Tyk Enterprise Developer Portal v1.12.0

Last updated: 4 minutes read.

Licensed Protected Product

1.12.0 Release Notes

Release Date 13 Nov 2024

Release Highlights

The v1.12.0 release includes the following new features and improvements:

  • Embedded Tyk Identity Broker. From this release, you don’t need to deploy a separate Tyk Identity Broker to SSO into the portal.
  • Now admins can create Apps and Credentials for developers directly from the portal admin UI.
  • Credentials notifications. Now admins can configure email notifications for credential expiration and credential expiration warnings.
  • Stronger passwords. Now admins can configure the password policy from the portal admin UI.
  • Security: 3 new high CVEs fixed.
  • Bugfixes: 4 bugs fixed.

For a comprehensive list of changes, please refer to the detailed changelog below.

Breaking Changes

This release has no breaking changes.

Deprecations

There are no deprecations in this release.

Upgrade instructions

If you are on 1.11.0 or an older version we advise you to upgrade ASAP directly to this release.

To upgrade the portal’s theme please follow the upgrade instructions for the portal’s themes.

Download

Changelog

Added

  • Embedded Tyk Identity Broker

    From this release, you can configure the portal to serve an internal Tyk Identity Broker. This means that you don’t need to deploy a separate Tyk Identity Broker service to SSO into the portal. This enables a new section under the portal admin UI where admins can manage SSO profiles for admins and developers.

    SSO profiles

    We support out of the box integration with the following SSO providers type:

    • Open ID Connect: Support for OpenID Connect (OIDC) Identity Tokens provided by any standards compliant OIDC provider such as Auth0.
    • LDAP: Bind users to an LDAP server such as Azure Active Directory, using their username and password.
    • Social: The social provider should provide seamless integration with Google+ Github, Facebook, Salesforce, Digital Ocean and more.

    You can read more about the supported SSO providers here.

  • Creation of Apps and Credentials

    Admins now have enhanced control over application and credential creation in the portal, streamlining the onboarding process and reducing the need for API-based setups. With this update, admins can create applications and assign them to specific users, making it easier to onboard developers who aren’t using self-service options.

    For custom authorization scenarios —like when using an external OAuth2.0 provider— admins can now issue credentials directly in the portal. These credentials are stored as key-value pairs that developers can view, providing a more seamless alternative to manual credential sharing.

    Non-Tyk managed credential

    Admins can also generate auth token credentials, with added flexibility to define custom token values if needed for compatibility with other systems. Additionally, OAuth2.0 credentials can now be created within the portal, ensuring stable, secure access for developers with the added benefit of immutability after creation.

    Custom credential

    Overall, these improvements simplify the process for managing applications and credentials, offering a more streamlined experience for admins and developers alike.

  • Password policy

    Admins can now configure the password policy from the portal admin UI. This includes setting the minimum password length, reused passwords, multi case, and more.

    Password policy

  • Credentials notifications

    Admins can now configure two types of notifications:

    • Credential expiration: This notification is sent to developers when their credentials expire. You can modify the email template in the keyexpired.tmpl file included in the theme package.
    • Credential expiration warnings: This notification is sent to developers when their credentials are about to expire. Admins can set the number of days before the expiration in the portal admin UI. You can modify the email template in the keytoexpire.tmpl file included in the theme package.

    Credentials notifications

Changed

  • Upgrade to Go 1.22

    The Enterprise Developer Portal has been upgraded from Golang 1.21 to Golang 1.22, bringing enhanced performance, strengthened security, and access to the latest features available in the new Golang release.

Fixed

  • Fixed a bug where values of dropdown custom attributes weren't removed correctly

    Fixed a bug where values of dropdown custom attributes weren’t removed correctly preventing admins from updating User custom attributes.

  • Fixed a certificate upload issue in Kubernetes environments

    Fixed an issue that was causing certificate uploads to fail when the file size exceeded 2KB in Kubernetes environments.

  • Fixed a bug that prevented to load OAS files from S3 storage

    We have addressed a bug that was causing the portal to fail loading OAS files from S3 storage.

  • Fixed typos in email subjects

    We have fixed typos in email subjects that were causing notifications to be sent with incorrect information.

Security Fixes

  • High priority CVEs fixed

    Fixed the following high priority CVEs identified in the Tyk Enterprise Developer Portal, providing increased protection against security vulnerabilities:

Further Information

Upgrading Tyk

Please refer to the upgrading Tyk page for further guidance with respect to the upgrade strategy.

FAQ

Please visit our Developer Support page for further information relating to reporting bugs, upgrading Tyk, technical support and how to contribute.

See also

Return to Top
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.
   Read More