System property changes

System property change log for all supported versions of API Gateway and API Manager since version 7.5.3.

34 minute read

Traditionally, the JVM.xml file has allowed customers to tweak the behavior of the API Gateway by defining Java system properties.

This page lists all of the Axway-defined Java system properties, per version, from 7.5.3 up to the present, and it explains their purpose and the context in which they are employed.

  • The first table, 7.5.3, contains all the properties created in this version.
  • All subsequent tables contain newly added properties introduced in that specific version, or service pack, and the assumption is that properties listed in previous tables are inherited.
  • Note that because of fix ports, some properties might be duplicated among the three versions: 7.5.3, 7.6.2, and 7.7.

You must update the extension jvm.xml file, located at /apigateway/groups/[group X]/[instance Y]/conf, to apply settings to a single API Gateway instance, and you must update the extension jvm.xml file, located at /apigateway/conf/, to apply changes to all API Gateway instances on the local machine.

These files do not exist by default, so you must create them first. Both files require that all settings are wrapped in a single <ConfigurationFragment> tag, for example:

<ConfigurationFragment>
<!-- Your notes, e.g. a link to this page. -->
<VMArg name="-Dsome.property=some.value"/>
</ConfigurationFragment>

It is best practice to add XML comments as a reminder for what the setting does, and why the change in behavior is required.

7.5.3

All Java system properties that exist in the code up to and including the 7.5.3 release.

