Product Update - v21.10

Details of the product update v21.10 from 11th of March 2021.

Improvements and Updates

OAuth2 client creation in recipe activation

This release extends the functionality of the authentication client creation. Now you can create OAuth2 authentication clients right from the recipe activation page.

Loader for workspaces list in the invitation form

This specific improvement addresses the issue when the UI would not show more than 20 workspaces in the invitation drop-down. Now loader would appear in case you have more than 20 workspaces. Eventually the list of all workspaces would be presented in the drop-down list.

Please Note: only workspaces you have access to (permission workspaces.workspace.edit) will be loaded.

Configure dynamic flow control

If your component is written in Java then you can now disable the dynamic flow control in the step by setting the ELASTICIO_AMQP_PUBLISH_CONFIRM_ENABLED environment variable in the component repository as false. This is only possible if your component is using the latest Java sailor version 3.3.5.

SAML2 SSO Client

With this release we introduce initial support for SAML2 SSO Client. To support multi-tenancy, each Tenant has to upload their own service provider configuration for SAML 2.0 provider.

When a user clicks on the button in UI e.g. “Login with Facebook” a popup window is opened with the target URL /saml/authenticate?providerId={providerId}. Backend gets the provider from database by providerId for the requested tenant, constructs service provider interface using saml-js library and redirects to the correct auth URL(assertEndpoint or /saml/callback?providerId={providerId} if first is not specified) of the SAML provider.

Then normal SAML 2.0 flow is taking place. In the end, the backend gets info about the user and tries to find in its DB. If the user is not found, a user is created on the fly (that is if auto_create_user is true in provider configuration) using the given user data and temporary password, which could be changed later on the profile page. After that, a new session is started and the user is being redirected to the application itself.

If it is a new user then first_name and last_name will be taken from the similar fields of the SAML 2.0 response attributes.

New frontend endpoints are introduced:

  • GET /saml/authenticate?providerId={providerId}
  • POST /saml/callback?providerId={providerId}

New DB tables:

  • SAMLProvider, more information form the API-docs
  • SAML Identity. This table is using to connect the user with the provider. The record has two relationships user and SamlProvider. It has also an attribute called is_new_user that hold the record in case when the user was not registered in our system, before logging in using SAML 2.0. Service provider.

API-Docs URL setup

With this release we introduce new parameter api_docs_url to the tenant configuration and a capability to manage and redirect visitors to the correct API-documentation version. This is particularly useful in multi-tenant, white-labelled environment where each tenant would have a unique api address.

To benefit from this new parameter you must set the api_docs_url parameter and its value to the tenant record:

  • If api_docs_url is set in the tenant record, every link to the API documentation will be redirected to the provided address.
  • If your installation contains more than one tenants with the same api_domain, then api_docs_url property won’t work correctly for any of these domains. Use api_docs_url only for tenants with unique api_domain.
  • If you set default api_docs_url (default is https://[tenant.api_domain]/docs) in tenant.api_docs_url, you will get a redirect loop.

Fixed Bugs

  • Fixed the problem when the deleted content-based-router component step with not configured branches would block publishing of the draft.
  • Addressed the UI bug when the mapped data would disappear after reopening the flow to examine.
  • Fixed the error in copy flow when the dynamic selectModel was malformed due to 3rd party host issues.
  • Addressed the problem when no workspaces were shown while exporting the flow.
  • Fixed the UI bug when the header part would not load while opening the flow to view or edit.
  • Addressed the redirect loop problem of the api-docs service after the nginx ingress controller upgrade.


Amazon MWS component

  • FIXED a bug when order status filtering didn’t work and orders of all statuses were retrieved instead of a specified status.
  • ADDED a configuration field to set up a number of orders per one page.
  • UPDATED the Java Sailor version: 3.3.2.

CSV component

  • ADDED support for reading a file from a remote URL in Read CSV attachment action.
  • UPDATED the Node.js Sailor version: 2.6.24.

Magento2 component

  • FIXED a bug in Bulk Extract trigger with incorrect trigger behavior with a large number of retrieved objects.

NetSuite component

  • ADDED Token Based Authentication (TBA) option.
  • UPDATED the Java Sailor version: 3.3.2.

REST API v2 component

  • FIXED a bug with request Content-Type mutlipart/form-data header processing.
  • FIXED a bug when component fails when the server provides a binary response without Content-Length.

Sailor version update in bulk

As a part of the component code audit we updated the Node.js Sailor version to 2.6.24 in the following components: