Releases
2021-Q2
Vault v32.4.3
Fixed delegate user role for to access user's DEK
Removed conversations and messages endpoints
Added client task for re-encrypting the account owners KEK during delegation setup
Added support multiple JWT issuers for OpenIDConnect Authentication flow.
Added support seamless identity transition on OpenIDConnect identity provider change.
This feature requires OpenIDConnect JWT to enclose a special claim
extension_meecoUserId
with value reference to the previous Meeco user identity.
Added parameters for
GET /connections
:delegation=granted_to_the_other_user
; the current user has granted delegation to other usersdelegation=granted_to_me
; the current user has received delegation from other users
Changed
GET /session
shows:the type of the session (
oidc
ortoken
)if the type of the session is
token
, the access token will be shown
Added parameters to
GET /items
: it is now possible to fetch only items with a certain name via?name=foo
Added Share intents:
POST /invitations/{invitation_id}/share_intents
to create a share intentDELETE /share_intents/:id
,GET /share_intents/:id
GET /share_intents
Models
Invitation
andPublicInvitation
have new fieldshares_to_be_created
response to
POST /connections
contains a new element: a report on the created connections
Changed parameters
valid_for
added toPOST /sessions
.valid_for
defines the number of seconds the token is going to be validChanged handling of errors in
POST /items/shares
: fieldextra_info
contains a subset of incoming parameters with the error.Removed image and background color for the Item model (removed fields
image_background_colour
,background_color
which are realted)Removed Item flag
me
from items.Changed User field
verified_at
so is hidden.Removed legacy
messages
feature which was not being used and would need to be upgraded if it were to be used.Changed the
POST /thumbnails
endpoint request structure to be nested under athumbnail
objectFixed performance on the
POST /items
endpointChanged classification parameters for
POST /items
andPUT /items
endpointsChanged
POST /classification_nodes
to only be used for user managed schemes (tags)Changed error messages on
POST /items
endpoint to provide more detailde causeAdded field
owned_by_user
to classification schemeRemoved
value
from POST /items,encrypted_value
field should be used insteadRemoved POST /images endpoint and all image relations on items and users, images (unencrypted) are now only to be used by system admins, this helps clear confusion and the risk of user's images being sent up unencrypted.
Removed associations from users and items
Added enum definitions to the swagger file (and generated sdk) for the following models:
ClientTask.state
ClientTask.work_type
Event.eventable_type
Event.event_type
OwnConnectionData.connection_type
TheOtherConnectedUserData.connection_type
Service.status
Organization.status
Share.acceptance_required
Share.sharing_mode
OrganizationMember.role
User.user_type
Removed updating of a slot in the
PUT /items
endpoint. You must now specifiy the slot's id to update it, any slot sent up without an id will be treated as a new slotChanged the flow of downloading attachments so fewer API calls are needed (see newly released cli/sdk implementation for example usage)
Removed fields
is_app_logging_enabled
,unconfirmed_email
,share_terms
from modelUser
Removed UserAccessToken fields
name
,device_push_token
,push_token_platform
Added
item_ids
parameter to retrieve multiple specific items at once. e.g.GET /items?item_ids=abc,xyz,foo,bar
Changed share objects to hide the
owner_id
field from share objects when the sharee is not connected with the owner of the item (e.g. on-share)POST /items
- added fieldsname
anddescription
to the list of accepted item fieldsPOST /items
: removed fieldsid
and_destroy
from slot attributes when creating a new item.Added documentation for
GET /images/:id
endpointRemoved GET /attachments/:id/download from documentation (this endpoint had already be decommisioned in the previous release)
attachment_id
in slots no longer changes when sharing a slot with an attachmentChanged the shape of the nested attachment json (on POST /items etc)
Removed
slots.attachment_uid
asattachment_id
does not change upon share now.Changed behaviour of attachements to enforce data integrity
once a slot has an attachment, it is not permitted to remove or replace the attachment
once a slot has an attachments folder, it is not permitted to remove or replace the attachments folder
Changed the urls generated by the server for images and thumbnails. Redirects are now handled by 2 endpoints:
GET /blobs/public/{id}/{digest}
- for images and thumbnailsGET /blobs/attachment/{id}/{digest}
- for attachments and direct attachments
Removed
PUT /slots/:id
. Instead,PUT /items/:id
should be used.Added attachment folders functionality; managing attachments folders not linked to any slots:
POST /attachments_folders
GET /attachments_folders
GET /attachments_folders/:id
DELETE /attachments_folders/:id
Added attachments folders for slots:
To attach an existing attachments folder use property
attachments_folder_id
, see modelNestedSlotAttributes
To access a attachments folders data use
GET /slots/:slot_id/attachments_folder
Added new parameters for
GET /items
:own
boolean, if true adds constraintitems.user_id = items.owner_id
, if false adds constraintitems.user_id != items.owner_id
owner_id
, if present, adds constraintitems.owner_id = 'parameter goes here'
Removed Field
encrypted
inSlot
Removed fields
cloudname
,key_store_admission_token
,key_store_id
,key_store_url
,key_store_username
inUser
KeyStore API v5.8.1
Added support multiple JWT issuers for OpenIDConnect Authentication flow.