System property Context Description
OAUTH_DIGEST_ALGORITHM API Gateway; OAuth Specifies the digest algorithm used to store and retrieve tokens from a datastore. When a token is generated it will be hashed with the specified algorithm for storage, when a token is received its value is hashed to retrieve the token properties. The token is also used to store OAuth request state during a three-legged flow. A state ID is generated and the state of a request is stored in a cache against the hash of the state ID. The state can be retrieved in a later request by hashing the state ID and looking it up in the cache. Default value: SHA1.
oam.compatibility.mode API Gateway; Oracle Access Manager; Filter Runtime Specifies the Oracle Access Manager server version to which the Oracle Access Manager filter connects. Possible values: OAM_10G, OAM_11G (default value).
oam.install.dir API Gateway; Oracle Access Manager; Filter Runtime Specifies the path to the OAM Access SDK directory.
apiconnnector.http.proxyHost API Manager; Connectors Specifies the HTTP proxy host to be used by the API Manager Connector
apiconnector.http.proxyPort API Manager; Connectors Specifies the HTTP proxy port to be used by the API Manager Connector
ApiQuotaController.SystemName API Manager; Quotas Specifies the name of the global system-level quota in API Manager. Default value: System.
ApiQuotaController.SystemDescription API Manager; Quotas Specifies the description of the global system-level quota in API Manager. Default value: Maximum message rates aggregated across all client applications.
ApiQuotaController.ApplicationName API Manager; Quotas Specifies the name of the default application-level quota in API Manager. Default value: Application Default.
ApiQuotaController.ApplicationDescription API Manager; Quotas Specifies the description of the default application-level quota in API Manager. Applied to each application unless an application-specific quota is configured. Default value: Maximum message rates per application.
cache.results API Gateway; Filter Runtime; Database; LDAP Specifies whether the Extract Attribute filters (Database, LDAP) should cache their results. Default value: true.
auditLogOffloadCron Node Manager; Logging; Audit Specifies the CRON expression indicating the schedule for the audit log upload. Audit settings, including host and port of the remote server to which the logs will be uploaded, are read from /system/conf/auditSettings.json. Default value: 0 0/5 * ? * * *
OAUTH_AUTHZ_EXPIRATION_SECS API Gateway; OAuth Number of seconds in which an authorization code should expire. Default value: 20.
PRETTY_PRINT_KPS KPSAdmin Specifies whether to pretty-print JSON when taking back up of KPS tables. Default value: true.
CASSANDRA_RETRY_MAX_DELAY_MS Cassandra Specifies the maximum delay in milliseconds between reconnection attempts to Cassandra. Default value: 40000
THROTTLING_RECORT_TTL Cassandra Specifies the amount of time to wait, in seconds, before garbage collecting tombstones (deletion markers). For a single-node cluster this value can be safely set to zero. Default value: 20.
api.manager.querystring.passthrough API Manager; HTTP If set to true, query parameters are sent unmodified to the backend service, rather than performing any parameter mapping that may have been configured.
See related alternative flag com.coreapireg.apimethod.querystring.passthrough introduced in 7.7.SP20201130 which also removes undefined query parameters from the back-end request.
ALLOW_NULL_VALUES_FROM_DB Database Allow NULL values to be included in Database query result sets. Default value: false
remoteTraceLimit Trace; Logging Sets the maximum number of lines that can be present in the deployment trace (which is displayed in PolicyStudio post-deployment). Default value: 1000.
DOMAIN_STATUS_INTERVAL Specifies the interval, in seconds, that the domain status is checked. If the Topology or AdminUsers files are out of sync an attempt is made to repair the domain. Note, only nodes marked as ‘alive’ are taken into account when repairing. Default value: 120.
OAUTH_ERROR_PROPERTIES_FILE API Gateway; OAuth Specifies the location of a property file that contains a list of error details pertaining to OAuth grants. This allows customers to override the error response strings. Default value: com/vordel/circuit/oauth/provider/grants/errors.properties. The file must contain the following property names:
invalid_request
unauthorized_client
access_denied
unsupported_response_type
invalid_scope
server_error
temporarily_unavailable
invalid_client
invalid_grant
unsupported_grant_type
invalid_token
insufficient_scope
interaction_required
login_required
account_selection_required
consent_required
invalid_request_uri
invalid_request_object
request_not_supported
request_uri_not_supported
registration_not_supported
VINSTDIR An instance directory. Specifies the location of the running server instance. For API Gateway, this is the location where the server will run from, normally located in the /groups/<group-id>/<instance-id> directory. For a Node Manager, this is the location where the product has been installed.
showclasses Internal; PolicyStudio In the policy view/pane, when enabled the internal Java class associated with a filter is displayed on the filter tooltip.
ftpPassivePorts API Gateway; FTP Specifies the passive ports to be used for passive mode FTP data connections. You can define ports as single ports, or closed or open ranges. Multiple definitions can be separated by commas, for example:
2300: only use port 2300 as the passive port
2300-2399: use all ports in the range
2300-: use all ports larger than 2300
2300, 2305, 2400-: use 2300 or 2305 or any port larger than 2400
ftpPassiveAddress API Gateway; FTP Specifies the address used for passive FTP connections.
ftpPassiveExternalAddress API Gateway; FTP Specifies the passive address that will be returned to clients on the PASV command.
com.vordel.strictUriSyntaxChecking API Gateway; HTTP When set to true, on receiving a HTTP request the request URI is parsed as per RFC 2396, primarily to validate against the list of excluded characters as listed on Excluded US-ASCII Characters. Default value: true.
upgraderef Internal; Policy Studio Specifies the URL to an entity store used as a reference store for type information (for example, type definitions) during the import of a fragment.
sslContextProtocol API Gateway, API Manager, Node Manager, Policy Studio, and SSL Specifies the SSL protocol used by any Node Manager-related clients: Policy Studio, Client scripts that use Node Manager APIs (for example, KPSAdmin, deploy_fragment, setup-apimanager), and when API Manager interfaces with the NodeManager router API to glean topology and virtualized service information.
JMS_ROLLBACK_ENABLED API Gateway; JMS Specifies whether to rollback JMS messages read by the consumer. Default value: true.
JMS_CONNECTION_THREAD_PATTERN API Gateway; JMS Specifies the regex pattern to use to determine whether to launch a separate thread to start the JMS session. Default value: (?i)weblogic
avoidLDAPQueryEscaping API Gateway; LDAP Specifies whether the following characters are escaped when API Gateway performs an LDAP query: * → \2a, ( → \28) → \29, \ → \5c, NUL → \00. Default value: true.
connectionFactoryNames Specifies the connection factories that the sample client should use when creating a JMS connection. Default value is a comma-separated list connectionFactory, xAConnectionFactory, queueConnectionFactory, topicConnectionFactory.
demo.hours Analytics; Demo Number of hours of historical data to generate for the metrics demo. If this property is not present, the demo is disabled.
demo.apiMgr API Manager; Analytics; Demo Indicates that metrics data should appear to come from API Manager. If absent or set to ‘false’, data will appear to come from a normal API Gateway. Default value: false.
kingsOfSOA Internal; Policy Studio; Testing Displays an additional ‘Testing’ item on the context menu of API Gateway tree node; provides a shortcut to all the available filter dialogs for quick testing.
OAUTH_ACCESS_TOKEN_EXPIRATION_SECS API Gateway; OAuth Specifies the length of time, in seconds, that an OAuth access token is valid for. Not currently used in API Gateway, but exists if customers wish to generate a refresh token from scripts/policies using OAuth2RefreshToken.generate(length). Default value: 43200.
OAUTH_REFRESH_TOKEN_EXPIRATION_SECS API Gateway; OAuth Specifies the length of time, in seconds, that an OAuth refresh token is valid for. Not currently used in API Gateway, but exists if customers wish to generate an access token from scripts/policies using OAuth2AccessToken .generate(length). Default value: 2592000
com.axway.oauth.acceptRequestScopes API Gateway; OAuth Specifies whether scopes present in the request are automatically accepted, if valid for client. Default value: false.
dochelper Policy Studio; Internal For debugging purposes, stores the help IDs of the filter pages associated with an item in the filter palette.
openTrafficMaxFilesPerDir API Gateway; Logging; Open Traffic Specifies the maximum number of files that can exist in the Open Traffic Event Log storage directory. Default value: 5000
openTrafficWriteMethod API Gateway, Logging Specifies how Open Traffic Event Logs are written. Possible values: ASYNC_FILE_CHANNEL (default option), which writes logs asynchronously to disk, and FILE_CHANNEL, which writes logs synchronously to disk.
openTrafficMaxAsyncOps API Gateway; Logging; Open Traffic Specifies the maximum number of asynchronous writes that can occur when persisting Open Traffic Event Logs to disk. This property is employed when ASYNC_FILE_CHANNEL is enabled. Default value: 16.
openTrafficMaxAsyncCloseOps API Gateway; Logging; Open Traffic Specifies the maximum number of close operations that can occur when completing the writing of an Open Traffic Event Log; i.e. the maximum number of files that can be closed asynchronously. This property is employed when ASYNC_FILE_CHANNEL is enabled. Default value: 32.
projectroot Policy Studio Specifies the directory (relative to user.home) where PolicyStudio projects will be stored. Default value: apiprojects.
sendResponseInReflect API Gateway; Filter Runtime; Reflect When set to true, the behavior is to send the response as part of the filter processor, as opposed to sending the response after the filter has completed. Default value: false.
caseSensitiveQueryParams API Gateway; HTTP Specifies whether case-sensitive query-string parameters are supported. For example, consider the following URL: http://localhost:8080/test?hello=world&Hello=world. When this property is specified, the gateway runtime will see two distinct parameters, hello and Hello, rather than just one that has two values. Default value: false.
