Mashery Support Portals Developer Blog

RSS Feed

Updated V3 API Resources: IO Docs and Organizations

Mashery is pleased to announce the availability of new resources for our V3 API. Now you can manage your IO docs using this API, creating, updating and deleting IO Doc documents as you see fit. A great way to include that as part of your overall DevOps flow. Additionally, the Organizations feature, released last August 2016, now has its API resources available as well. You can create your organizations, associate APIs and API packages to these organization and manage the users and their roles in these respective organizations. You can learn more about the organization feature here and here. The API resources for IO Docs are available here and the ones for Organizations can be found here.

Mashery Local 4.1 is Generally Available !

We are extremely pleased to announce that the next release of Mashery Local - v4.1 is Generally Available as of today. To download this release and get access to the detailed documentation, you can visit as usual or contact Technical Support for assistance

This release includes several new features : 

1) Building upon the 4.0 release of Docker-based deployment option for Mashery Local , this release now provides support for Kubernetes configuration on AWS as well. 

2) OAuth support for Docker-based Mashery Local is included with this release

3) We have a new and improved version of the Adapter SDK that will allow Mashery Local customers to customize the API call flow in a self-service manner. Apart from the ability to customize the call flow via pre and post Processors, this release now includes an ability to customize authentication flow via the authentication extension point. With this feature, custom processors can be built to include authenications against other third party IDPs such as Ping Federate. In addition to the custom authenticator extension,the SDK includes other improvements such as being able to terminate the call flow during pre and post processing. The Adapter SDK documentation has also been revamped with more information and usage examples 

New Feature: Call Log Export

For the first time customers can now receive low-level API transaction details via automated, ongoing exports. Until now, reporting data provided via our Reporting Dashboard and API has provided aggregated data sets, but with our new Call Log Export feature, that is no longer the case!

Log files will be delivered in 30 minute slices as CSV files and will include such data as:  Request UUID, Source IP, Host name, User Agent, URI, HTTP Method, HTTP Status Code, API Key, and many more!  We have also joined the transaction data with other TIBCO Mashery Metadata, such as Package, Plan, and Service information to reduce complexity of creating helpful and actionable visualizations and insights without the overhead of having to join data tables together.

These detailed transaction logs should unlock a variety of use cases for our customers, allowing you to store Mashery call data along with your own transaction logs to get a full view of your API traffic.  Troubleshooting, threat detection, customized billing are all use cases that we have heard from our customers that will now be possible with this new feature.  Keep an eye on this blog as we are planning incremental improvements to this feature in the coming months.

Watch a quick demo of Call Log Exports working in conjunction with Redshift & TIBCO's industry leading analytics platform Spotfire.

Please see the feature documentation which also includes an FAQ.

* Please note: New Call Export profiles may take up to 3 hours for initial delivery, we are working to bring this latency down in the near term.


Integrated API Testing with API Fortress

Testing one’s APIs is a critical step in ensuring quality. An obvious statement to make, but an often overlooked one. Commonly, testing means engineering focused unit or functional tests that make everyone happy on the development and QA teams. That means that the end-users, the developers using your APIs, are often left as afterthoughts. Leaving the developer experience to be not fully tested, monitored, or improved on a continuous basis. To help our customers do a better job of testing their API facades - the APIs that they put into the hands of their developer partners - we have worked closely with API Fortress ( to make it easy to automatically generate API tests by leveraging your I/O Docs. If you are not using API Fortress, or a similar testing tool, be sure to check it out. They provide incredibly valuable testing and monitoring tech for APIs. Some sample screenshots of the integration and the product in action can be found below.

