Skip to content
Vault Logo
Vault Developer Portal Developer
Advanced Search

    Release Notes

    Vault Developer Release Notes

    We are pleased to bring you the following additions and enhancements to Developer Portal features in 17R3.

    Developer Features in 17R3

    Section link for Developer Features in 17R3

    Release Date: December 8, 2017 We are pleased to bring you the following additions and enhancements to Developer Portal features in 17R3. Refer to Vault Release Notes for additional information about the 17R3 release. View the "API & VQL" category of the Fixed Issues list for Developer Feature fixes in this release. Note that API issues are fixed for the current version only (17.3) unless otherwise noted.

    Removal of Weaker TLS Ciphers

    Section link for Removal of Weaker TLS Ciphers

    Beginning in 18R1, we will remove support for 1024 bit Diffie-Hellman ciphers and TLS v1.0, and will only support Elliptic Curve and TLS v1.2. To ensure your integrations continue working with Vault API, you must ensure that the technology you use to build and run integrations support strong ciphers.

    REST API v17.3

    Section link for REST API v17.3

    Object Actions

    Section link for Object Actions

    With this release, your organization can work with Veeva Services to define actions for one or more objects allowing users to perform actions on those object records. With the introduction of object actions, we’re updating our existing object user action endpoints to include object actions. To differentiate object actions from lifecycle actions, object actions will have the Objectaction prefix, for example, Objectaction.monitoring_event__v.copy_record__v. Additionally, lifecycle user actions will now use the Objectlifecyclesateuseraction prefix. The modified endpoints include:

    • Retrieve object actions and lifecycle user actions for an object record.
    • Retrieve object action and lifecycle user action details.
    • Initiate object actions and lifecycle user actions on a single record.
    • Bulk Initiate Object Record User Action This new endpoint allows Admins to initiate a user action on a batch of object records. Users can initiate both lifecycle user actions and the new object actions described above.

    Version-Specific Attachments

    Section link for Version-Specific Attachments

    With the introduction of version-specific attachments, we’re adding new endpoints to manage version-specific attachments through the API. The new API endpoints include:

    • Create, update, and delete document attachments in bulk
    • Retrieve version-specific attachments from a document version
    • Download version-specific attachments from a document version

    Document Export API

    Section link for Document Export API

    API users now have access to the same functionality as Vault Loader via the new Document Export API. Users can query a set of documents (for example, all documents related to a given study) and pass the list of document IDs to the API for export to the FTP staging site. Users have the option to export all versions, or only the latest version of a document. The following artifacts are supported:

    • Source document
    • Renditions

    Vault Configuration Report API

    Section link for Vault Configuration Report API

    This new endpoint allows users with the Vault Configuration Report permission to generate an Excel report containing configuration information of a Vault. Using query parameters, you can choose to include inactive components or only include components modified since a specified date. As of v17.3, this endpoint reports on component configuration only.

    Audit API

    Section link for Audit API

    All Vault audit trail and audit log data is now accessible through the REST API. This release, we’ve introduced three new endpoints:

    • Retrieve Audit Types: Retrieves all audit trail and log types available to the authenticated user.
    • Retrieve Audit Metadata: Retrieves all fields and their respective metadata for a specific audit trail or log type.
    • Retrieve Audit Data: Retrieves all of the records in the specified audit trail up to 30 days ago. Data format can be either JSON or CSV.
    • Each audit entry returns with a unique ID, so you can easily remove duplicate records when when importing data into third-party tools.

    Retrieve Video Annotations API

    Section link for Retrieve Video Annotations API

    This new endpoint allows Admins to retrieve data for all annotations that exist in a video document. The response includes the following for each annotation:

    • Time signature
    • Note ID
    • Author
    • Timestamp
    • Document version
    • Note status
    • Comment text
    • Tags (if applicable)
    • Replies (if applicable)

    Domain Information API

    Section link for Domain Information API

    In v17.3, the Domain Information API response includes the vault_family__v field. This field contains information about the application family each Vault belongs to, such as Commercial, Clinical Operations, Regulatory, or Quality.