com.vordel.rbac.policy API Gateway; Node Manager; RBAC Specifies the ACL file to be used by the RBAC processor. By default the API Gateway uses $VINSTDIR/conf/acl.json and the Node Manager uses $VDISTDIR/conf/acl.json, both of which are set in $VDISTDIR/system/conf/jvm.xml.
javascriptDelay - Specifies the number of milliseconds to wait for the webpage to load prior to generating the PDF report. Default value: 300000.
schemaFullChecking API Gateway; XML; Schema Validation Specifies whether strict schema checking is performed when validating XML schemas. Default value: true.
ExpandMissingAttributeInSelectorBehaviour API Gateway; Selectors; Message Attributes; Runtime When evaluating a selector with string components other than a top-level “${..}” expansion, the expression evaluator coerces the constituent dynamic parts of the expression to strings, and subsequently returns a string. By default this uses Dictionary.toString() which results “[invalid field]” being returned. When this property is specified, the behavior is as follows:
REPLACE_LITERAL:foo expression evaluates to foo
EMPTY_STRING expression evaluates to ""
THROW_EXCEPTION expression evaluates to null
Default value: LEAVE_ATTR
ExpandMissingAttributeBehaviour API Gateway; Selectors; Message Attributes; Runtime The value specified for ExpandMissingAttributeBehaviour is the default value for ExpandMissingAttributeInSelectorBehaviour, meaning that customers can control what the default is.
IGNORE_ENCODING Specifies whether to ignore the configured encoding (default being utf-8) when configuring the Sentinel server external connection. Default value: false.
urlEncodeInvalidQueryStringParamChars API Gateway; HTTP Specifies the list of characters that may be deemed invalid for query-string parameters, as per RFC 2396, meaning that those characters that raise a URISyntaxException when creating a java.net URI. Any of those characters listed are subsequently earmarked for encoding as per RFC 3986, Section 2.1, so as to maximize the chances of the URI being processed successfully.
API_SERVER_TRANSACTION_COOKIE_NAME API Gateway; Session Cookies Specifies the name of the API Gateway transaction cookie. Default value: VIDTXN.
API_SERVER_USER_COOKIE_NAME API Gateway; Session Cookies; Specifies the name of the API Gateway user session cookie. Default value: VIDUSR.
vordel.trace.level API Gateway; Trace; Logging Used to set the trace level for the logger. Default value: DEBUG.
vordel.trace.size.kb API Gateway; Trace; Logging Used to set the maximum trace file size for the logger. Default value: 10000.
vordel.relative.trace.dir API Gateway; Trace; Logging Specifies the path to the logger trace file. The path is relative to user.dir.
com.axway.sso.domain.name API Manager; Single Sign-on Specifies the cookie domain name, the name of the domain for which the cookie is valid. Used for single sign-on. The default value is an empty string, which means the onus is on the browser to construct the domain.
ADD_SITEMINDER_LEGACY_ATTRIBUTES API Gateway; Filter Runtime; Siteminder; Authentication; Specifies whether to add legacy Siteminder attributes to the message whiteboard. Only Siteminder attributes in the form of a name/value pair are added. The list of attributes is placed in the ${attribute.lookup.list} message property. Individual attributes are added with the prefix ${user.propertyName} where propertyName is the name of the Siteminder property. Default value: false.
dont.expect.100.continue API Gateway; HTTP; Connection; ConnectToUrl Controls whether an Expect header, with a value of 100-continue, is sent as part of a request to a backend service initiated by the API Gateway connection filters. Default value: false.
version2.TransformerFactory API Gateway Specifies the fully qualified name of a provider class from a version 2+ XSLT transformer factory library to be used by the XSLT Transformation filter. This class must be added to the API Gateway’s classpath. The simplest way to add the class to the classphath is to drop the required JAR file into the INSTALL_DIR/apigateway/ext/lib directory, where INSTALL_DIR refers to the root of the API Gateway installation. The transformer factory is set using the following precedence rules:
XSLT Transformation 1. Use the factory specified at the filter-level.
Stylesheet 2. If not present (or blank), check for version 1 XSLT, in which case use com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl.
- 3. Otherwise, use the factory specified by this property.
vordel.policy.wspoliciesDir API Gateway; Web Services; WSPolicy Specifies the directory, relative to $VDISTDIR/system/conf, from which to load WS-Policy constraint information (.properties files loaded and displayed in Policy Studio when configuring WS-Policy for a registered Web Service) and policies (WS-Policy XML documents) that are applied at runtime.
VDISTDIR - A distribution directory. Specifies the location where the product has been installed. For an API Gateway this is the location where the product has been installed. For a Node Manager this is the location where the product has been installed.
cloud.trial.duration API Manager; Trial API Manager Cloud Trial; Specifies the amount of time, in days, that the API Manager trial will last.
file.upload.ignore API Gateway; FTP Regular expression that specifies the files to be ignored during an FTP transfer to API Gateway. Ignores .part suffixes by default as file upload filter uses .part as a temporary filename before renaming. Default value: .*\.part$.
internal.keep.temp.cert.files Internal; API Gateway; Node Manager; Domain; Certificates Specifies whether temporary certificate files, generated as part of Node Manager and API Gateway registration, remain on disk post setup.
showesx Internal; Policy Studio When set to true, adds an additional item to the Window menu, allowing users to launch ESExplorer as an embedded view within PolicyStudio. Default value: false.
auditLogOffloadNeverDuplicate API Gateway; Logging; Audit When set to true, specifies that if during an audit log rollover an error occurs (for example, the API Gateway instance is down), then the current audit log is not uploaded. Default value: false.
showWorkspaceView Internal; Policy Studio When set to true, allows the Workspace view to be displayed in Policy Studio, primarily to help with issues regarding the internal workings of Visual Mapper.
showEnvDecoratorColor Internal; Policy Studio Changes the background color of dialog panels to identify/highlight margin overruns caused by environmentalization decorations
jmsReConnectOnConnFailure JMS Specifies whether a reconnection to the JMS server is performed when the configured JMS provider raises a connection error. Default value: true.
jmsConnStartupAsync JMS Specifies whether the first JMS connection attempt is detached from the API Gateway startup sequence. When set to true, the API Gateway starts even if the JMS connection cannot be established. Default value: false.
perform.unresolved.check Configuration Studio When set to true, checks for unresolved references when opening an archive (Policy Archive + Environment Archive) and reports an error if any exist. Default value: false.
sleak Internal; Policy Studio Enables SWT resource profiling; Launches the S-Leak application in tandem with Policy Studio.
xmleditorextras Policy Studio Augments the application preferences with additional entries for XML editing; XML > XML Catalog and XML > XML Files > Validation
VApiRuntime.addFullApiConfiguration API Manager; Runtime When set to true, the entire Virtualized API model object is added to the message whiteboard for use in downstream policies. By default, this object is not added to the whiteboard as it can contain sensitive data which may potentially be vulnerable to selector injections. Default value: false.
ApiClientCacheTagsSize API Manager; Cache Specifies the maximum size (in bytes) for application and organization tags that are maintained by the API Manager cache. Default value: 2048.
auditLogRotateMaxFiles API Gateway; Logging; Audit Specifies the maximum number of audit log files to store on disk before the API Gateway starts to remove the oldest files. Default value: 50.
jmsConnStartupTimeoutMillis API Gateway; JMS If JMS is configured not to reconnect on error, this property specifies the maximum amount of time to wait (in milliseconds) whilst attempting to establish the initial JMS connection. Establishing the connection is done using an exponential backoff algorithm starting at 50ms up to the maximum specified by this property. Default value: 10 * 60 * 1000.
jmsReConnectMaxInterval API Gateway; JMS If JMS is configured to reconnect on error, this property specifies the maximum amount of time to wait (in milliseconds) whilst attempting to reestablish the JMS connection. Reestablishing the connection is done using an exponential backoff algorithm starting at 100ms up to the maximum specified by this property. Default value: 60 * 1000.
passportConnPrefillMaxRetryIntervalMillis API Gateway; Axway Passport Specifies the maximum amount of time to wait (in milliseconds) whilst attempting to establish an initial Axway Passport connection. Establishing the connection is done using an exponential backoff algorithm starting at 500ms up to the maximum specified by this property. Default value: 3 * 60 * 1000.
PolicyStudio.MaxRecentProjectsCount Policy Studio Specifies the maximum number of recent projects to list on the Recent Projects tab in Policy Studio. Default value: 10.
auditLogRotateFileSize Logging; Audit Specifies the maximum size, in bytes, of the audit log file, before it is closed and rolled over to a new file. Default value: 5L * 1024L * 1024L.
jmsMsgRcvExceptionTimeoutMillis API Gateway; JMS Specifies the amount of time to wait (in milliseconds) prior to attempting to consume JMS messages from the configured queue, after a connection-related exception has occurred. Default value: 10 * 1000.
jmsMsgRcvInitialExceptionTimeoutMillis API Gateway; JMS Specifies the amount of time to wait (in milliseconds) prior to attempting to consume JMS messages from the configured queue after a non-connection-related exception has occurred. The initial value is calculated as follows: n * 2 * errorCount, where n is the value of this property. Default value: 10.
jmsMsgRcvMaxExceptionTimeoutMillis API Gateway; JMS Specifies the maximum amount of time to wait (in milliseconds) prior to attempting to consume JMS messages from the configured queue after a non-connection-related exception has occurred. Default value: 10 * 1000.

