Skip to main content
Feedback

API Management Release Notes for April 2026

April 28 2026

Cloud API Management

New
We added these features

  • Enhanced the Import APIs from Boomi Platform feature in Cloud API Management to support importing from the Boomi Platform with the following configuration improvements (WA-17568):

    • Gateway Authentication Support Expanded: You can now import API Services with Gateway Authentication configured or without it from Platform to Cloud API Management. API Services without gateway authentication are functional after import, but must have the System Domain Authentication Type configured in Security Settings to be secure for sending traffic. (WA-17568)

    • Authentication Handling Improvements: Cloud API Management supports seven authentication types with priority-based selection. When importing an API Service from Platform, Cloud API Management uses a priority-based algorithm to select the Runtime with the highest-priority authentication type.

    • Endpoint and Domain Sanitization: Endpoint names are sanitized to remove special characters ({}()[]<>;:,?/\|*+=!@#$%^&"'~), and domain names are converted to lowercase during import.

    • Non-editable Configurations: After importing an API Service, the settings on the Domain & Traffic Routing, Key & Method Detection, and Call Transformations tabs are pre-configured to preserve Platform-managed settings.

    • Performance Improvements: Optimized API queries used during import to reduce the import payload size, resulting in faster response times.

    • Processor Chain Support: The outbound authentication processor now uses the Mashery_Proxy_Processor_Chain adapter, aligning with the latest gateway integration standards.

    • Stricter Gateway Validation: Gateway authentication and processor configuration are now applied only when the Runtime in the environment associated with the imported API has the Port and Authentication Type fields correctly configured, reducing the risk of misconfiguration.

    • OAS Requirement: Importing an API Service requires a valid OpenAPI Specification (OAS), which is automatically generated when you create an API Service in Boomi Platform. Cloud API Management uses the OAS to import endpoint metadata and schemas. If the OAS has not been generated for your API Service, you may encounter errors or an empty endpoint list message during import.

    • Runtime Hostname: Cloud API Management does not support localhost or internal hostnames such as 127.0.0.1. If the runtime attachment uses these hostnames, the import fails. Ensure the runtime hostname is reachable before importing.

      Refer to the Before You Import page for more information on prerequisites, considerations, and import behaviors.

  • The expiration window for the password reset link has been shortened. Now, when you receive the password reset link, it will remain active for 30 minutes. This setting is managed by the Cloud API Management administrator. The default configurable expiration time is 30 minutes, but it can be adjusted to any value between 5 and 1440 minutes. (WA-16399)

Fix
We fixed these issues

  • Previously, Organization-level user received a 500 Internal Server Error when accessing the Organization Control Center Users page from the Organization Overview page for Organizations with more than 50 users. This issue has now been fixed. (WA-17656)

  • The Developer Activity (Analyze > Reports > Packages > Developer Activity) for a specific package took an unusually long time to load because of a high number of API methods associated with its endpoints. This issue has been fixed, and you can now view developer usage data for your API packages as expected. (NDS-9475)

April 21 2026

Cloud API Management

Fix
We fixed this issue
  • Previously, call logs were not captured when call log settings were enabled on the Call Inspector page for the GraphQL endpoint. This issue has now been fixed. With this fix, call logs are now captured as expected for GraphQL endpoints on the Call Inspector > Log Settings page. (EIN-22680)

April 14 2026

Cloud API Management

Known issue

  • The following is a known issue and will be fixed in an upcoming release (WA-17656):

    An Organization-level user receives a 500 Internal Server Error when trying to access the Organization Control Center Users page from the Organization Overview page for Organizations with more than 50 users. As a workaround, you can access an organization user's related information from the Manage > Users page.

April 11 2026

API Control Plane

Fix
We fixed this issue
  • Users were not being redirected to API Control Plane from the Boomi Platform if they had the default landing page set to anything except Home. (ACP-3743)

API Gateway

New
We added this feature

  • Added an optional H2 database health check monitor that identifies database corruption and performs auto-recovery when enabled, eliminating the need for a manual restart. (APIM-19158)

    Refer to Container properties.

Fix
We fixed this issue
  • Updated the API Gateway cache policy to prevent incomplete responses from being stored during client-side disconnections, eliminating the risk of serving corrupted or partial data to subsequent API calls. (APIM-19411)
On this Page