Onify Hub API 2.40.0

Changelog for 2.40.0

2.40.0

  • feat: worker syncs git resources before running scheduled flows
  • feat: update BPMN with support for ad-hoc subprocess
  • feat: setting BPMN process history time to live that resolves to 0 will be deleted immediately after completion
  • feat: setting BPMN process history time to live can be set as process.historyTimeToLive on activity input/output, must be defined as ISO8601 duration format (e.g. P3D)
  • feat: added new handlebar helper hashString to hash sensitive data (string) - Example: {{hashString user.key}}
  • feat: add icon and color fields to item.action
  • feat: support SSO authentication via API with enhanced SAML2/OAuth2 support and backward compatibility when setting federated_authentication_via_api setting
  • feat: enhanced SSO security and compliance with strict token expiration enforcement when enabling extended_authentication
  • feat: ability to enforce advanced authentication for users and invalidate legacy tokens via require_extended_authentication setting
  • improve: optimize reindexing to reduce memory usage and increase speed, especially for large datasets
  • improve: sort role and tag property
  • improve: enhanced GET /my/processes query to support both user.key and user.username for more comprehensive results
  • improve: omit sensitive properties workspace, role, modifiedby, createdby and owner when requesting my bulletins
  • improve: omit sensitive properties role, modifiedby, createdby and owner when admin requesting my shortcuts and workspaces
  • fix: scheduled sync workflow resources keeps workflow user. This was causing the workflows to be modified by system user instead of the original user.
  • fix: allow workflow impersonate, owner and domain to be reset by passing null
  • fix: allow role to be null to be able to reset role
  • fix: stop returning settings type password value when updating setting
  • fix: require url for item actions
  • fix: flow status set on end event not honoured under certain circumstances
  • fix: Allow color to accept any valid string, not just hex codes

Breaking

Item action Name is now required

Item actions must now include a name field. This is a new field that is required for all item actions.

Legacy tokens may be invalidated

When the require_extended_authentication setting is enabled, advanced authentication is enforced for users and legacy tokens are invalidated. Users may need to re-authenticate.

Cron scheduler changes

Migration from cron to croner library may cause different cron expression parsing. Existing scheduled workflows should be validated.

Enhanced GET /my/processes query results

The GET /my/processes query now searches for both user.key and user.username, which may return more processes than before. Users might see additional processes that were previously not included in their results.