7.5.3 SP1

No new Axway-defined Java system properties were introduced in this release.

7.5.3 SP2

Axway-defined Java system properties introduced in the 7.5.3 SP2 release

System Property Context Description
SKIP_KPS_SECONDARY_KEY_CHECK_FOR_CREATE API Gateway; API Manager; KPS Specifies whether or nor bad data can be imported via KPS. This involves the skipping of secondary key checks to allow data to be imported. Default value: false.
com.vordel.apimanager.uri.path.trailingSlash.preserve API Manager; Runtime Specifies whether the trailing slash in last component of the path of the URI must be preserved.

7.5.3 SP3

Axway-defined Java system properties introduced in the 7.5.3 SP3 release

System Property Context Description
wsdlImport.suppressSchemaValidationErrors API Gateway; API Manager; WSDL Specifies whether schema validation errors, due to strict validation being performed, should be suppressed during the import/virtualization of semantically invalid WSDLs. If set to true, validation exceptions are logged, but not thrown. Default value: false.
ConnectToUrlFilter.removePreviousConnections API Gateway; Filter Runtime; HTTP; ConnectToURL Specifies whether previous outbound HTTP connections (made using the ConnectToURL filter) are released. By default the API Gateway releases all connections when policy execution has completed. This means that if a ConnectToURL filter is invoked numerous times, the number of connections in the CLOSE_WAIT state can end up being very high. Configuring this property circumvents this issue. Default value: false.

7.5.3 SP4

No new Axway-defined Java system properties were introduced in this release.

7.5.3 SP5

Axway-defined Java system properties introduced in the 7.5.3SP5 release

System Property Context Description
fastCoverage Policy Studio; Specifies whether optimized filter coverage is performed. Loading a complex policy that contains a large number of filters (including a high number of filters with success/failure paths) can take a long time. Setting this property to true can speed up the policy loading, but at the cost of a potentially inaccurate list of filter attributes being displayed. Default value: false.

7.5.3 SP6

No new Axway-defined Java system properties were introduced in this release.