    New Query Parameters for /users

    Section link for New Query Parameters for /users

    The following user endpoints have two new query parameters:

    • GET /objects/users/me
    • GET /objects/users/{id}
    • GET /objects/users New Query Parameters:
    • exclude_vault_membership
    • exclude_app_licensing These parameters allow you to exclude vault_membership and app_licensing fields from the response, which can dramatically increase performance if you do not need this information. These parameters are false by default in v17.3 and below.

    Deprecated Workflows Field: task_reason_code__v

    Section link for Deprecated Workflows Field: task_reason_code__v

    As of v17.3, the Workflows API will no longer expose the task_reason_code__v field. Because this field is not queryable with VQL, it provides low value and clutters response data. Prior versions of the API will continue to expose this field.

    Vault Query Language (VQL)

    Section link for Vault Query Language (VQL)

    VQL Query Describe

    Section link for VQL Query Describe

    Previously, VQL users needed to understand the shape of the query response data in order to process it. To do this, the developer had to either first call one or more metadata APIs to inspect the object or document metadata, or hard-code this understanding of the metadata based on visual inspection of the Vault configuration. This feature enhances VQL to return metadata which describes the shape of the response data, so developers can easily process the response without the need for additional API calls. Learn more in the VQL Reference.

    VQL Record Properties

    Section link for VQL Record Properties

    With the introduction of Atomic Security, the permissions and set of available actions may now differ for each record and user. The VQL Record Properties feature enables programs using the API to understand the dynamic properties of each record in a result set. Understanding permissions, actions, and other properties of a record allows a client application to present the correct behavior to the end user. For example, the application is able to hide fields or make fields read-only to enhance usability. This feature enhances VQL to provide the required programmatic interfaces to external application developers. Developers can now “describe a row” of object data and build applications that respond to the dynamic security model of Vault.

    Queries without ORDER BY

    Section link for Queries without ORDER BY

    Previously, the order in which results are displayed was variable. For example, a user could call the same query twice and see the same results displayed in a different order. To enforce a specific order, users needed to use the ORDER BY operator. Starting in 17R3.0, for all versions of VQL, queries without ORDER BY now return results in a predictable default order, by relevance and internal ID.

    OAuth2.0/OpenID Connect

    Section link for OAuth2.0/OpenID Connect

    Vault is adding limited support for OAuth 2.0 / OpenID Connect authorization frameworks. With this feature, customers can build applications that can use OAuth 2.0 / OpenID Connect infrastructure to authenticate to Vault API. View these endpoints in the V17.3 API Reference. In 17R3, we are only certifying the support for OAuth 2.0/OpenID Connect with PingFederate Authorization Servers.

    Honor OAuth2.0/OpenID Connect Tokens

    Section link for Honor OAuth2.0/OpenID Connect Tokens

    The Vault API now accepts OAuth2.0/OpenID Connect tokens, acquired through pre-configured Authorization Servers, for authorizing access to protected Vault APIs.

    Discover User’s Authentication Type

    Section link for Discover User’s Authentication Type

    In this release, we’ve added a new API that allows external applications to discover the authentication type of a user. This Authentication Discovery API will help developers build applications which could dynamically adjust the the login requirements per user, and support either username/password or OAuth2.0/OpenID Connect authentication schemes.

    Register OAuth2/OIDC Authorization Server Metadata

    Section link for Register OAuth2/OIDC Authorization Server Metadata

    To enable external applications to discover and configure the login requirements and authentication flows for Vault OAuth2.0/OpenID Connect users, they need to obtain the remote authorization server metadata. This feature allows the configuration of remote authorization server metadata so that external applications can discover and download it.

    Notable Developer Portal Fixes

    Section link for Notable Developer Portal Fixes

    View the "API & VQL" category of the Fixed Issues list for Developer Feature fixes in this release. Note that API issues are fixed for the current version only unless otherwise noted.