zowe · janan07 · Jan 17, 2025 · Jan 17, 2025
diff --git a/docs/whats-new/release-notes/v3_0_0.md b/docs/whats-new/release-notes/v3_0_0.md
@@ -81,6 +81,43 @@ Some apps and features of V2 Desktop have not yet been added to the V3 Desktop
 
 The current API Gateway contains the Authentication and Authorization Service. This service will be separated as a standalone service. The Authentication and Authorization Service is the only API ML service that directly requires z/OS.
 
+* The networking standard configuration has been improved allowing for proper use and handling of TLS configuration in a unified way across the Zowe. ([#3765](https://github.com/zowe/api-layer/issues/3765))
+* Now providing a GraphiQL Playground to allow for visualizing GraphQL APIs in the API Catalog. ([#3660](https://github.com/zowe/api-layer/issues/3660))
+* Users can now extend WebSocket connection timeouts and increase header and payload capacity ([#3700](https://github.com/zowe/api-layer/issues/3700))
+* Spring Cloud Gateway has now replaced Netflix Zuul API Gateway. ([#3294](https://github.com/zowe/api-layer/issues/3294)) ([#3658](https://github.com/zowe/api-layer/issues/3658)) ([#3567](https://github.com/zowe/api-layer/issues/3567)) ([#3571](https://github.com/zowe/api-layer/issues/3571)) ([#3572](https://github.com/zowe/api-layer/issues/3572)) ([#3545](https://github.com/zowe/api-layer/issues/3545))
+* Catalog version is now added in the footer for Login, Dasboard and Detail pages. ([#3554](https://github.com/zowe/api-layer/issues/3554))
+* Added OIDC login flow schema and `allowedUsers` customization in zowe.yaml now enabled. ([#3533](https://github.com/zowe/api-layer/issues/3533))
+* API ML has implemented OIDC authentication flow in the Cloud Gateway component. The user obtains an access token in the cookies after a successful authentication against the Identity provider. ([#3510](https://github.com/zowe/api-layer/issues/3510))
+
+#### Bug Fixes in API ML
+
+* Fixed Discovery Eureka response if the service is not registred to allow to reconnect by Enabler. ([#3795](https://github.com/zowe/api-layer/issues/3795))
+* Moved security configuration back to gateway section. ([#3775](https://github.com/zowe/api-layer/issues/3775))
+* Gateway now ends with internal server error if cookies are invalid. ([#3767](https://github.com/zowe/api-layer/issues/3767))
+* `hostname` is now not resolved when not required. ([#3751](https://github.com/zowe/api-layer/issues/3751))
+* Addressed `ClosableHttpClient.execute()` resource leak on API Catalog. ([#3722](https://github.com/zowe/api-layer/issues/3722))
+* Fixed API ML prefix for registry configuration. ([#3746](https://github.com/zowe/api-layer/issues/3746))
+* ZAAS now reads configuration from Gateway as default with possibility to override with local configuration. ([#3744](https://github.com/zowe/api-layer/issues/3744))
+* Removed "AUTO" from JWT configuration and clean up outdated APARs from mock service. ([#3717](https://github.com/zowe/api-layer/issues/3717))
+* Updated default javax.net.ssl log levels. ([#3716](https://github.com/zowe/api-layer/issues/3716))
+* Enable the use of Zowe provided java location if available. ([#3714](https://github.com/zowe/api-layer/issues/3714))
+* Allow for Stacktrace on unreachable swagger and removed handling for deprecated method. ([#3699](https://github.com/zowe/api-layer/issues/3699))
+* Protected health endpoint with authentication as default. ([#3676](https://github.com/zowe/api-layer/issues/3676))
+* Enabled Pretty path URL in Gateway Swagger documentation in the API Catalog. ([#3679](https://github.com/zowe/api-layer/issues/3679))
+* Fixed Swagger API documentation for Gateway. ([#3678](https://github.com/zowe/api-layer/issues/3678))
+* Now supporting customized code snippets in case of endpoint with query params. ([#3666](https://github.com/zowe/api-layer/issues/3666))
+* Tweaked gateway status page to have consistent casing. ([#3560](https://github.com/zowe/api-layer/issues/3560))
+* Allow for Independent scanning and loading of extension's classes. ([#3548](https://github.com/zowe/api-layer/issues/3548))
+* Fixed SSL Context switching. ([#3531](https://github.com/zowe/api-layer/issues/3531))
+* Fixed z/OSMF URL. ([#3478](https://github.com/zowe/api-layer/issues/3478))
+* Updated of SSL configuration in the Tomcat. ([#3403](https://github.com/zowe/api-layer/issues/3403))
+* Apply fixes to Keyring init z/OS. ([#3314](https://github.com/zowe/api-layer/issues/3314))
+* Use `ibmzosmf` as service ID. ([#3302](https://github.com/zowe/api-layer/issues/3302))
+* Updated z/OSMF service ID. ([#3296](https://github.com/zowe/api-layer/issues/3296))
+* Updated serviceId in the Gateway starting script. ([#2889](https://github.com/zowe/api-layer/issues/2889))
+* Fixed truststore for websockets in Spring Cloud Gateway. ([#3248](https://github.com/zowe/api-layer/issues/3248))
+* Fixed static definition of z/OSMF in discovery package. ([#2889](https://github.com/zowe/api-layer/issues/2889))
+
 ### ZSS
 
