Account Management

2.4.x

Release Notes

note

Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.

2.4.4

Released: August 2020

Release Highlights

Configure JWT token expiry

Account Management now reads a new AM_AUTH_JWT_EXPIRY_MINUTES environment variable that allows the expiry on generated JWT tokens to be overridden. If the environment variable is not specified, the default is 60 minutes.

2.4.3

Released: May 28, 2020

Release Highlights

Unique account external-id field

The external-id field on an account is now guaranteed to be a unique value for all accounts. It is also now possible to lookup an account using the external-id value, using the new lookup form.

Upgrade Notes

When the database upgrade scripts run for the first time after upgrading to 2.4.3, the scripts first ensure that all of the accounts have a unique external-id value. If duplicate accounts are found, one will be left alone and the others will have the account GUID appended to the value to make it unique. The external-id field will then have a unique constraint added in the database.

2.4.2

Released: February 26, 2020

Release Highlights

Added support for token response validation according to the OpenID connect guidelines.

Fixed Issues

  • Resolved the issue with store code that is added in Commerce Manager, but cannot be added in the Account Management service if the code is not alphanumeric.
  • Resolved an issue with revoking static API access key token. You can no longer revoke the static API access key token in the Account Management service.

2.4.1

Released: February 10, 2020

Release Highlights

  • The roles claim from the identity provider can now be a string value or a JSON list.
  • With the new logging options, you can now view the HTTP messages between the Account Management service and the identity provider when debugging.
  • The JWT public key variable is removed from the Account Management API. The format of the private key is now validated when you start the Account Management service.

Fixed Issues

When you start the Account Management service, the log does not display the access token.

2.4.0

Released: January 23, 2020

Release Highlights

Added event messaging capability

The Account Management API sends JMS (Java Messaging System) events when you create, update, or delete certain resources. With this capability, you can now integrate the Account Management service with other systems. For more information, see the Events API section.

Static API access key authentication

The Account Management API now supports authentication through a static API access key. You can now integrate other systems, such as a Customer Relationship Management (CRM) or Enterprise Resource Planning (ERP) to communicate with the Account Management API.

Cross-Origin Resource Sharing (CORS) Support

Account Management API now natively supports Cross-Origin Resource Sharing (CORS). As a result, the Account Management user interface no longer uses a proxy and the browser communicating directly with the API. If the ADMIN_API_URL parameter is set to an internal only value for the Account Management user interface, it must be changed to a value that the browser can access.

Last updated on 10/4/2022