Skip to main content

December

· 4 min read

NG Production Release Update - APIsec_cloud_6.12.1.0 ( December 12, 2025 )

This release includes updates across usability, automation, and platform reliability. It adds support for downloading OpenAPI specifications from applications, bulk management of instance-level parameters via CSV, and incremental UI workflow improvements.

The release also includes bug fixes, updates to spec parsing, clearer GraphQL error messages, expanded activity logging for automated API onboarding, and several operational changes related to reporting, cleanup, and system consistency.

Download OpenAPI Specifications (OAS) from Applications You can now download the OpenAPI Specification (OAS) for any application directly from the platform, a feature customers frequently request for quick access to the exact spec used during onboarding.

Here's how it works:

  • Applications initially registered with an OAS will provide the specification for download.
  • Applications onboarded via a Postman Collection are automatically converted to OAS, and the converted version is available for download.
  • If an application's OAS has been reloaded multiple times, the latest version currently reflected in the application is what you will receive.

Coming soon: the ability to download an OAS including manually added endpoints.

Bulk Upload & Download of Instance-Level Parameter Values (CSV Support)

We have added new capabilities that make managing instance-level parameter values faster and far more convenient. With this enhancement, you can:

  • Bulk upload instance-level parameters using a CSV file.
  • Download existing instance-level parameter values, making it easy to preserve them before reloading a spec—particularly useful when choosing not to retain parameters during a spec reload. Additional improvements include:
  • If an endpoint's request body contains null values, the platform will automatically substitute values from the instance-level parameters (if available).
  • When instance-level parameter values are intentionally set to null, they are now correctly interpreted as null — not as the string "null".

These enhancements streamline large-scale parameter management and reduce manual cleanup after spec updates.

UI Improvements

Application Launch Routing: When an application is opened using an application/{applicationId} URL, users are now automatically redirected to the corresponding instance page. The system appends instances/{instanceId} to the URL to ensure a valid landing page.

If multiple instances exist in an application, the first available instance is selected by default. This prevents errors caused by missing or null instance IDs and provides a smoother navigation experience.

Improved Application List Navigation & Usability

Applications now load automatically in the list view, providing a clearer, more complete view of each application and its associated instances. We have also improved usability in the Applications list by enabling the right-click context menu, allowing users to copy URLs or open applications in a new tab.

Consistent Top Navigation Bar

The top navigation bar has been standardized across all main menu items, ensuring a consistent look and behavior throughout the application for a smoother user experience.

Bug Fixes & Improvements

1. OAuth2 Credential Stability - Fixed an issue where OAuth2 password values were unintentionally overwritten when updating advanced authentication properties.

2. BOLA Scenario Execution Reliability - Resolved a regression that prevented resource identifiers from being correctly substituted during BOLA dry runs, which caused scenarios to fail during testing and activation. The fix has been validated across affected use cases to ensure consistent behavior.

3. Swagger 2.0 Spec Parsing Improvements - Addressed an issue where body parameters were duplicated when multiple content types were defined in a Swagger 2.0 specification. The parser now correctly handles numerous content types without creating redundant parameters or sending duplicate request payloads.

4. Expanded Activity Logs for Auto-Onboard - Activity Logs now fully capture Auto-Onboard events for Azure API Management, Postman, and SwaggerHub integrations. This provides clearer visibility into when APIs are automatically discovered and onboarded.

5. Improved GraphQL SDL Upload Error Feedback - When GraphQL application creation fails during SDL file upload, the UI now surfaces clear error messages explaining the failure and highlighting any discrepancies detected in the SDL file, instead of returning a generic error state.