Changelog

Native webhook triggers configured for JSON payloads will now return a 400 bad request status code if the payload wasn't valid JSON. Additionally, to ensure consistency, starting from 6th November 2023, we will also start validating webhook triggers within the same workspace using the event name and webhook URL. If they have different configurations, we will prevent the recipe from starting.

These updates allow senders to see when events are not accepted so they can intervene and investigate immediately.

Logging Service has been updated to allow user access based on project permissions. Now, users will only be able to see log entries for projects they have access to. This enhancement both makes logs easier to parse for users by making sure they only see relevant logs, and improves security by limiting access to logs based on user permissions.

Exciting news — we’ve launched an Australia data center to enhance data control and performance for our customers in the region. This expansion caters to our growing customer base in Australia and New Zealand, offering them the power to choose the hosting location for their Workato account, alongside our existing centers in the US, Europe, Singapore, and Japan.

With Audit Log Streaming Notifications, breakages in streaming connections will be detected and an email will be sent to users with troubleshooting steps. This allows users to immediately detect both voluntary and involuntary breakages so that it can be resolved in a timely manner.

Exciting news! We’ve introduced two enhanced security features: project-level properties and lookup tables access limit, now available to all users without any limitations or specific requirements!

Project-Level Properties: Located in the ‘Project settings’ tab, these properties are exclusive to recipes in the same project and are accessible to users with the appropriate permissions and visibility.

Lookup Tables: Users can now adjust the availability zone for lookup tables from ‘All projects’ to a specific project, making them accessible only to users with the right permissions and visibility to that project.

Quick Overview:

• Open Access: Available to all, no additional requirements.
• Enhanced Security: Better control and management of sensitive data.
• API Accessibility: Both features are available via API.

For the right notifications to reach the right people on your team, we’ve added new fields to our email notifications settings.

The Developer API Client tokens are now integrated with GitHub’s secret scanning feature. When your API tokens are accidentally committed and found on public GitHub repositories, we will revoke them to block unauthorized access to your Workato workspace, and send your admins an email alert.

Find out more about this secret scanning feature.

This API call clears the secrets management cache to retrieve the latest available credentials from your external secrets manager, whether that’s AWS Secrets Manager or Hashicorp Vault. This allows you to update your secrets regularly with no disruptions to active recipes.

For tighter security, we’ve extended support for secrets manager, Hashicorp Vault, to our on-prem agents (OPA) and on-prem groups (OPA).