Build - the name of the maintenance release build the change was introduced in.
Service - the name of the service/services which is/are affected.
Method - the name of the method/methods which is/are affected.
Message - the message that explains what was changed.
Schema changed - shows whether it is required to rebuild WSDL/XSD-generated stubs for .net, Java and other static typing languages.
TT - a link to a ticket related to the change.
Build | Service | Method | Message | Schema changed | Backward compatible | TT | Resolution for system update |
|---|---|---|---|---|---|---|---|
| MR130-0 | Template | get_template_data_field_list | Marked "i_format_type" as readonly in TemplateDataFieldInfo and TemplateGroupFieldInfo. The field is still returned in responses but is no longer accepted on update — it is now derived from "i_format". | Yes | Yes | YT:BA-46962 | Values sent in this field on update are silently ignored. |
| MR130-0 | Notification | update_notification_template | Removed "i_format_type" from the variables array in input. The value was redundant and is now derived from "i_format". | Yes | No | YT:BA-46962 | Stop sending "i_format_type" in the variables array — only "i_format" is needed. |
| MR130-0 | Service | update_service | It's possible to set i_tax_transaction_code value for predefined (system) services | No | No | YT:BA-46495 | |
| MR130-0 | Session | login | A new credential pair (login, one_time_password) is now accepted from the customer and account realms — the one-time-password authenticates the user directly, without a static password. Available only from IP addresses listed in the Security.AllowLoginByOTPFrom configuration option. When the one-time-password was issued with a specific domain, the login request must originate from the same domain, otherwise it is rejected. When the user has multi-factor authentication configured, the returned session still requires 2FA confirmation before it can be used. | Yes | Yes | YT:BA-43428 | |
| MR130-0 | AccessControl | create_otp | Two optional inputs added: "otp_domain" binds the issued one-time-password to a domain (the default OTP notification templates append a trailing "@<otp_domain> #<password>" line so mobile clients can auto-fill the code, and a subsequent Session/login that uses this OTP is accepted only when the request originates from the same domain), and "skip_auth" (when set to 1) binds the OTP to the target entity instead of the caller's session, so the entity itself can later consume it via Session/login (the call must originate from an IP listed in the Security.AllowLoginByOTPFrom configuration option). The "notification_type" input is no longer mandatory — it may be omitted when an ESPF handler for the new Notification/PlatformManagement/OTPVerificationCode event is enabled, in which case the OTP is delivered via ESPF only. | Yes | Yes | YT:BA-43428 | |
| MR130-0 | Generic | get_config_data | Removed:
| Yes | Yes | YT:BA-43953 | |
| MR130-0 | Vendor | add_vendor | Removed:
| Yes | Yes | YT:BA-43953 |