|
1 | 1 | --- |
2 | 2 | pcx_content_type: changelog |
3 | 3 | title: Changelog |
4 | | -release_notes_file_name: |
5 | | - - api-shield |
6 | 4 | sidebar: |
7 | 5 | order: 10 |
8 | 6 | --- |
9 | 7 |
|
10 | | -import { ProductReleaseNotes } from "~/components"; |
| 8 | +import { ProductChangelog } from "~/components"; |
11 | 9 |
|
12 | | -{/* <!-- Actual content lives in /src/content/release-notes/api-shield.yaml. Update the file there for new entries to appear here. For more details, refer to https://developers.cloudflare.com/style-guide/documentation-content-strategy/content-types/changelog/#yaml-file --> */} |
| 10 | +{/* <!-- Actual content lives in /src/content/changelog/api-shield/. Update the file there for new entries to appear here. */} |
13 | 11 |
|
14 | | -<ProductReleaseNotes /> |
| 12 | +<ProductChangelog product="api-shield" /> |
| 13 | + |
| 14 | +## 2025-02-17 |
| 15 | + |
| 16 | +**New automatically applied risk labels** |
| 17 | + |
| 18 | +API Shield now automatically labels endpoints with risks due to missing schemas and performance anomalies (spikes in error rates, latency, and body response sizes). |
| 19 | + |
| 20 | +## 2025-01-16 |
| 21 | + |
| 22 | +**API Authentication Posture** |
| 23 | + |
| 24 | +Customers will see per-endpoint authentication details inside API Shield's [Endpoint Management](/api-shield/management-and-monitoring/) for zones with configured session identifiers. |
| 25 | + |
| 26 | +## 2024-12-19 |
| 27 | + |
| 28 | +**Automatically applied endpoint risk labels** |
| 29 | + |
| 30 | +API Shield now automatically labels endpoints with risks due to authentication status and sensitive data detection. |
| 31 | + |
| 32 | +## 2024-11-04 |
| 33 | + |
| 34 | +**Endpoint labels** |
| 35 | + |
| 36 | +Customers can now organize their endpoints by use case and custom labels in [Endpoint Management](/api-shield/management-and-monitoring/endpoint-labels/) for easy reference and future machine learning (ML) model training. |
| 37 | + |
| 38 | +## 2024-10-18 |
| 39 | + |
| 40 | +**API Shield fields in Custom Rules** |
| 41 | + |
| 42 | +Customers can now use API Shield product feature fields in [custom rules](/waf/custom-rules/), referencing features such as [JWT Validation](/api-shield/security/jwt-validation/), [session identifiers](/api-shield/get-started/#session-identifiers), and [Schema Validation](/api-shield/security/schema-validation/). |
| 43 | + |
| 44 | +## 2024-09-25 |
| 45 | + |
| 46 | +**Fallthrough rule for Schema Validation 2.0** |
| 47 | + |
| 48 | +Customers can now enable the [Fallthrough Action](/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule) for Schema Validation 2.0 to block or log requests that do not match the endpoints listed in schemas protected by Schema Validation 2.0. |
| 49 | + |
| 50 | +## 2024-08-28 |
| 51 | + |
| 52 | +**Increased capacity for Endpoint Management and Schema Validation** |
| 53 | + |
| 54 | +Endpoint Management and Schema Validation now support up to 10,000 saved and validated API endpoints. |
| 55 | + |
| 56 | +## 2024-07-08 |
| 57 | + |
| 58 | +**API Discovery's hostname variables** |
| 59 | + |
| 60 | +Customers can now see when [API Discovery](/api-shield/security/api-discovery/) groups similar subdomains with the same methods and paths, making it easy to discover and manage APIs that share many vanity domains or subdomains. |
| 61 | + |
| 62 | +## 2024-07-02 |
| 63 | + |
| 64 | +**Route API requests using API Routing** |
| 65 | + |
| 66 | +Customers can now route requests to different back-end services through [API Routing](/api-shield/management-and-monitoring/api-routing/), creating a unified front for their APIs distributed across otherwise disparate systems. |
| 67 | + |
| 68 | +## 2024-05-13 |
| 69 | + |
| 70 | +**Use JWT claims in Advanced Rate Limiting, Transform Rules, and as session IDs** |
| 71 | + |
| 72 | +Customers can now use the fields inside [JSON Web Tokens (known as claims)](/api-shield/security/jwt-validation/transform-rules/#enhance-transform-rules-with-jwt-claims) as [session identifiers in API Shield](/api-shield/get-started/#session-identifiers), to count values in [Advanced Rate Limiting](/waf/rate-limiting-rules/), and to send on useful information in [Transform Rules](/rules/transform/#transform-rules). |
| 73 | + |
| 74 | +## 2024-04-30 |
| 75 | + |
| 76 | +**Build Sequence Mitigation rules via the Cloudflare dashboard** |
| 77 | + |
| 78 | +Customers can now build [Sequence Mitigation](/api-shield/security/sequence-mitigation/) rules with a new user interface inside the API Shield section of the [Cloudflare dashboard](https://dash.cloudflare.com/). |
| 79 | + |
| 80 | +## 2024-02-23 |
| 81 | + |
| 82 | +**Endpoint Management supports hostname variables** |
| 83 | + |
| 84 | +Customers can now save endpoints in [Endpoint Management](/api-shield/management-and-monitoring/) that contain variables in the hostname. Hostname variables are supported across all product features. |
0 commit comments