7.5.3 SP7

Axway-defined Java system properties introduced in the 7.5.3 SP7 release

System Property Context Description
com.axway.apimanager.fault.resetHeaders.http429 API Manager; HTTP Specifies whether response headers are reset/cleared when a HTTP 429 (Too Many Requests; i.e. when a quota has been exceeded) error occurs. Default value: false.
com.axway.apimanager.fault.removeContentBody API Manager; HTTP; Fault Handlers Specifies whether to remove the reflected request body in an API Manager-generated 400, 404, 405 or 429 HTTP response. By default API Manager reflects the request body in generated responses for 400, 404, 405, and 429 HTTP errors that are not handled by Global Fault handlers. Setting this property to true circumvents this issue. Default value: false.
distributed.ehcache.cache.reload.pause.secs API Gateway; EHCache Specifies the duration, in seconds, to pause before recreating caches. Configuration deploy can break distributed ehcache operations. Introducing a delay between re-creating the ehcache manager and the caches themselves resolves the issue. Default value: 5.
OCSP_RSP_VALID_UNTIL_EXPIRATION API Gateway; OCSP; Filter Runtime If set to true, specifies that the OCSP response is valid until the nextUpdate field in the response. Default value: true.
OCSP_RSP_VALID_UNTIL API Gateway; OCSP; Filter Runtime If OCSP_RSP_VALID_UNTIL_EXPIRATION property is set to false, this property specifies the expiry time for OCSP response. Default value: 0.
OCSP_RSP_VALID_UNTIL_UNITS API Gateway; OCSP; Filter Runtime If OCSP_RSP_VALID_UNTIL_EXPIRATION property is set to false, this property specifies the the units relating to OCSP_RSP_VALID_UNTIL; Possible values: ‘days’, ‘hours’, ‘minutes’, ‘seconds’. Default value: days.
OCSP_RSP_VALID_FOR API Gateway; OCSP; Filter Runtime When an OCSP response with no validation date is encountered, this property specifies how long the OCSP response is valid for. Default value: 6.
OCSP_RSP_VALID_FOR_UNITS API Gateway; OCSP; Filter Runtime When an OCSP response with no validation date is encountered, this property specifies the units relating to OCSP_RSP_VALID_FOR; Possible values: ‘days’, ‘hours’, ‘minutes’, ‘seconds’. Default value: ‘hours’.

7.5.3 SP8

Axway-defined Java system properties introduced in the 7.5.3 SP8 release

System Property Context Description
pgpFailDecryptNoSignature API Gateway; PGP; Filter Runtime Specifies whether to raise a PGPException if ${content.body} contains an unsigned OnePass signature. Default value: false.
com.axway.apimanager.fault.legacy API Manager; Runtime; Fault Handlers Specifies whether to invoke the API Gateway’s generic fault handler when one of the following errors occurs during the processing of an API request. When set to true only API Manager’s internal fault handler is invoked, otherwise both the API Gateway’s generic fault handler and the API Manager internal fault handler get invoked, in that order. Default value: false.
com.axway.websocket.policy.onclose API Gateway; Websockets Specifies the ShorthandKey to a policy that will get invoked when the Websocket connection has closed.

7.5.3 SP9

Axway-defined Java system properties introduced in the 7.5.3 SP9 release

System Property Context Description
com.apimanager.application.oauth.restrictScopes API Manager; OAuth; Scopes When querying for application scopes, specifies whether to restrict scopes to those explicitly defined for the application (in API Manager, see Enable application scopes), as opposed to including all scopes defined for all APIs that the application has been granted access to.
com.axway.oauth.scopes.check.all.legacy API Gateway; API Manager; OAuth Specifies whether a request is rejected if additional scopes, not configured for OAuth inbound security, are present in the message. When set to true, additional scopes are permitted. Default value: false.
com.axway.apimanager.csrf API Manager; CSRF Specifies whether CSRF checks are performed in API Manager. This property allows CSRF to be switched off. If set to false, CSRF is disabled. Default value: true.

7.5.3 SP10

Axway-defined Java system properties introduced in the 7.5.3 SP10 release

System Property Context Description
com.axway.response.redirect.location.relative API Manager; HTTP; Redirects Specifies whether the Location header, as part of a 3030 response, contains a relative URI. If absolute URIs are required this property can be set to true. Default value: true.
com.axway.apimanager.proxy.defaultPath API Manager; Virtualization In API Manager, this property specifies the default resource path for a Frontend (virtualized) API. Default value: /api
com.axway.apimanager.eventtimestamp.ignorettl API Manager; Cassandra; KPS Specifies whether to ignore TTL (time-to-live) for timestamped events (API Manager’s PortalTimestamp table). If set to false, events are purged solely by API Manager, rather than Cassandra using TTL to expire data. In a multi-node setup, setting this property can circumvent synchronisation issues between Cassandra nodes, where TTL can prematurely expire data. Default value: false.
com.axway.apimanager.api.data.cache API Manager; Cache Specifies whether to enable caching to improve general system performance and speed. External clients, API keys, and OAuth credentials caches are optimized so that updates to the cache no longer block API Manager runtime traffic, resulting in performance improvements for corresponding API Manager APIs. As a result of the non-blocking cache updates, API Manager memory consumption will increase, particularly in systems with large numbers of external clients, API keys or OAuth credentials. Default value: false.
com.axway.apimanager.apiImport.secure.serverCertificateVerification API Manager; Import Specifies whether hostname verification is performed during the import of an API from an SSL-protected endpoint.This setting was introduced to allow the import of APIs from an endpoint protected by a self-signed certificate. Default value: false.
com.axway.apimanager.apiImport.secure.strictCertificateChecking API Manager; Import Specifies whether certificate validation is performed during the import of an API from an SSL-protected endpoint.This setting was introduced to allow the import of APIs from an endpoint protected by a self-signed certificate. Default value: false.
com.axway.soap.faultnamespace API Gateway; WSDL; SOAP; Runtime Specifies the namespace to be used when generating a SOAP Fault response. By default the fault namespace indicates that the SOAP fault originated from an Axway API Gateway. This property can be employed to circumvent any potential security risk. Default value: Soap Faults
com.axway.apimanager.fault.global API Manager; Runtime; Fault Handlers Specifies whether to fallback to the API Gateway’s global fault handler when an error occurs during API request processing in API Manager. Default value: false.
com.coreapireg.apimethod.contenttype.legacy API Manager; Runtime Specifies whether to perform Content-Type validation on incoming API Manager requests. API Manager generates a No Match For Request error when Content-Type is not equal to the API method MIME type. Setting this property to true disables this check. Default value: false.