Added support seamless identity transition on OpenIDConnect identity provider change.
This feature requires OpenIDConnect JWT to enclose a special claim
extension_meecoUserId
with value reference to the previous Meeco user identity.
Changed
GET /session
shows the validity of the current sessionAdded endpoint
POST /session/limited_in_time
Added new parameters
valid_for
added toPOST /sessions
,POST /sessions/with_login_key
, andPOST /srp/sessions
.valid_for
defines the number of seconds the token is going to be validFixed Authorizations in the swagger file (userAuthToken, oidc2UserAuthToken, subscriptionKey, meecoDelegationId])
Added new mandatory parameter in
POST /child_users
:delegation_token
Added
private_dek_external_id
to the response ofPOST /child_users
StyleKit v2.0.0
Version bump on most dependencies
Build directory now fonts and images
SDK v3.0.0
Version bump on most dependencies
FileStorageBrowser, FileStorageNode v5.0.0
Version bump on most dependencies
CLI v3.0.0
Version bump on most dependencies
Feb 2021
CLI v2.0.0
users:get
renamed tousers:login
, has the effect of recreating tokens if expired.users:get
now returns user's id and other user info.shares:create-config
takes connection and item config files (output ofconnections:create
anditems:create
) instead of the respective ids.client-task-queue:list
no longer accepts--suppressChangingState
, pass--update
if you want to set listed tasks toin_progress
.client-task-queue:run-batch
can now runfailed
tasks too.new command
client-task-queue:update
allows changing status of client tasks.client-task-queue
commands now have--limit
parameteradded
items:create-thumbnail
meeco items:list
allow filtering list bytemplateId
,scheme
,classification
andsharedWith
.added
oidc_token
OIDC token header support for authenticating user.
SDK v2.0.0
Major revamp of Services API:
All custom service methods specify the required credentials by interfaces
Services provide their base APIs via the
getAPI
methodServices with paginated responses offer a
listAll
method
Added Service for delegating child users
Added cryppo wrapper classes
SymmetricKey
andPublicKey
to simplify key usage within SDKAdded classes for manipulating Items and Slots:
DecryptedItem
for client-side copies,NewItem
andItemUpdate
for pending changes.Added demo app for sharing and delegation
added
oidc_token
OIDC token header support for authenticating user.
Vault API v19.3.0
Add user_public_key to response of
GET /invitations/{:token}
Remove
child_public_key_for_login
parameter fromPOST /child_users
Update description of
sharing_mode
inPOST /items/{id}/shares
New field
item_shared_via_another_share_id
in ShareWithItemData If this field is NULL it means that the rendered item has been created via the currently displayed share. Ifitem_shared_via_another_share_id
is not NULL, it means that the rendered item has been created via a different share, and the ID if the share is initem_shared_via_another_share_id
. The client is advised to re-run the call with this ID.Change default behaviour of
GET /client-task-queue
to not change task statessupress_changing_state
parameter has been changed to change_state to reflect the change.Add delegation_token parameter description in
POST /invitations
Change behavour of GET /client_task_queue
Will now return items of all states by default
Accepts a list of states instead of a single state as before
Generated TypeScript client will now require that states are passed using the generated ClientTaskQueueGetStateEnum enum
Removed logging in with a password
POST /session/login
Add item_ids query parameter for
GET /outgoing_shares
as search filter.Support for OIDC2
Added filter target_id to
GET /client_task_queue
:GET /client_task_queue?target_id=id
Add
GET /event_feed endpoint
Swagger models
Slot
,Attachment
, andDirectAttachment
all have a new field:attachment_uid
. The function ofattachment_uid
is to signal whether the actual file referenced from two different attachments is the same or not. In other words, when an attachment is shared to a different user, a new attachment record is created with a new id, butattachment_uid
stays the same. This ID cannot be used to retrieve the attachment.added filter
classification_node_names
toGET /items: GET /items?classification_node_names=value_1,value_2,value_3
added filter
shared_with
toGET /items: GET /items?shared_with=user_id
. If present, only items will be fetched which have been shared with the given user. Works for items owned by the current user as well as for items owned by someone else and on-shared by the current user.
