Authorization service changes in IT infrastructure management products
Significant updates of VMmanager 6 and DCImanager 6 will take place in March 2024 in relation to authorization information exchange between platform services.
Version 3 of auth/v3 authorization service will be fully disabled and superseded by the up-to-date version 4.
Why do we make transition to auth/v4 version?
This approach eliminates discrepancies between authorization services: transition to auth/v4 allows to avoid outdated session information in auth/v3 causing potential operation errors.
Besides, desynchronization between database management systems can be eliminated: new version of authorization service helps avoiding user management errors, for instance, when creating a user prior to invitation.
Advantages of new authorization service:
Improved performance: auth/v4 is faster than auth/v3 resulting in higher speed of authorization and request processing.
Improved security*: new version of authorization service enables the use of ACL and authentication limits for increased system security. *relevant to services, whose previous operation was based on auth/v3
Transition to auth/v4 ensures single entry point for authorization and user management. This makes it simpler and easier to administer systems, integrate platforms with third-party software, work with API and perceive information in general due to concentration of messages from multiple services in a single space.
Transition to the new version of authorization service allows to reduce the number of containers, thus decreasing usable disk space of the platform and speeding up its commissioning and decommissioning. Besides, service logging becomes faster, which enables more efficient linking of URI names, such as /auth/v4/ or /vm/v3/ (endpoints) to actual location of services (container IP address and service port). Fast logging results in shorter time period between product commissioning and actual operation.
What is the idea?
Once VMmanager 6 and DCImanager 6 updates are installed in March scripts, billing systems and/or other software using authorization service version 3 (auth/v3) without version 4 (auth/v4) support, will not be able to transfer authorization data or maintain correct operation with ISPsystem products.
Please consider the following to ensure further efficient operation of VMmanager 6/DCImanager 6 with third-party solutions when using auth/v4:
For BILLmanager users: up-to-date versions of this billing platform already support this type of authorization, and no additional actions are required on your end.
For HostBill or WHMCS users: you will need to update these billing systems to up-to-date versions. The oldest acceptable WHMCS version is the one dated November 2023. Up-to-date versions of both of these systems support auth/v4.
For platform users with their own scripts and in-house billing: you will need to make unassisted corrections.
Also please note, that once VMmanager 6 and DCImanager 6 updates are installed in March, you will not be able to reactivate authorization version 3.
Instruction for transition to authorization service version 4, using VMmanager 6 as an example:
Open Swagger for VMmanager 6, section REST API Documentation Tool and find the section related to authorization service (usually section auth_v4).
Find API methods related to user creation, updating and deleting in the current version of authorization service (auth/v3).