7.5.3 SP11

Axway-defined Java system properties introduced in the 7.5.3 SP11 release

System Property Context Description
com.axway.apigw.anm.http.proxyPort API Gateway; Node Manager Specifies the hostname of the proxy server to use when making a connection to the Node Manager.
com.axway.apigw.anm.http.proxyHost API Gateway; Node Manager Specifies the port of the proxy server to use when making a connection to the Node Manager.

7.5.3 SP12

Axway-defined Java system properties introduced in the 7.5.3 SP12 release

System Property Context Description
com.axway.apimanager.queue.ttl API Manager; KPS; Cassandra Specifies the time to live for records pertaining to users, organizations or applications requiring verification or approval. By setting this TTL property, Cassandra will automatically remove invalid or expired verification/approval requests from the database. This may be set in order to implement certain GDPR requirements. Default value: 604800
com.axway.apimanager.apiclient.cache.response.legacy API Manager; Cache Specifies whether to throw a HTTP 401 or 503 exception when the API Client cache is not available. If set to true, the legacy behavior is performed, and a 401 error is returned to the client when requesting items from the cache, otherwise a 503 error is returned. 401 errors may occur during cache initialization, particularly if there is a large number of items being read from Cassandra on startup. Default value: false.
com.vordel.apimanager.swagger.method.singleslash.ignore API Manager; Swagger; Virtualization Specifies whether to remove / from the API method path so that it is not sent to the backend service. The removal will only occur when the method path is set to /. This will happen for both WSDL and REST services. Default value: false.
com.axway.oauth.scopes.openid.allow API Gateway; API Manager; OAuth; OpenID Connect Specifies whether the openid scope is permitted when generating an access token. By default openid is always accepted as a valid scope in all OAuth configurations. Default value: true.
com.axway.apigw.smime.sign.md API Gateway; SMIME; Filter Runtime Specifies the digest algorithm to be used by the SMIME Sign filter. The default SMIME digest algorithm can also be changed via ${com.axway.apigw.smime.sign.md} message attribute. The policy message attribute supersedes the Java system property. Default value: sha256. The following digest algorithms are supported:
- sha1
- sha224
- sha256
- sha384
- sha512
The corresponding SMIME Content-Type header micalg attribute is set accordingly.

7.5.3 SP13

Axway-defined Java system properties introduced in the 7.5.3 SP13 release

System Property Context Description
com.axway.coreapi.method.servicecontext.clientattr API Manager; Runtime; Metrics; OAuth This property was created for API Manager OAuth traffic. It controls the client attribute name to be written to the service context of the metrics/RTM event log. If set to true, the value of ${authentication.application.id} is written to the service context, otherwise the value of ${authentication.subject.id} is written. Default value: false.
sftp.close.timeout API Gateway; SFTP Specifies the amount of time, in seconds, to wait while gracefully closing an SFTP connection. Default value: 5.
mail.mime.charset API Manager; Email Specifies the charset used for emails sent by API Manager. Defaults to us-ascii.

7.6.2

Axway-defined Java system properties introduced in the 7.6.2 release

System Property Context Description
xmlSaxParserMaxPoolSize API Gateway; XML; Filter Runtime Specifies whether to create thread-local, that is, 1 instance per thread, or pooled cache of SAX parsers. If its value is greater than 0, a pooled cache is assumed. The following filters directly employ this property when set: WS-Security Policy Layout, XML Complexity. Default value: 0.
schemaCacheSize API Gateway; XML; Schema Validation; Filter Runtime Specifies the size of the cache used by the Schema Validation filter. Schemas are stored in the cache as an optimization, so as not to generate them each time the filter is invoked (which has a large overhead). Least recently used items are evicted from the cache when the cache reaches capacity. Default value: 10.
lineFeed API Gateway; Logging; Transaction Event Specifies the the character to use as the line feed. Under the hood, this actually uses the line.separator system property.
groupId API Gateway; Logging; Transaction Event; Open Traffic Specifies the identifier of the topology group, which is used to generate the name of the log file and also appears in the log header.
serviceId API Gateway; Logging; Transaction Event; Open Traffic Specifies the identifier of the topology service, which is used to generate the name of the log file.
hostname API Gateway; Logging; Transaction Event Specifies the hostname on which the API Gateway process is running. Written to the log header
domainId Logging Specifies the domain identifier in the topology. Written to the log header.
version API Gateway; Logging; Transaction Event Specifies the version of the API Gateway. Written to the log header.
event.log.group.name API Gateway; Logging; Transaction Event Specifies the name of group to which the API Gateway belongs. Written to the log header.
event.log.service.name API Gateway; Logging; Transaction Event Specifies the name of the API Gateway service. Written to the log header.
APIGatewayTxnEventLog.dir API Gateway; Logging; Transaction Event Specifies the directory in which the transaction event log files will reside.
APIGatewayOpenTrafficEventLog.dir API Gateway; Logging; Open Traffic Specifies the directory in which the open transaction event log files will reside.
APIGatewayOpenTrafficEventLog.maxFileSize API Gateway; Logging; Open Traffic Specifies the maximum size of an open traffic log file.
APIGatewayOpenTrafficEventLog.maxDiskSize API Gateway; Logging; Open Traffic Specifies the maximum amount of space open traffic log files can occupy on disk.
entityStore.typeFactory Internal; API Gateway; Entity Store com.vordel.es.EntityTypeFactoryImpl Specifies a factory for creating Entity Stores.

