Changelog

Our commitment to security is unwavering. In this exciting release, we're introducing an API endpoint that allows customers to seamlessly rotate public keys used for JWT tokens.

Key Features & Changes:

• Public Key Rotation via API: Enhance your security posture by rotating your RSA Public Key directly through our new API, without the need to communicate them in plain text.
• Retrieve Your Workato Embedded Vendor ID: In the API response, you can easily retrieve the vendor_id, which provides the essential Workato Embedded Vendor ID for JWT.
• Updated Terminology: We're continuously improving clarity! The term previously known as the OEM Vendor API Key has now been renamed to "Workato Embedded Vendor ID" in our documentation.

You can now increase timeout durations—from the default 30 seconds, up to 240 seconds for the endpoints that need it. Just note that this works only for endpoints created on the API platform.

API requests that exceed the workspace’s concurrency limit will no longer be rejected. Instead, when API requests spike, API throttling will come into play. This will delay the requests a little, depending on their size.

We introduced API Clients for Developer APIs this January, which allows users to grant clients granular role and project-based app access. It’s now enhanced with:

• IP Whitelisting
• Developer APIs to manage API clients
• Support for project-level lookup tables, project properties, API Platform collections and API Platform Clients
• Recipe Operator connector support for API Client tokens

See API Clients’ documentation for more.

With API Clients, users can now grant clients granular role and project-based app access. For greater security, view-once tokens are now available. Read this update’s documentation, or go to the revamped Workspace Access to start configuring.

The enhanced recipe API allows resetting one or more recipes either manually on an ad-hoc basis or through automations. Resetting a trigger makes it forget the data that it has picked up in the past so it will pick up the same historical data again. This is a great way to do a full data refresh for data replication, master data management, or reverse ETL type of use case.  Click to learn more about reset API.

The API platform now supports authentication via basic auth, in addition to Oauth 2.o, JSON Web Tokens, and more.

Authenticate to Workato APIs with OpenID Connect to centralize permission management in your Identity Platform.

Reduce the latency of API requests by disabling logging for an API recipe.

Upload an OpenAPI spec to generate an API Collection, including stub recipes for each endpoint, with responses and input/output schema pre-defined.