We are pleased to bring you the following additions and enhancements to Developer Portal features in 22R1. REST API features added in 22R1 only affect API v22.1, unless otherwise noted.
Release Dates:
In this release, Vault will no longer support TLS1.0 and TLS1.1. These changes may affect custom integrations, but Vault UI users will not be affected.
Learn more about cipher suite changes.
Release Dates:
Vault is scheduled to rollover the signing certificate used to sign SAML Single Sign-on requests and Spark messaging connections. There is no expected downtime.
Your IT organization must ensure that the new certificate is configured on your Enterprise Identity Provider system prior to the New Certificate Rollover Event on April 29, 2022. Please ensure that your Spark messaging integrations do not cache the old certificate. Failure to utilize the new certificate by this date may cause login issues for SAML users, and Spark messaging integrations may fail.
Learn more about the action required for the certificate rollover process in Vault Help.
Release Date: 21R3.5; March 4, 2022
Session ID tokens in the external URL call job configuration are no longer supported and will not work in this release. Please update your job configuration to use the Post Session Credentials via Form Data with Key “Session.id” option.
Learn more about sending session IDs with Post Message.
Release Date: 21R3.4; February 11, 2022
This feature provides support for the multi-value picklist field in high volume objects. You can create up to two (2) multi-value picklist fields per high volume object.
Release Date: 21R3.2; December 10, 2021
The User Role system object (user_role__sys
), which is used to store user role assignments, is moving to high volume to deliver increased performance and scalability. The data_store
attribute for this object has been set to high_volume
.
Release Date: 21R3.4; February 11, 2022
The new Page Layout API endpoint provides the page layout metadata for a specific user. The authenticated user’s permissions are considered, so fields which are hidden from the authenticated user will not be included in the API response. For example, field-level security and other object-level permissions. Record-level permissions such as atomic security are not considered. Developers can retrieve a specific page layout or all page layouts for a given object.
GET /api/{version}/metadata/vobjects/{object_name}/page_layouts
GET /api/{version}/metadata/vobjects/{object_name}/page_layouts/{layout_name}
View these endpoints in the v22.1 API Reference.
Release Date: 22R1.0; March 4, 2022
In OAuth 2.0/OpenID Connect profiles, a Vault domain administrator can set a preferred authentication library when selecting ADFS as an Authorization Server provider. The available preferred providers are MSAL or ADAL. At runtime, Vault File Manager uses the preferred provider setting to load the appropriate authentication library. Learn more about Vault File Manager in Vault Help.
In addition, the Authentication Type Discovery REST API endpoint displays this additional information in the returned payload.
Release Date: 21R3.4; February 11, 2022
The Vault REST API now includes metrics in the response header that allow developers to inspect Vault Java SDK performance during API execution. These SDK performance metrics are also included in the API Usage Log available in the Vault UI. Developers can measure the number of SDK entry-points executed, total CPU and elapsed time, and gross memory used.
Additionally, the transaction_id
column in the API Usage Log has been renamed to execution_id
to match the API headers. The column name change applies to logs downloaded from the Vault UI and via API using v22.1+.
Learn more about Vault Java SDK Performance Headers.
Release Date: 21R3.2; December 10, 2021
In API v22.1+, Vault bypasses validation rules and reference constraints when creating records via the existing Create Object Records endpoint if the X-VaultAPI-MigrationMode
header is set to true
. The header continues to allow record creation in any lifecycle state.
With this change, the audit trail will now append “in migration mode” in the event_description
. For example, if the previous description was “Vehicle : VEH-000007 created”, the new description is “Vehicle : VEH-000007 created in migration mode”.
Release Date: 21R3.2; December 10, 2021
In API v22.1+, we’ve added X-VaultAPI-MigrationMode
API header support for single document reclassification. This allows developers to change the setting of the status__v
parameter if there is a change in document lifecycle or document type hierarchy (type__v
, subtype__v
, and classification__v
).
Additionally, developers can set the document_number__v
parameter when reclassifying documents which will override the existing document number. To override the existing document number, the existing document type, subtype, classification, or lifecycle must be modified.
The authenticated user must have the Document Migration permission to use the X-VaultAPI-MigrationMode
header.
Release Date: 21R3.2; December 10, 2021
In API v22.1+, the document type and subtype metadata endpoints to always include document fields regardless of the document type hierarchy (type__v
, subtype__v
, and classification__v
). Previously, document field metadata was only included when the document type did not have any child subtypes or classifications.
Release Date: 21R3.4; February 11, 2022
In API v22.1+, we have refactored the Update Documents endpoints and made changes to document validation. These endpoints now return an INVALID_DATA
error when a user attempts to update a read-only field on a document. In versions prior to v22.1, attempts to update read-only fields are silently ignored.
Release Date: 21R3.4; February 11, 2022
With this release, when updating document roles using Vault Loader, the success log now contains the updated role IDs.
Release Date: 21R3.4; February 11, 2022
With this release, Vault Loader failure logs now include any input CSV lines that were skipped due to errors.
Release Date: 21R3.4; February 11, 2022
With this release, the envelope__sys
and envelope_content__sys
system objects are no longer available for load or extract using Vault Loader. These objects drive the behavior of Vault workflows, and excluding them from Vault Loader ensures data integrity within these objects.
