API-of-Me
Search…
Releases

2021-Q2

Vault v32.4.3

    Fixed delegate user role for to access user's DEK
    Removed conversations and messages endpoints
    Added client task for re-encrypting the account owners KEK during delegation setup
    Added support multiple JWT issuers for OpenIDConnect Authentication flow.
    Added support seamless identity transition on OpenIDConnect identity provider change.
      This feature requires OpenIDConnect JWT to enclose a special claim extension_meecoUserId
      with value reference to the previous Meeco user identity.
    Added parameters for GET /connections:
      delegation=granted_to_the_other_user; the current user has granted delegation to other users
      delegation=granted_to_me; the current user has received delegation from other users
    Changed GET /session shows:
      the type of the session (oidc or token)
      if the type of the session is token, the access token will be shown
    Added parameters to GET /items: it is now possible to fetch only items with a certain name via ?name=foo
    Added Share intents:
      POST /invitations/{invitation_id}/share_intents to create a share intent
      DELETE /share_intents/:id,
      GET /share_intents/:id
      GET /share_intents
      Models Invitation and PublicInvitation have new field shares_to_be_created
      response to POST /connections contains a new element: a report on the created connections
    Changed parameters valid_for added to POST /sessions. valid_for defines the number of
    seconds the token is going to be valid
    Changed handling of errors in POST /items/shares: field extra_info contains
    a subset of incoming parameters with the error.
    Removed image and background color for the Item model (removed fields image_background_colour, background_color which are realted)
    Removed Item flag me from items.
    Changed User field verified_at so is hidden.
    Removed legacy messages feature which was not being used and would need to be upgraded if it were to be used.
    Changed the POST /thumbnails endpoint request structure to be nested under a thumbnail object
    Fixed performance on the POST /items endpoint
    Changed classification parameters for POST /items and PUT /items endpoints
    Changed POST /classification_nodes to only be used for user managed schemes (tags)
    Changed error messages on POST /items endpoint to provide more detailde cause
    Added field owned_by_user to classification scheme
    Removed value from POST /items, encrypted_value field should be used instead
    Removed POST /images endpoint and all image relations on items and users, images (unencrypted) are now only to be used by system
    admins, this helps clear confusion and the risk of user's images being sent up unencrypted.
    Removed associations from users and items
    Added enum definitions to the swagger file (and generated sdk) for the following models:
      ClientTask.state
      ClientTask.work_type
      Event.eventable_type
      Event.event_type
      OwnConnectionData.connection_type
      TheOtherConnectedUserData.connection_type
      Service.status
      Organization.status
      Share.acceptance_required
      Share.sharing_mode
      OrganizationMember.role
      User.user_type
    Removed updating of a slot in the PUT /items endpoint. You must now specifiy the slot's id to
    update it, any slot sent up without an id will be treated as a new slot
    Changed the flow of downloading attachments so fewer API calls are needed (see newly released cli/sdk implementation for example usage)
    Removed fields is_app_logging_enabled, unconfirmed_email, share_terms from model User
    Removed UserAccessToken fields name, device_push_token, push_token_platform
    Added item_ids parameter to retrieve multiple specific items at once. e.g. GET /items?item_ids=abc,xyz,foo,bar
    Changed share objects to hide the owner_id field from share objects when the sharee is not connected with the owner of the item (e.g. on-share)
    POST /items - added fields name and description to the list of accepted item fields
    POST /items: removed fields id and _destroy from slot attributes when creating a new item.
    Added documentation for GET /images/:id endpoint
    Removed GET /attachments/:id/download from documentation (this endpoint had already be decommisioned in the previous release)
    attachment_id in slots no longer changes when sharing a slot with an attachment
    Changed the shape of the nested attachment json (on POST /items etc)
    Removed slots.attachment_uid as attachment_id does not change upon share now.
    Changed behaviour of attachements to enforce data integrity
      once a slot has an attachment, it is not permitted to remove or replace the attachment
      once a slot has an attachments folder, it is not permitted to remove or replace the attachments folder
    Changed the urls generated by the server for images and thumbnails. Redirects are now handled by 2 endpoints:
      GET /blobs/public/{id}/{digest} - for images and thumbnails
      GET /blobs/attachment/{id}/{digest} - for attachments and direct attachments
    Removed PUT /slots/:id. Instead, PUT /items/:id should be used.
    Added attachment folders functionality; managing attachments folders not linked to any slots:
      POST /attachments_folders
      GET /attachments_folders
      GET /attachments_folders/:id
      DELETE /attachments_folders/:id
    Added attachments folders for slots:
      To attach an existing attachments folder use property attachments_folder_id, see model NestedSlotAttributes
      To access a attachments folders data use GET /slots/:slot_id/attachments_folder
    Added new parameters for GET /items:
      own boolean, if true adds constraint items.user_id = items.owner_id, if false adds
      constraint items.user_id != items.owner_id
      owner_id, if present, adds constraint items.owner_id = 'parameter goes here'
    Removed Field encrypted in Slot
    Removed fields cloudname, key_store_admission_token, key_store_id,
    key_store_url, key_store_username in User