Screenshot #1: New Test Setup - Click on "Build from Mashery"

Screenshot #2: Working with an Existing Test

Screenshot #3: Viewing Status and Latency Dashboard

New Landing Page for Control Center

Continuing the theme in the second half of 2016, here at TIBCO Mashery we have been hard at work at improving the experience of the API Control Center, the web administration application that our customers use to manage their API programs. In order to help newer users understand more and more of what is available in the product, we have changed the initial page shown when entering the API Control Center, replacing the quick links to "create" processes with quick links to the high level functional areas of the product, including descriptions of what those functional areas can do for a user. Additionally, we have added some additional links on the right-hand side of the page to assist in getting more information about the product, whether to access support quickly or learn more through training videos. Sample screen-shot is shown below.


Mashery Local 4.0 is Generally Available!

The next release of Mashery Local - v4.0 was made Generally Available a few weeks back.  With this release we have included several features - some geared towards improvements in security oriented features and some towards improving dev ops flexibility around deploying Mashery Local. The new features are as below:

1) Mashery Local is now also available for deployment in Docker-based environments ( in addition to the virtual appliance form-factor). This allows administrators to easily deploy Mashery Local in either internal data-centers or external cloud platforms that support Docker based deployment choices. 

2) Mashery Local now includes full support for HTTPS server and client support. Features are included that allow administrators to configure trust and identity stores, set up HTTPS client profiles and facilitate two-way SSL if needed to the API back-end. Additionally, communication between an enterprise's load balancer and Mashery Local cluster can now be encrypted over SSL ( via a user-controlled configuration option)

3) Mashery Local now includes a secure way to manage developer secrets - a new option is now avaiable "Secure Hash Authentication" while configuring API endpoints. When this option is selected, secrets will no longer be stored anywhere either on-cloud or on-premise. Instead only a one-way hash of the secrets get stored which render them effectively useless in the event they get compromised

To download this release and get access to the detailed documentation, you can visit as usual or contact Technical Support for assistance

From darkness to light: New color scheme for API Control Center

We have more exciting UI changes coming to the Control Center. Soon you will have a more visually appealing white background for the API Control Center instead of the traditional dark one. We hope this will provide a much better visual experience for you. We are making this change for several reasons:

  • The color scheme matches with the rest of the products offered by TIBCO cloud services and provides a more unified UI experience.
  • Feedback from a majority of customers indicated a preference towards a “lighter” application.
  • It sets the stage for further enhancements to the product, including leveraging API oriented capabilities found in TIBCO Cloud Integration (

Enhanced: TIBCO Mashery Connector for TIBCO Simplr

A while back, we announced the availability of the TIBCO Mashery Connector for TIBCO Simplr (blog post here). And we haven't stopped there! Over the past month, we've been working hard to make it easier to use as well as open up more data that can be pulled out of the Mashery V3 API. The enhancements are as follows:


  • Export of package key data, with associated developer username and email
  • Export of reporting data for Package Keys, including Package, Plan, API information and developer metadata
  • Export of QPS data for Package Keys, including Package, Plan, API information and developer metadata
Additionally, we are changing the authentication mechanism so that you no longer have to provide your Mashery V3 API Key and Secret; area id, username and password are only required. This is a breaking change, meaning that you'll have to re-configure your connector in order for your flows to work.


A preview of the new actions can be seen below. Visit the original blog post to learn more about the feature in general. And visit to sign-up today.

New Header for Mashery API Control Center

We are pleased to let you know about some exciting changes coming to your Control Center experience. We have introduced a new header and incorporated a few changes based on customer feedback. For the new header "Mashery Control Center" has been replaced with "TIBCO Mashery".

The area name is displayed on the right and clicking the area name would give additional information, such as the Area UUID. This is a quick and easy way to find the UUID of a given area. Next to the area name is an icon(?) that you can click to get area information, get access to the latest Control Center documentation or get information on how to contact support.

As always we are trying to make the product better and we have bigger changes coming to the Control Center especially with regards to the look and feel. Stay tuned for more product updates. 

Mashery Local 3.1.1 is GA

Mashery Local 3.1.1 is generally available for customer download on The release includes greater access to networking system level commands for the Mashery Local administrator plus includes critical bug fixes. 

[ Page 1 of 11 | Next ]