Open topic with navigation

Breaking Changes between versions 11.52 and 12.00

The following changes require changes in existing applications that use the affected feature.

• Permissions for actions are more strictly enforced in this version. The logged-on users must have the same permissions for actions performed with the REST API as they would to perform the same action using the ALM user interface.

• Creating a site session now returns an XSRF-TOKEN cookie. Pass the value of the cookie in an X-XSRF-TOKEN header with each subsequent request. See site-session and Session Management.

• Output is sanitized. Text fields are returned with any HTML tags converted to HTML encoding. Fields containing HTML are returned with some tags converted to HTML encoding. For example <script> tags are converted to <script> . See Sanitizing Output.

• An application must explicitly create an ALM session before accessing any resource. See Session Management and site-session.

• The api-descriptor resource is no longer available. Use resource-list instead.
• Some return codes have changed to be consistent within the API and to comply with industry practice. See HTTP Return Codes.
• When getting a requirement, only the fields related to the that type of requirement are returned. When creating or updating a requirement, the action fails if data is passed for fields not related to the requirement type.
• The data format for posting a defect-link has changed. See the POST defect-links XML example for the defect-links Collection.
• The field <entity name>-ver-stamp has been renamed to ver-stamp for all entities.

Deprecated Features

• The ATOM format is deprecated in version 11.52 patches from July, 2013. Support will be removed in a future version.
• The extended-mode query parameter of the entities Collection is deprecated in version 12.00. The functionality will be removed in a future version.