Skip Navigation

Azure API Management update September 24

Monday, September 24, 2018

The latest update to Azure API Management includes these bug fixes, changes, and new features:

  • We fixed a bug in API import that led to policies being orphaned for operations deleted in the process. That, in turn, caused named values referenced in those policies to stick around, preventing their names from being reused.
  • Client certificate changes (new, update, or delete) are immediately propagated to the gateways and will be instantly reflected in the context's certificate collection, for example.
  • We tightened header name validation logic in the diagnostics configuration and now allow only compliant HTTP header names. Names that contain "@" or newline characters will fail validation.
  • The bug that caused intermittent failures in sending exceptions occurring in retry policy to Azure Application Insights is gone.
  • We fixed a bug that made it impossible to remove an intermediate CA certificate.
  • We made taking a backup more reliable by changing the way we handle database timeouts and adding validation to check if the provided target storage account supports block blobs.
  • We correctly handle OAuth client identifiers and secrets that contain characters not allowed in URLs.
  • Headers with empty values are reflected in the context's headers collection.
  • We now allow a file:// origin in the CORS policy, along with http(s):// origins.
  • On the developer portal, the documentation page no longer fails if the soapAction query parameter is missing in an operation of a SOAP 1.1 API. We also stopped adding redundant ContentType headers in SOAP 1.2 APIs.
  • When you're adding a header in the Test console on the Azure portal, you can choose its name from a drop-down list of well-known header names.

The service update started on September 24, 2018. We upgrade service instances in batches, and it usually takes about a week for the update to reach every active service instance.

Related feedback