Gateways, Services, Service Accounts, Roles and Platform Settings. When it is expanded, both icons and text appear; when it is collapsed, only the icons appear. It can also be hidden completely, and then viewed again using the Show/Hide Navigation Menu option above the blue banner.

Release 18.3.5 — September 2018

In 18.3.5, if your API was created with an Apiary specification, you can choose to use actions from the specification in the Interface Filtering and Method Mapping policies. See Applying Interface Filtering Policies and Applying Method Mapping Policies.

Release 18.3.3 — July 2018

There were no new features in release 18.3.3. This release contained internal infrastructure updates only.

Release 18.2.5 — May 2018

Feature Description

Request Payload Validation Policy

This new policy allows you to validate the request message body for length and format. See Applying Request Payload Validation Policies

Analytics filter redesign

The filters on the analytics pages were redesigned. All the filters, including the time filters, are now in a sidebar.

Use Apiary actions in Resource Based Routing policy

If an API was created with an Apiary specification, yu can configure the resources using the API actions. See Applying Resource-Based Routing Policies

API actions on Specification page

When you link an Apiary specification, the API actions are listed on the Specification page. You can expand each action to view its details.

UI update to Plans Subscriptions page

On the Plans Subscription page, you can now view application details.

Entitle in Plan grant for Gateways

There is a new grant for Gateways, called Entitle Gateway in Plan. This allows a user to entitle the gateway in a plan. See Issuing Gateway Grants.

Plans pages added to the Developer Portal

You can now view plans and their details in the Developer Portal. See Discovering and Entitling Plans.

Release 18.2.3 — May 2018

Feature Description

Applying Redaction Policies

Configuration examples were added. See Applying Redaction Policies

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.