Skip to main content

Azure API Management update January 25

Published date: January 25, 2019

On January 25, we started a regular Azure API Management service update. It includes the following bug fixes, changes, and new features:

  • We added JWE support to the validate-jwt policy. We added a new decryption-keys element to the policy definition. (It must be placed between the issuer-signing-keys and audiences elements.) It can contain multiple key elements structured similarly to the issuer-signing-keys/key elements. Only JWTs with the alg property set to dir (symmetric keys) and the enc property set to A128CBC-HS256A192CBC-HS384, or A256CBC-HS512 are currently supported. Tokens that use other settings will fail validation with the "TokenDecryptionFailed" error reason.

  • We now log nested exceptions to Azure Application Insights. For each exception, we tell you which policy produced it.

  • From now on, all new revisions and versions will be created with a copy of their predecessors' diagnostics settings.

  • We provided a couple of additional email template parameters in the New Developer Account Confirmation email template to make it more flexible for customers who use delegation or have a custom portal.

  • In accordance with the OpenAPI specification, auto-generated request samples shown in the developer portal will no longer show read-only properties.

  • We fixed a bug where we occasionally failed to add APIs and groups to a product when deploying from the configuration repository.

  • We're upgrading the service to a more modern compute SKU, which is slightly roomier and faster than the one used before. As a result, you might see a slight uptick in available capacity.

We deploy updates gradually, and it usually takes a week or more for every active service instance to receive them.

  • API Management
  • Features

Related Products