7.6.2 SP1

Axway-defined Java system properties introduced in the 7.6.2 SP1 release

System Property Context Description
OpenTrafficLog.configurationFile API Gateway; Logging; Open Traffic Specifies the location of the Open Traffic Log configuration file. Default value: ${VDISTDIR}/system/conf/loggers/openTrafficLog.yaml.

7.6.2 SP2

No new Axway-defined Java system properties were introduced in this release.

7.6.2 SP3

No new Axway-defined Java system properties were introduced in this release.

7.6.2 SP4

No new Axway-defined Java system properties were introduced in this release.

7.6.2 SP5

Axway-defined Java system properties introduced in the 7.6.2 SP5 release

System Property Context Description
com.axway.apimanager.api.model.disable.confidential.fields API Manager; Swagger; Export Specifies whether fields containing sensitive information (e.g. passwords) should be serialized. Setting this property to false will result in authenticationProfile.parameters['password'] being present in a serialised export of a Frontend API. Default value: true.
com.axway.json.parser.legacy API Gateway; API Manager; JSON Specifies whether the DeserializationFeature.FAIL_ON_TRAILING_TOKENS feature is configured for parsing JSON. This feature applies more rigour when parsing JSON payloads, thus preventing malformed JSON from being processed by the Gateway, and potentially sent on to backend services. Setting this property to true will relax the validation. Default value: false.

7.7

No new Axway-defined Java system properties were introduced in this release.

7.7 SP1

Axway-defined Java system properties introduced in the 7.7 SP1 release

System Property Context Description
com.axway.apimanager.use404AuthSuccessNoMatch API Manager; HTTP; Runtime Specifies whether a HTTP 404 Not Found error response is sent to the client when an authenticated, but unsuccessful API match occurs. When set to false, this property will return an HTTP 403 No match found for request error. Default value: false.

7.7 SP2

Axway-defined Java system properties introduced in the 7.7 SP2 release

System Property Context Description
com.axway.kps.cache.ignorenull API Gateway; API Manager; Cassandra; KPS Specifies whether items queried from Cassandra that are ’not found’ (that is, null) are stored in the KPS table cache. Not found/null items store an empty map in the cache. When this property is set to true and a null item is encountered, it will force a subsequent read from Cassandra. Default value: false.

7.7 January 2020

No new Axway-defined Java system properties were introduced in this release.

7.7 March 2020

Axway-defined Java system properties introduced in the 7.7 20200330 release

System Property Context Description
com.vordel.apiportal.Organization.RegistrationToken.tokenLength API Manager; User Registration Specifies the length of the organization registration token. Default value: 32.

7.7 May 2020

No new Axway-defined Java system properties were introduced in this release.

7.7 July 2020

Axway-defined Java system properties introduced in the 7.7 20200730 release

System Property Context Description
com.axway.apigw.request.headers.reflect API Gateway; API Manager; If set to false, incoming headers are not reflected (except for headers that are set or modified by policies). Default value: true.

7.7 September 2020

Axway-defined Java system properties introduced in the 7.7 20200930 release

System Property Context Description
api.manager.orgadmin.selfservice.enabled API Manager Sets whether an org admin has self service enabled by default. Default value: false.

7.7 November 2020

Axway-defined Java system properties introduced in the 7.7 20201130 release

System Property Context Description
com.coreapireg.apimethod.querystring.passthrough API Manager If set to true, query parameters are sent unmodified to the backend service. This flag also removes any undefined query parameters from the resulting backend request, unlike the 7.5.3 JVM property api.manager.querystring.passthrough, which passes all parameters to the backend. Default value: false.
api.manager.orgadmin.selfservice.enabled API Manager This flag was originally introduced in the 7.7 20200930 release. If set to true, it now allows Organization Admins to manage the API life cycle of APIs in their orgs.
com.axway.apimanager.configure.apis.nonblocking.enabled API Manager If set to true, API cache load and API catalog load are detached from boot sequence and triggered after it (this applies for both product startup and configuration deployment). API requests to catalog and virtualized APIs are held during the load time, and only performed after the load is finished. Default value: false.

7.7 January 2021

Axway-defined Java system properties introduced in the 7.7 20210130 release

System Property Context Description
com.axway.apigw.sftp.knowninsecure.allow API Gateway If set to true, the embedded SFTP server will allow connection from clients using known insecure cipher suites. Default value: false.

7.7 March 2021

Axway-defined Java system properties introduced in the 7.7 20210330 release

System Property Context Description
com.axway.apimanager.user.tlds API Manager Specifies a list of user defined top level domains to be included in domain valiation when adding a Trusted Certificate to an API Manager front-end API using a url.
com.axway.apimanager.configure.catalog.parallel.enabled API Manager If set to true, enables multi-threaded load of API Catalog. Default value: true.
com.vordel.coreapireg.runtime.broker.parameters.allowEmptyDefault API Manager; Runtime If set to true, empty query parameters are permitted by default unless the Swagger query parameter definition contains allowEmptyValue: false. Default value: false.