KeyStore API v5.8.1

    Added support multiple JWT issuers for OpenIDConnect Authentication flow.
    Added support seamless identity transition on OpenIDConnect identity provider change.
      This feature requires OpenIDConnect JWT to enclose a special claim extension_meecoUserId
      with value reference to the previous Meeco user identity.
    Changed GET /session shows the validity of the current session
    Added endpoint POST /session/limited_in_time
    Added new parameters valid_for added to POST /sessions, POST /sessions/with_login_key,
    and POST /srp/sessions. valid_for defines the number of seconds the token is going
    to be valid
    Fixed Authorizations in the swagger file (userAuthToken, oidc2UserAuthToken,
    subscriptionKey, meecoDelegationId])
    Added new mandatory parameter in POST /child_users: delegation_token
    Added private_dek_external_id to the response of POST /child_users

StyleKit v2.0.0

    Version bump on most dependencies
    Build directory now fonts and images

SDK v3.0.0

    Version bump on most dependencies

FileStorageBrowser, FileStorageNode v5.0.0

    Version bump on most dependencies

CLI v3.0.0

    Version bump on most dependencies

Feb 2021

CLI v2.0.0

    users:get renamed to users:login, has the effect of recreating tokens if expired.
    users:get now returns user's id and other user info.
    shares:create-config takes connection and item config files (output of connections:create and items:create) instead of the respective ids.
    client-task-queue:list no longer accepts --suppressChangingState, pass --update if you want to set listed tasks to in_progress.
    client-task-queue:run-batch can now run failed tasks too.
    new command client-task-queue:update allows changing status of client tasks.
    client-task-queue commands now have --limit parameter
    added items:create-thumbnail
    meeco items:list allow filtering list by templateId, scheme, classification and sharedWith.
    added oidc_token OIDC token header support for authenticating user.

SDK v2.0.0

    Major revamp of Services API:
      All custom service methods specify the required credentials by interfaces
      Services provide their base APIs via the getAPI method
      Services with paginated responses offer a listAll method
    Added Service for delegating child users
    Added cryppo wrapper classes SymmetricKey and PublicKey to simplify key usage within SDK
    Added classes for manipulating Items and Slots: DecryptedItem for client-side copies, NewItem and ItemUpdate for pending changes.
    Added demo app for sharing and delegation
    added oidc_token OIDC token header support for authenticating user.

Vault API v19.3.0

    Add user_public_key to response of GET /invitations/{:token}
    Remove child_public_key_for_login parameter from POST /child_users
    Update description of sharing_mode in POST /items/{id}/shares
    New field item_shared_via_another_share_id in ShareWithItemData If this field is NULL it means that the rendered item has been created via the currently displayed share. If item_shared_via_another_share_id is not NULL, it means that the rendered item has been created via a different share, and the ID if the share is in item_shared_via_another_share_id. The client is advised to re-run the call with this ID.
    Change default behaviour of GET /client-task-queue to not change task states supress_changing_state parameter has been changed to change_state to reflect the change.
    Add delegation_token parameter description in POST /invitations
    Change behavour of GET /client_task_queue
      Will now return items of all states by default
      Accepts a list of states instead of a single state as before
      Generated TypeScript client will now require that states are passed using the generated ClientTaskQueueGetStateEnum enum
    Removed logging in with a password POST /session/login
    Add item_ids query parameter for GET /outgoing_shares as search filter.
    Support for OIDC2
    Added filter target_id to GET /client_task_queue: GET /client_task_queue?target_id=id
    Add GET /event_feed endpoint
    Swagger models Slot, Attachment, and DirectAttachment all have a new field: attachment_uid. The function of attachment_uid is to signal whether the actual file referenced from two different attachments is the same or not. In other words, when an attachment is shared to a different user, a new attachment record is created with a new id, but attachment_uid stays the same. This ID cannot be used to retrieve the attachment.
    added filter classification_node_names to GET /items: GET /items?classification_node_names=value_1,value_2,value_3
    added filter shared_with to GET /items: GET /items?shared_with=user_id. If present, only items will be fetched which have been shared with the given user. Works for items owned by the current user as well as for items owned by someone else and on-shared by the current user.

