Service Announcements: The following upcoming changes affect all versions of the API.
Release Date: December 8, 2017
We are pleased to bring you the following additions and enhancements to Developer Portal features in 17R3. Refer to Vault Release Notes for additional information about the 17R3 release. View the “API & VQL” category of the Fixed Issues list for Developer Feature fixes in this release. Note that API issues are fixed for the current version only (17.3) unless otherwise noted.
Beginning in 18R1, we will remove support for 1024 bit Diffie-Hellman ciphers and TLS v1.0, and will only support Elliptic Curve and TLS v1.2. To ensure your integrations continue working with Vault API, you must ensure that the technology you use to build and run integrations support strong ciphers.
With this release, your organization can work with Veeva Services to define actions for one or more objects allowing users to perform actions on those object records. With the introduction of object actions, we’re updating our existing object user action endpoints to include object actions. To differentiate object actions from lifecycle actions, object actions will have the
Objectaction prefix, for example,
Objectaction.monitoring_event__v.copy_record__v. Additionally, lifecycle user actions will now use the
Objectlifecyclesateuseraction prefix. The modified endpoints include:
This new endpoint allows Admins to initiate a user action on a batch of object records. Users can initiate both lifecycle user actions and the new object actions described above.
With the introduction of version-specific attachments, we’re adding new endpoints to manage version-specific attachments through the API. The new API endpoints include:
API users now have access to the same functionality as Vault Loader via the new Document Export API. Users can query a set of documents (for example, all documents related to a given study) and pass the list of document IDs to the API for export to the FTP staging site. Users have the option to export all versions, or only the latest version of a document.
The following artifacts are supported:
This new endpoint allows users with the Vault Configuration Report permission to generate an Excel report containing configuration information of a Vault. Using query parameters, you can choose to include inactive components or only include components modified since a specified date. As of v17.3, this endpoint reports on component configuration only.
All Vault audit trail and audit log data is now accessible through the REST API. This release, we’ve introduced three new endpoints:
This new endpoint allows Admins to retrieve data for all annotations that exist in a video document. The response includes the following for each annotation:
In v17.3, the Domain Information API response includes the
vault_family__v field. This field contains information about the application family each vault belongs to, such as Commercial, Clinical Operations, Regulatory, or Quality.
The following user endpoints have two new query parameters:
New Query Parameters:
These parameters allow you to exclude vault_membership and app_licensing fields from the response, which can dramatically increase performance if you do not need this information. These parameters are false by default in v17.3 and below.
As of v17.3, the Workflows API will no longer expose the
task_reason_code__v field. Because this field is not queryable with VQL, it provides low value and clutters response data. Prior versions of the API will continue to expose this field.
Previously, VQL users needed to understand the shape of the query response data in order to process it. To do this, the developer had to either first call one or more metadata APIs to inspect the object or document metadata, or hard-code this understanding of the metadata based on visual inspection of the Vault configuration.
This feature enhances VQL to return metadata which describes the shape of the response data, so developers can easily process the response without the need for additional API calls. Learn more in the VQL Reference.
With the introduction of Atomic Security, the permissions and set of available actions may now differ for each record and user. The VQL Record Properties feature enables programs using the API to understand the dynamic properties of each record in a result set.
Understanding permissions, actions, and other properties of a record allows a client application to present the correct behavior to the end user. For example, the application is able to hide fields or make fields read-only to enhance usability.
This feature enhances VQL to provide the required programmatic interfaces to external application developers. Developers can now “describe a row” of object data and build applications that respond to the dynamic security model of Vault.
Previously, the order in which results are displayed was variable. For example, a user could call the same query twice and see the same results displayed in a different order. To enforce a specific order, users needed to use the ORDER BY operator.
Starting in 17R3.0, for all versions of VQL, queries without ORDER BY now return results in a predictable default order, by relevance and internal ID.
Vault is adding limited support for OAuth 2.0 / OpenID Connect authorization frameworks. With this feature, customers can build applications that can use OAuth 2.0 / OpenID Connect infrastructure to authenticate to Vault API. View these endpoints in the V17.3 API Reference.
In 17R3, we are only certifying the support for OAuth 2.0/OpenID Connect with PingFederate Authorization Servers.
The Vault API now accepts OAuth2.0/OpenID Connect tokens, acquired through pre-configured Authorization Servers, for authorizing access to protected Vault APIs.
In this release, we’ve added a new API that allows external applications to discover the authentication type of a user. This Authentication Discovery API will help developers build applications which could dynamically adjust the the login requirements per user, and support either username/password or OAuth2.0/OpenID Connect authentication schemes.
To enable external applications to discover and configure the login requirements and authentication flows for Vault OAuth2.0/OpenID Connect users, they need to obtain the remote authorization server metadata. This feature allows the configuration of remote authorization server metadata so that external applications can discover and download it.
View the “API & VQL” category of the Fixed Issues list for Developer Feature fixes in this release. Note that API issues are fixed for the current version only unless otherwise noted.