5.0.1 - 2021-02-16 (S), 2021-02-23 (P)

About Staging and Production Environments
Each API Management SaaS upgrade is available to test in a staging environment before it is pushed to production. Refer to the dates in this change log for:
  • The date that the upgrade is available in the staging environment (S), and
  • The date that the upgrade is pushed to production (P).
Note for customers using API Gateway 9.2 or 10 CR1 and higher
For customers using the API Portal with the Layer7 API Gateway version 9.2 (any CR) or version 10 CR1 and higher, review the following information:
  • API Gateway 9.2
    (any CR):
    There is limited compatibility support when using API Portal 5.0 with API Gateway version 9.2. Do NOT perform an update of the integration bundle as part of your upgrade; otherwise, a number of new API Portal features will not be available. We recommend upgrading your API Gateway to a version higher than 9.2 (i.e., version 9.3 or higher) . See Compatibility Matrix for more information.
  • API Gateway 10 CR1 and higher
    You MUST update the integration bundle and replace the PortalUpgradeAssertion file as part of your upgrade. See Update the Integration Software on the API Proxy for more information.
Note for customers using API Gateway 10 CR1
For customers using the API Portal with the Layer7 API Gateway, a sync issue exists that renders some Portal-published APIs incompatible with API Gateway version 10 CR1. As a temporary workaround, we recommend using other versions of the API Gateway (9.x or 10.0 base) while a fix is being worked on.


  • Introducing Organization Type for Organizations:
    Portal Admins can now define an organization type,
    , for each organization to differentiate between organizations that can manage and publish APIs and organizations that can only consume APIs. This provides security enforcement for organizations and organization-based users that are defined in API Portal.
    organization can include users such as Org Publishers, Org Admin, and Developers who can manage and consume APIs. A
    organization can include only Org Admin and Developer users who can only consume APIs. An Org Publisher role cannot be created or updated in a Consumer organization.
    During API Portal upgrade, the organization type is automatically assigned based on the following conditions:
    • An organization that has Org Publisher role users, or manages APIs, or it is associated with any proxy is assigned the
      organization type.
    • An organization that does not have any of the above associations is assigned to the
      organization type.
    For information about the Organization Type, see Manage Organizations.
  • New Okta Single Sign-on for API Hub:
    API Management SaaS
    users can now log in into API Hub using Okta single sign-on. To enable customers to access all of Broadcom’s SaaS products, Broadcom as a corporation has adopted Okta for single sign-on (SSO). As part of this initiative,
    API Management SaaS
    has transitioned its single sign-on solution to Broadcom’s
    Business to Consumer
    (B2C) Okta. This brings parity between API Portal and API Hub login capabilities.
    For information about Okta single sign-on in API Hub, see Access API Hub.
    For information about transitioning to Broadcom Okta Single Sign-On, see the FAQs.
    For more information about Okta, see the Okta site.
    What is Okta?
    Okta is an enterprise-grade identity management service which enables single sign-on and user management to various platforms/applications within the enterprise.


  • Enhanced View and Search for Portal User List:
    Portal and Organization administrators can now view ALL users (i.e., Global publishers and organization users) in a single consolidated list when searching for or managing Portal users.
    List filters have also been expanded to include Organization to simplify user management across multiple organizations. The Status filter now includes ‘Pending Approval’ status to assist Organization administrators to locate such user accounts when the User Registration Request Workflow is enabled.
  • API Hub Updates
    Multiple updates have been made to the react-admin library to address potential vulnerabilities. View and download the latest API Hub source code from the Layer7 GitHub repository.


Addressed reports of outdated SSL cipher suites with recommendation of TLS v1.2 protocol.
Fixed an issue that prevented a non-Admin role from viewing API specifications and details.
Fixed an issue that caused an inconsistent callback length (i.e., limit of 255 instead of 2048 characters).
Fixed an issue that that prevented OTK from defaulting an API key to Out-of-Band (OOB) authorization when its API key equivalent in Portal is cleared of any OAuth scope parameters after synchronization.