KeyStore API v5.1.0

    Add POST /child_users endpoint
    Add POST /delegations endpoint
    Add GET, DELETE /delegations/:delegation_token endpoint
    Add PUT /delegations/:delegation_token/share endpoint
    Add PUT /delegations/:delegation_token/reencrypt endpoint
    Rename DELETE /session/all :delete_all_session_params query param to :except_current of boolean type.
    Add POST /delegations/:delegation_token/claim endpoint
    Added user delegation header Meeco-Delegation-Id. Meeco-Delegation-Id contains the ID of a user that the current user has delegation permissions for. If delegation has been set up correctly, the current user of the action will be the user in Meeco-Delegation-Id
    Remove encryption spaces endpoints
    Dropped support for POST /keypairs/external_id/:external_id/ decrypt_session_token
    Support for OIDC2
    External_identitiers in Keypair is a string, not an object.
    Private_dek_external_id is added to the response of POST /child_users

Cryppo/JS v2.0.0

      Encrypt method now accept bytes UInt8Array as input.
      Decrypt method now produce bytes UInt8Array as output.
      RSA signature also accept bytes UInt8Array as input.
      Private key encryption also accepts bytes as input.

File-Storage-Browser, File-Storage-Node v3.0.0

    Updated cryppo version 2.0.0
    Updated Vault-api-sdk: 19.X.X & keystore-api-sdk: 5.X.X

Cryppo CLI v2.0.0

    No functional changes, updated new cryppo version 2.0.0

October 2020

Vault API v16.0.1

    On-sharing - the ability to allow other users to share an item that has been shared with you if the item’s owner allows it. This includes a verification step to make sure the on-sharer has not modified the data.
    Organizations - you can now create an account for your organisation and add members and services.
    Accepting of shares - we’ve identified that sometimes the terms of a share need to be reviewed and explicitly accepted or rejected before seeing the data so we’ve now made this possible.
    More efficient file attachments, we now have the ability to receive encrypted chunks of data so an entire file doesn’t have to be encrypted as one before sending it up.
    Improved Sharing - sharing is more streamlined, comprehensible and performant than ever before.
    Sharing of encrypted files with other users.
    Re-encrypting of shared data to cut down on the number of Encryption Keys needed to be stored/managed indefinitely.
    Updated to use latest BSON serialization format from Cryppo.

KeyStore API v3.0.0

    Remove the shared key endpoints as sharing keys for shares will now happen in the vault.
    Removed the encryption_spaces endpoints in favor of just using the Date Encryption Key endpoints.

SDK v1.0.0

    Added Item Update function
    Added Functions to Retrieve Client Tasks and Execute the Tasks.
    Added some Organization related commands where the logic was not just a simple endpoint req
    Exposed more methods from the user create and user login flow to allow more control from client applications.

CLI v1.0.0

    Added Share Delete command.
    Added Item Update function
    Added Functions to Retrieve Client Tasks and Execute the Tasks.
    Added Commands for Creating and Managing Organizations, Organization Services, and Organization Members.
    Added Checking the Client Task Queue after updating an item to see if shares need to be updated.
    Added user login and logout methods.

Cryppo/JS v1.0.0

    Updated to return null when an empty string is passed in instead of returning a serialized empty string.
    Updated to the latest underlying node-forge library.
    Update to use BSON serialization.
    Better handling of character encoding by forcing UTF-8 where appropriate.

Cryppo/Ruby v1.0.0

    Update to use BSON serialization.
    Added Checking of the Client Task Queue after updating an item to see if shares need to be updated.

Cryppo CLI v1.0.1

    No functional changes, just updated to use new linked libraries.

File-Storage-Browser, File-Storage-Node v2.0.0

    Initial release of these browser-js/node-js packages to upload files as chunks of encrypted data.

Style-Kit v1.0.0

    Initial release of this html/js library used for adding Meeco’s stylings to your app or components of your app.
Last modified 3mo ago