7.7 May 2021

Axway-defined Java system properties introduced in the 7.7 20210530 release

System Property Context Description
http.proxyScheme API Manager Specifies the scheme to be used, HTTP or HTTPS, when importing an API from a URL through a HTTP Proxy or HTTPS Proxy Server.
com.axway.apimanager.fault.legacy.soap API Manager; WSDL; SOAP If set to true, it will revert to the legacy error response codes for invalid SOAP 1.1 requests. Default value: false.
com.vordel.oauthAuthorizationRecordsThreshold API Manager Specifies the threshold for the records displayed on OAuth Authorizations page. Default value: -1.

7.7 August 2021

Axway-defined Java system properties introduced in the 7.7 20210830 release

System Property Context Description
jdk.xml.entityExpansionLimit API Gateway Specifies the XML Schema validation limit for the number of entity expansions. Default value: 64000.
jdk.xml.maxOccurLimit API Gateway Specifies the XML Schema validation limit for the number of content model nodes. Default value: 5000.
com.vordel.dwe.file.Service.includeConfDirectory API Gateway Specifies whether or not conf-dir and envSettings.props are included in the output of the API Gateway File API.
com.axway.api.runtime.broker.parameters.skipRequiredValidation API Manager Allows required parameters validation to be skipped during processing of user requests. Defaults to ‘false’.
com.axway.api.runtime.broker.parameters.skipEnumValidation API Manager Allows enum parameters validation to be skipped during processing of user requests. Defaults to ‘false’.
com.axway.apigw.dbconnection.removeabandoned API Gateway Allows removal of abandoned connections if they exceed the abandoned connection timeout. Defaults to ’true’.
com.axway.apigw.dbconnection.removeabandoned.timeoutms API Gateway Sets the abandoned connection timeout in milliseconds. Defaults to ‘300000’.
com.axway.apigw.dbconnection.testonreturn API Gateway Allows validation of connections before they are returned to the pool. Defaults to ’true’.
CASSANDRA_PROTOCOL_VERSION Cassandra Specifies which protocol version to set on the Cassandra driver. Allowable values are 3 and 4. Default value is 4.

7.7 November 2021

Axway-defined Java system properties introduced in the 7.7 20211130 release

System Property Context Description
com.axway.api.runtime.management.allowRateLimit API Manager Allows customers to enable/disable the API Manager request rate limiter. Defaults to ’true’.
com.axway.apigw.sso.auto.approval API Manager SSO Toggles whether SSO users are automatically approved or not. If set to false, a new SSO users must be approved by an API Manager Admin. Default value: ’true’
com.axway.apigw.sso.authorization API Manager SSO Toggles SSO authorizations ON or OFF. If set to false, the authorizations mapped from the SSO Users SAML assertion are ignored, and internally managed authorizations are used instead. Default value: ’true’

7.7 February 2022

Axway-defined Java system properties introduced in the 7.7 20220228 release

System Property Context Description
axway.rmi.socket.connect.timeout API Gateway A timeout to control how long a distributed Ehcache waits for a response for a synchronous update. A timeout value of 0 means no timeout. Defaults to 500 milliseconds.

7.7 May 2022

Axway-defined Java system properties introduced in the 7.7 20220530 release

System Property Context Description
com.vordel.dwe.outputObsFoldedValuesAllowed API Gateway Allow output HTTP headers to contain obs-folded values. Default value: ‘false’
com.vordel.allowApiSecretModification API Manager When set to ’true’ the secret of an OAuth Credential or an API Key can be modified via the REST API. Default value: ‘false’
com.axway.apimanager.securitydevice.httpheaders.propagate API Manager When set to ’true’ the headers generated by the API Manager Inbound Security Invoke Policy Security device are propagated in http.headers for further API Manager processing overriding headers received in the request. Default value: ‘false’
com.axway.apimanager.securitydevice.authz.legacy.enabled API Manager When set to ’true’ allows you to store external client ids, API keys, or OAuth tokens in any of the Security Device token stores in API Manager Applications. Default value: ‘false’

7.7 August 2022

Axway-defined Java system properties introduced in the 7.7 20220830 release

System Property Context Description
com.axway.apigw.cookie.validation.ignore API Gateway Allow HTTP Cookie related filters to not enforce cookie validation as per RFC 6265. Default value: ‘false’

7.7 November 2022

Axway-defined Java system properties introduced in the 7.7 20221130 release

System Property Context Description
com.axway.apimanager.bypass.temporary.password.check API Manager Allow API Manager REST APIs to be invokable using temporary passwords generated via a password reset. When set to ’true’ temporary password checking is bypassed. Default value: ‘false’
com.axway.api.runtime.broker.contentType.formUrlEncoded.preserve API Manager If set to ’true’ the API Manager preserves attributes of the ‘application/x-www-form-urlencoded’ Content-Type header of user request messages to API Manager. Default value: ‘false’
com.axway.apimanager.api.export.cleartext.allowed API Manager If set to ’true’ the API Manager allows Frontend APIs to be exported as clear text. Setting this property to ’true’ may result in authenticationProfile.parameters['password'] being visible in the export file if it is not password protected. Default value: ‘false’
com.vordel.coreapireg.runtime.broker.parameters.allowEmptyDefault API Manager This property was introduced to the product in the March 21 (7.7 20210330) release, and it has been removed from the product in this release. An equivalent setting (Allow empty value) has been added to API Manager settings.
com.axway.api.runtime.broker.parameters.skipRequiredValidation API Manager This property was introduced to the product in the August 21 (7.7 20210830) release, and it has been removed from the product in this release. An equivalent setting (Skip required validation) has been added to API Manager settings.
com.axway.api.runtime.broker.parameters.skipEnumValidation API Manager This property was introduced to the product in the August 21 (7.7 20210830) release, and it has been removed from the product in this release. An equivalent setting (Skip enun validation) has been added to API Manager settings.