What's new in Version 10.0.5.0

This page details the enhancements in IBM® API Connect Version 10.0.5.0.

If you are moving to Version 10 from Version 5, also see the What's new in Version 2018 page for the additional new features since Version 5.

Note: You can access the latest files from IBM Fix Central. Full installation files for IBM API Connect can be downloaded from Passport Advantage.

Version 10.0.5.0 product release

The following sections detail the changes and additions in version 10.0.5.0.

Attention:

IBM API Connect Version 10.0.5.0 requires IBM DataPower® Gateway Version 10.5. However, the DataPower firmware for the 10.5 LTS stream is supported on only the 8496 appliance, and the IBM DataPower Gateway for Docker. Consequently, the DataPower container for API Connect 10.0.5.0 is supported to run on only Kubernetes, OpenShift, and IBM Cloud Pak for Integration.

Although API Connect 10.0.5.0 is not supported to run on VMware, support for VMware is available from API Connect 10.0.5.1 and later.

What's new for Developers

OpenAPI 3 APIs with a response wildcard can be published but are disabled on the Gateway.
If an OpenAPI 3 API contains a response wildcard (which is not supported), publishing is disabled for that API. You must correct the problem before you can publish the API.

Increased OpenAPI 3.0 support
The following updates have been made to the Open API 3.0 support for APIs that are enforced by the DataPower API Gateway:
  • All assembly policies are now supported, including the validate and map policies.
  • The OAuth2 with multiple flows security scheme is now supported.
For more information, see OpenAPI 3.0 support in IBM API Connect.
Added the Extract policy to transform content from the API context
The Extract policy transforms content from fields in the API context. You use JSONata expressions to specify the fields and how to transform the content. For more information, see Extract.

What's new for API product managers

New publish validation option when publishing your products
You can now select from the following publish validation options when configuring Catalogs in the API Manager UI:
  • Publishing APIs with empty paths is not allowed
  • Validate custom policy schema in an assembly
  • Validate the references inside the API and perform additional OpenAPI validations
  • Publishing APIs with duplicate base paths is not allowed
To configure these options, in the Catalog that you want to work with click the Catalog settings tab, and then click Publish validations > Edit. For more information about configuring Catalogs, see Creating and configuring Catalogs.

Override the timeouts set by consumer organization invitations
You can now override the consumer organization timeout with the timeout that is set in the Catalog. For more information, see Creating and configuring Catalogs.

New analytics dashboards and REST API
New analytics dashboards are implemented in the API Manager UI, replacing the use of Kibana. There's also a new analytics REST API for accessing your analytics data. For more information, see Accessing analytics in the API Manager UI.

Mixed-case resource names now supported
You can now create resource names with mixed-case text, including names for users, APIs, Products, Catalogs, organizations, and so on. However, you cannot have duplicate names of resources where the only difference is the case. For example, while MyAPI and myapi are both supported names, they cannot both exist in the same namespace. Also, note that Developer Portal endpoints must be only lower-case.

What's new for DevOps

Redesigned Analytics subsystem
  • The Analytics subsystem now uses Opensearch instead of Elasticsearch, resulting in a different set of microservices; for detailed installation information, see Installing the Analytics subsystem.
    Attention:

    The upgrade to v10.0.5.0 or later will result in the deletion of all existing analytics data. If you want to retain your analytics data then you must export it before upgrade. For instructions on exporting, see Additional considerations for upgrade to v10.0.5. It is not possible to import analytics data from earlier releases to v10.0.5.0 or later.

  • Logstash persistent queues replace the message queue feature.
  • New analytics toolkit CLI commands and REST API operations, covering many administration operations including those previously done by running curl_es commands inside storage containers. Curl_es operations are no longer supported.
  • Minor changes to the backup and restore process, which requires the recreation of the S3 backup secret after upgrade.
  • A new analytics dashboard has been added to the Cloud Manager UI, allowing the administrator to view analytics API events for each analytics service that is configured.

Pre-upgrade health-check script improved
The apicops pre-upgrade script has been expanded to include additional checks of your deployment's health. Before upgrading to this release of API Connect, you should run the script and check the results as explained in the upgrade instructions for each platform.

Support for migrating billing data from v5 to v10
The API Connect Migration Utility (AMU) now supports migrating your billing data from v5 to v10:
  • All Stripe billing integrations in v5 are migrated to v10 and applied automatically to all Catalogs.
  • All products that use paid plans will have the plans migrated.
  • Consumer payment methods that exist in the v5 Portal will be automatically created in v10.
After the migration is complete, you must configure the Stripe integrations in the Developer Portal sites; see Configuring Stripe in the Developer Portal for detailed instructions. For more information about migrating, see Migrating a Version 5 deployment.

Ability to disable the Portal web endpoint check
When you create or register a Developer Portal service, the Portal subsystem checks that the Portal web endpoint is accessible. However sometimes, for example due to the complexity of public and private networks, the endpoint cannot be reached. In this instance, you can disable the Portal web endpoint check so that the Developer Portal service can be created successfully.
To disable the endpoint check, complete one of the following updates depending on your platform:
On Kubernetes, OpenShift, and IBM Cloud Pak for Integration
Add the following section to the Portal custom resource (CR) template:
spec:
  template:
  - containers:
    - env:
      - name: PORTAL_SKIP_WEB_ENDPOINT_VALIDATION
        value: "true"
      name: admin
    name: www
On VMware
In your apicup project, create a file called ptl-extra-values.yaml (or edit the file if one already exists), and add the following section:
spec:
  template:
  - containers:
    - env:
      - name: PORTAL_SKIP_WEB_ENDPOINT_VALIDATION
        value: "true"
      name: admin
    name: www
For more information, see Registering a Portal service.

What's new for security practitioners

Configure Base64 encoding for temporary tokens
You can now enable or disable Base64 encoding for the temporary tokens that are created for invitations, and password reset tokens. For more information, see Configuring Base64 encoding for temporary tokens.