Changes in the Grid Management API

StorageGRID Webscale 11.0 supports version 2 of the Grid Management API. Version 2 of the Grid Management API deprecates version 1 of the management API.

Important: You can continue to use version 1 of the Grid Management API with StorageGRID Webscale 11.0; however, support for this version of the API will be removed in a future release of StorageGRID Webscale. If you are still using version 1 of the API, you should update all management API clients to use version 2 after you upgrade to StorageGRID Webscale 11.0. Then, deactivate version 1 support. See information about the Grid Management API in the StorageGRID Webscale Administrator Guide.

API error data can be returned in HTML

Previously, error data was always returned in JSON format, regardless of what format was specified as preferred in the Accept header for the API request. Now, error data will be returned in HTML format, if HTML is specified as the preferred format.

Changes to the Auth API to protect against Cross-Site Request Forgery (CSRF)

The Authorize API accepts a new optional parameter, csrfToken. If true, CSRF tokens are required when signing in.

The csrfToken is set to true when you sign in using the Grid Management Interface or Tenant Management Interface. Applications that share cookies with one of these StorageGRID Webscale Management user interfaces might be affected by this change. See "How to protect against Cross-Site Request Forgery" in the Administrator Guide for more information.