 #### Breaking changes in ZSS

diff --git a/docs/whats-new/release-notes/v3_1_0.md b/docs/whats-new/release-notes/v3_1_0.md
@@ -22,6 +22,15 @@ System demos are typically held the week after a minor release becomes available
 
 ### Zowe API Mediation Layer
 
+* The external URL is now overridden for additional registration. ([#3935](https://github.com/zowe/api-layer/issues/3935))
+* OIDC token (Okta token) is now supported for authentication in API Catalog. ([#3925](https://github.com/zowe/api-layer/issues/3925))
+* Topology of API ML services on multiple sysplexes is now supported wherein certificates can be obtained from multiple sources. This feature allows communication to start on any sysplex and going through any sysplex to any other sysplex. [#3914](https://github.com/zowe/api-layer/issues/3914)
+* Users can now set the number of concurrent requests to be routed at the same time to a specific service. The feature: "Limit API usage" is part of this solution. ([#3903](https://github.com/zowe/api-layer/issues/3903))
+* Limit API usage. A custom inmemory rate limiter has been added to limit usage of predefined services. ([#3868](https://github.com/zowe/api-layer/issues/3868))
+* A validate OIDC token call to ZAAS client has been added to validate OIDC via ZAAS client. ([#3897](https://github.com/zowe/api-layer/issues/3897))
+* A Java sample has been added to show how to build a Java application that uses a client certificate to authenticate against API ML. ([#3862](https://github.com/zowe/api-layer/issues/3862))
+* A client AT-TLS setting is now supported. ([#3828](https://github.com/zowe/api-layer/issues/3828)) 
+
 ### Zowe CLI
 
 #### Zowe CLI (Core)
@@ -73,6 +82,31 @@ Zowe Version 3.1.0 contains the bug fixes that are described in the following to
 
 ### Zowe API Mediation Layer
 
+* Made "native" the default SAF authorization provider. ([#3937](https://github.com/zowe/api-layer/issues/3937))
+* Provided /zOSMF static definition conversion. ([#3938](https://github.com/zowe/api-layer/issues/3938))
+* Prevented leaking of 'exampleSetFlag' in api doc (v3.x.x). ([#3933](https://github.com/zowe/api-layer/issues/3933))
+* Improved error handling in case of failure when retrieving API doc. ([#3932](https://github.com/zowe/api-layer/issues/3932))
+* Remove dthe word 'central' from the log messages. ([#3929](https://github.com/zowe/api-layer/issues/3929))
+* Fixed services endpoint to show correct list of onboarded services. ([#3919](https://github.com/zowe/api-layer/issues/3919))
+* Provided for Auto conversion during z/OSMF static definition creation. ([#3930](https://github.com/zowe/api-layer/issues/3930))
+* Improved untrusted certificate message when certificate is not forwarded. ([#3321](https://github.com/zowe/api-layer/issues/3321))
+* Corrected apiBasePath & server URL for primary and additional Gateways. ([#3922](https://github.com/zowe/api-layer/issues/3922))
+* Enabled infinispan debug logs messages with caching service in debug mode. ([#3905](https://github.com/zowe/api-layer/issues/3905))
+* Specified content type when validating OIDC. ([#3902](https://github.com/zowe/api-layer/issues/3902))
+* Fixed handling unavailable services ([#3879](https://github.com/zowe/api-layer/issues/3879))
+* Semantic of onboarded Gateways in the multitenancy deployment. ([#3884](https://github.com/zowe/api-layer/issues/3884))
+* Upgraded spring boot with HTTP headers workaround ([#3882](https://github.com/zowe/api-layer/issues/3882))
+* Exceptions now handled that could arise in the passticket authentication schema. ([#3871](https://github.com/zowe/api-layer/issues/3871))
+* Default JDK DNS resolver now used. ([#3877](https://github.com/zowe/api-layer/issues/3877))
+* Now permitting trailing quotes in z/OSMF static definition not having matching initial ones. ([#3875](https://github.com/zowe/api-layer/issues/3875))
+* Restored handling mode of x-forwarded-prefix as it is used in v2. ([#3874](https://github.com/zowe/api-layer/issues/3874))
+* Preventing fail when headers cannot be modified. ([#3845](https://github.com/zowe/api-layer/issues/3845))
+* Fixed error message in case of TLS error. ([#3864](https://github.com/zowe/api-layer/issues/3864))
+* Updated Gateway schema with OIDC config parameters. ([#3867](https://github.com/zowe/api-layer/issues/3867))
+* SSL strictness in enabler now respected.([#3813](https://github.com/zowe/api-layer/issues/3813))
+* SSL context now configured for webclient. ([#3811](https://github.com/zowe/api-layer/issues/3811))
+* Applied minor fixes in logs. ([#3806](https://github.com/zowe/api-layer/issues/3806))
+
 ### Zowe CLI
 
 #### Zowe CLI (Core)