Version 2.5.0
New Features
Audit Log
To help IT operations and administrators, we've created the Audit Logs tool for ApiOmat SuperAdmins. The Audit Logs give admins an central location for viewing any actions that occur anywhere across the ApiOmat platform. Administrators can view logs for meta data or specific app backends and run queries filtered by CRUD operations, organizations, environments and changes.
The Audit Log contains a security-relevant set of records documenting all changes done in or via ApiOmat. Records contain the time of the event, the user ID who was responsible for the event, the event type and the changed data. Both transient and non-transient data events are tracked, which enabled auditing external sources via modules.
ApiOmat SuperAdmin users can query the audit log for special events or operations in a time-frame, either for all meta data or on a per-app basis.
See the complete documentation here: Audit Log documentation
Dashboard 3 Beta
Our dashboard got a complete new material design and is available as an open beta now. You can install the new dashboard instead of the stable 2.5 release or in parallel. See the installation manual for detailled information.
C# SDK Offline Search
While every ApiOmat SDKs includes offline data storage, searching through the stored results was limited before. Starting with the C# SDK, you can query all offline data via the SQLite query language, which enables full offline access to all downloaded data, making many additional use cases possible. Other SDKs will follow shortly!
Important and breaking changes
Main-Modules, which are automatically created when creating a new App-Backend, will now be hidden in Dashboard (if not containing any classes) |
Activation of the Analytics module is now done via adding it to the default modules in yambas.conf/apiomat.yaml. The separate config value analytics.enabled is not used anymore. |
Loading of external libraries in native modules has been changed. Please read more at Native Module specific notes and limitations. Because of this, you have to update the SMTP module (we can provide you a new version, or you can add javax.mail-1.4.5.jar by yourself) |
OAuth2 Token verification can now be done by external Authentication classes. Due to workflow changes, return codes on authentication failure of OAuth2 tokens will change from 401 to 840. |
Authentication of customers or organizations email adresses is now case insensitive. |
To increase security and strictly follow the concept of Authentication classes, the auth() method in Hook classes is now only called when the specific class is also set up as an auth class. In versions < 2.5, the auth() methods were called on every authentication request on objects of this class, no matter how the auth classes definition was set up. To re-enable this legacy behaviour, set the classBasedAuth=true in yambas.conf / yambas.classBasedAuth: true in apiomat.yaml. |
ApiOmat issues new license keys (64 char length). These keys are periodically activated automatically, and no permanent connection to license server is needed anymore. After a successfull activation, an offline license is stored to the YAMBAS users directory and is used 10 days max. During that period, re-activations are done automatically, which will reset the 10 days threshold and generate a new offline license. |
YAMBAS installation now uses an own user aom-yambas and a new service name aom-yambas instead of tomcat7. |
Upload of static data (files, images, etc) is limited to 200 MB by default and can be changed in apiomat.yaml/yambas.conf files. |
Native modules will contain a newer swagger annotations library after download - please update your module. Using this library version, you can use more specific definitions of @ApiParam annotations like format or type. |
Native modules do not contain static class files anymore, they're packaged into an own lib. Additionally a new ant task to update your module is available. Please read more about updating your module. |
Modules can be released for each system separately. The field releaseState reflects the state for the current system (depending on the X-apiomat-system header in request). Additionally, there is a field releaseStates with the current state for each system. If you update this field, the releaseState field will be ignored. |
All changes in the current and previous versions can be found at the root page.
All deprecations and their removal date can be found at Deprecations and Migration.