KeyStore API v5.1.0
Add
POST /child_users
endpointAdd
POST /delegations
endpointAdd
GET
,DELETE /delegations/:delegation_token
endpointAdd
PUT /delegations/:delegation_token/share
endpointAdd
PUT /delegations/:delegation_token/reencrypt
endpointRename
DELETE /session/all
:delete_all_session_params query param to :except_current of boolean type.Add
POST /delegations/:delegation_token/claim
endpointAdded user delegation header
Meeco-Delegation-Id
.Meeco-Delegation-Id
contains the ID of a user that the current user has delegation permissions for. If delegation has been set up correctly, the current user of the action will be the user inMeeco-Delegation-Id
Remove encryption spaces endpoints
Dropped support for
POST /keypairs/external_id/:external_id/
decrypt_session_tokenSupport for OIDC2
External_identitiers in Keypair is a string, not an object.
Private_dek_external_id is added to the response of
POST /child_users
Cryppo/JS v2.0.0
Breaking changes: https://github.com/Meeco/cryppo-js/blob/master/README.md
Encrypt method now accept bytes UInt8Array as input.
Decrypt method now produce bytes UInt8Array as output.
RSA signature also accept bytes UInt8Array as input.
Private key encryption also accepts bytes as input.
File-Storage-Browser, File-Storage-Node v3.0.0
Updated cryppo version 2.0.0
Updated Vault-api-sdk: 19.X.X & keystore-api-sdk: 5.X.X
Cryppo CLI v2.0.0
No functional changes, updated new cryppo version 2.0.0
October 2020
Vault API v16.0.1
On-sharing - the ability to allow other users to share an item that has been shared with you if the item’s owner allows it. This includes a verification step to make sure the on-sharer has not modified the data.
Organizations - you can now create an account for your organisation and add members and services.
Accepting of shares - we’ve identified that sometimes the terms of a share need to be reviewed and explicitly accepted or rejected before seeing the data so we’ve now made this possible.
More efficient file attachments, we now have the ability to receive encrypted chunks of data so an entire file doesn’t have to be encrypted as one before sending it up.
Improved Sharing - sharing is more streamlined, comprehensible and performant than ever before.
Sharing of encrypted files with other users.
Re-encrypting of shared data to cut down on the number of Encryption Keys needed to be stored/managed indefinitely.
Updated to use latest BSON serialization format from Cryppo.
KeyStore API v3.0.0
Remove the shared key endpoints as sharing keys for shares will now happen in the vault.
Removed the encryption_spaces endpoints in favor of just using the Date Encryption Key endpoints.
SDK v1.0.0
Added Item Update function
Added Functions to Retrieve Client Tasks and Execute the Tasks.
Added some Organization related commands where the logic was not just a simple endpoint req
Exposed more methods from the user create and user login flow to allow more control from client applications.
CLI v1.0.0
Added Share Delete command.
Added Item Update function
Added Functions to Retrieve Client Tasks and Execute the Tasks.
Added Commands for Creating and Managing Organizations, Organization Services, and Organization Members.
Added Checking the Client Task Queue after updating an item to see if shares need to be updated.
Added user login and logout methods.
Cryppo/JS v1.0.0
Updated to return null when an empty string is passed in instead of returning a serialized empty string.
Updated to the latest underlying node-forge library.
Update to use BSON serialization.
Better handling of character encoding by forcing UTF-8 where appropriate.
Cryppo/Ruby v1.0.0
Update to use BSON serialization.
Added Checking of the Client Task Queue after updating an item to see if shares need to be updated.
Cryppo CLI v1.0.1
No functional changes, just updated to use new linked libraries.
File-Storage-Browser, File-Storage-Node v2.0.0
Initial release of these browser-js/node-js packages to upload files as chunks of encrypted data.
Style-Kit v1.0.0
Initial release of this html/js library used for adding Meeco’s stylings to your app or components of your app.
Last updated