Release Date: 21R3.2; December 10, 2021
The Vault Loader CLI and API now provide the ability to assign and remove users and groups from object record roles for objects that have custom and matching sharing rules enabled.
Release Date: 21R3.5; March 4, 2022
This feature adds two new SiteVault-specific endpoints that enable API users to send eConsent forms to participants in bulk:
View these endpoints in the v22.1 API Reference.
Release Date: 21R3.2; December 16, 2021
Two new Vault Safety API endpoints are available to import multiple case narrative documents and translations in one operation. This is to improve case migration performance in Vault Safety.
The following endpoint imports narratives in bulk:
POST /api/{version}/app/safety/import-narrative/batch/
The following endpoint checks the status of the bulk import operation:
POST /api/{version}/app/safety/import-narrative/batch/{importId}
View these endpoints in the v22.1 API Reference.
Release Date: 21R3.4; February 11, 2022
This feature introduces a new component type, Vaulttoken
, and adds system-provided Vault tokens for Name, ID, and DNS to all Vaults. In addition to these, Vault Admins with the new Vault Tokens: Create permission can configure up to ten (10) Vault-wide tokens using MDL. Using Vault Java SDK, developers can reference Vault tokens and Custom tokens in HTTP Callout and the Spark message framework. Additionally, developers can resolve Custom token values using the new TokenService
.
Vault also includes the following system-provided Vault tokens that developers can use to reference Vault information:
${Vault.vault_dns__sys}
${Vault.vault_id__sys}
${Vault.vault_name__sys}
Learn more about Vault tokens.
Release Date: 21R3.4; February 11, 2022
Vault Admins can now configure the URL for external connections to use Vault tokens and Custom tokens that will be resolved at runtime. Connection records that include tokens are not cleared during Sandbox creation or VPK Import.
Learn more about Connection tokens.
Release Date: 21R3.4; February 11, 2022
This feature adds the USER_BULK_ACTION
usage. Annotating a RecordAction
with USER_BULK_ACTION
makes the action available to users in Vault’s bulk actions interface. A @RecordActionInfo
annotation cannot contain both the USER_ACTION
usage and the USER_BULK_ACTION
usage.
Learn more about record actions.
Release Date: 21R3.4; February 11, 2022
This feature provides new interfaces that allow developers to create a VQL query using a standard builder pattern and define onSuccess and onError handlers for Query Requests. Query Builder exposes supported VQL clauses, operators, and functions. Additionally, developers can use QueryService to validate queries and get query counts without the overhead of full query execution.
The following interface and methods have been deprecated and are discouraged from use:
QueryResponse
QueryResult
QueryService#query()
QueryService#escape()
Learn more in the Javadocs.
Release Date: 21R3.4; February 11, 2022
This feature provides Vault Admins and developers runtime logging for SDK requests. Daily logs are available via the Vault UI and Vault REST API, and log entries include SDK exceptions and custom code usages of LogService
.
Vault Admins can configure the current log level as:
SDK runtime log entries are available 15 minutes after the request has completed and can be accessed for 30 days. Logging is limited to 10KB for Exceptions and 40KB for LogService
entries.
Learn more about the Vault Java SDK runtime log.
Release Date: 21R3.4; February 11, 2022
This feature allows Vault Admins to configure the field type for an object or document query field when creating field rules within Spark messaging integration rules. Additionally, developers can access this value in Vault Java SDK and use the value to create callback VQL queries with the necessary VQL functions such as LONGTEXT()
, RICHTEXT()
, and TONAME()
.
Learn more about integration field rules.
Release Date: 21R3.4; February 11, 2022
With this feature, we’ve introduced a new ReferenceLookupType
, Generic
, which enables Administrators to configure lookups for mismatched data types. Additionally, the new Generic
option provides support for any-to-any mapping for all single-value fields which were previously unsupported, such as Boolean. Multi-value fields such as multi-value picklists are not supported.
Learn more about generic reference lookups.
Release Date: 21R3.4; February 11, 2022
To facilitate multi-term synonym searches, we’ve changed how searches are handled when using FIND
with more than one term. This allows a search phrase such as “myocardial infarction” to be found in the thesaurus and to match other phrases such as “heart attack”.
This update makes the strict matching option more field-centric, meaning that the minimum number of required matching terms must be found in the same field. Previously, matching terms could be split between multiple fields. This change is not versioned, so strict matching now has this behavior for all FIND queries with multiple terms. Strict matching is optional and can be enabled or disabled at any time at Admin > Settings > Search Settings.
Learn more about strict matching in Vault Help.
Release Date: 21R3.2; December 10, 2021
This feature opens VQL support for high volume objects (HVO) on all versions of the Vault REST API. When using VQL with an API version prior to v20.3, HVO objects will enforce v20.3 behavior as specified in the VQL documentation.
Release Date: 21R3.2; December 10, 2021
This feature adds query support for section_id__sys
and parent_section_id__sys
in the binder_node__sys
query target and allows developers to use the returned values in the related Binder Section endpoints in the Vault REST API. These new fields are only available using API v22.1+.