APIO Core

Appearance

2.13.0

Workflows

  • Support SHA and HMAC transformation in templates (sha1, sha224, sha256, sha386, sha512, hmac_sha1, hmac_sha256, hmac_sha512, blake2b, blake2s)
  • Introduce Pongo2 as template engine alternative (#55)
  • Alert on pending changes in the workflow editor
  • Make draggable the switch outputs (#74)
  • Log an event on user callbacks (#92)

Custom Routes

  • Support POST on public custom routes (#70)

User Management

  • Support updates and expose user last usage date (#63)
  • Expire the user M2M token (#58)
  • Expire the user trusted location(s) (#82)
  • Support some template variables in the 2FA email template name (#84)
  • Reveal user token when the user is an entity (#91)
  • Display first, last name and status when listing users
  • Support force password reset on next login (#81)
  • Reject password change if old and new passwords are the same (#81)
  • Support for password change on new users (#81)
  • fix missing usernames in the audit records (#123)

Reset Password

  • Support custom reset password request workflows (#25)
  • Support workflows to extend reset the password (#25)

UI

  • Add dashboard tiles to display the number of users, workflows and split the workflows in error in requests and in scheduled jobs or bulks (#24)
  • Make template editor inputs resizable vertically (#30)
  • Add links from the editor to node help page (#32)
  • Do not reveal the passwords, secrets and tokens in the configuration page (#84)
  • Show the dev flag in the license generator
  • Add a label to identify the platform and/or the environment in the navigation bar and the login page (#122)

Internals

  • Bump to Python 3.12 (#59)
  • Bump to Go 1.22
  • Add server CLI commands (loadconfig #65, importRoute #63)
  • Support debug tracing also on OAuth1 (#94)
  • Apply gateway configuration updates related to a proxy process (#99)
  • Support the possibility to exclude ACTIVE requests from cleanup (#96)

Broadsoft Integration

  • Do not update the user email if the email from Broadsoft is empty
  • Support the "Enabled" flag in the Broadsoft IdP configuration (#108)

Upgrade Note

Due to https://github.com/docker-library/golang/issues/467#issuecomment-1601845758 running on Docker version < 20.10.24 may require

    security_opt:
      - seccomp:unconfined

to be added to the sections in the docker-compose.yml file

2.13.1

  • Fix static files packaging for RPM's
  • Fix the token_expiry_date migration

2.13.2

  • extend reset-password trigger to change-password as well