Explore Release Notes

Release Version 4.38.0 (June 22, 2025)

22. 06. 2025

Pre-deployment steps

To be done before deployment

Check configuration changes and apply them in the application.yaml if the default configuration has been overridden, there

Check if the release contains migrations. Migrations can affect deployment and downtime.

Use GET /i18n/export/{fileName} to download files with the current i18n properties. Check if the downloaded file is correct.

Post-deployment steps

To be done after deployment

Verify permission changes and assign or remove required permissions if they have been overridden

Add new properties from the I18n properties changes to the downloaded i18n properties file, and add translations for them if needed.

Use POST /i18n/import to upload and apply a previously downloaded i18n file with added new properties.

Release migrations

Changes to notice

Changes to notice

PATCH /authentication/users/{userId}/totp was replaced with POST /totp

New functionality

We have started implementing the new Merchant Portal aimed at improving the merchant experience. For more information, feel free to reach us.

Improvements

Feature

Description

If OTP confirmation is required for the account closure, it is specified in the API response

"confirmationRequired": true/false is returned in the API response

/api/v1/actuator/ is removed from the authentication flow to improve performance

Ability to filter the list of contracts on UI based on whether they are default or not, and show default status in the Contracts list

New filter and field “Is default” added to the CRO → Contracts

According to ISO 3166
added new CountryCodes

AQ("Antarctica", "Antarctica", "Antarctic", "ATA", 10),
BV("Bouvet Island", "Bouvet Island", "Bouvet Islander", "BVT", 74),
HM("Heard Island and McDonald Islands", "Heard Island and McDonald Islands", "Heard and McDonald Islander", "HMD", 334),
PS("Palestine", "State of Palestine", "Palestinian", "PSE", 275),
TF("French Southern Territories", "French Southern Territories", "French Southern Territories", "ATF", 260),

Fixes

API changes

Updated

For endpoints:

POST /v1/merchant-payments/{identifier}/execute

POST /v1/merchant-payments/{identifier}/calculate

for request object paymentInstrument parameter instrumentType added new value: PAYMENT_CARD

also in request object paymentInstrument parameter value is required for the new type, and should contain Provider identifier

request example:

{
"paymentInstrument": {
"instrumentType": "PAYMENT_CARD",
"value": "Cybersource"
}
}

Also in responses on create, update and view added new field txId

response example:

{
"payment": {
"identifier": "693324990950",
"qrCodeMediaFileId": "0197552b-0926-7e96-a172-1e6c629c669e",
"qrCodeMediaFileLink": "http://localhost/api/v1/media-files/resources/b6300e6c-0e79-4bf3-b651-5b63f112e886.png",
"paymentLink": "http://localhost/front-office/merchant-payment/693324990950",
"pos": {
"id": "019753dc-49b9-73fb-b814-8c8d530a4363"
},
"parameters": {
"apiType": "v3",
"invoiceAmount": 10.0000,
"orderDescription": "description",
"paymentInstrument": "PAYMENT_CARD"
},
"date": "2025-06-09T14:49:32.789Z",
"createdByUser": {
"id": "01974f88-d350-72b5-8396-b730033f8690",
"name": "Merchant Default",
"profileOrganizationId": "01974f88-cfbc-7a50-b7cb-c1da1f7a75dc"
},
"status": "pending",
"currency": {
"id": "01974f88-bbc6-7460-87ac-a27e60851d62",
"sn": "EUR",
"code": "EUR",
"symbol": "€",
"type": "FIAT"
},
"urls": {},
"txId": "0197552b-3640-792e-8f96-d048936d12e1"
}
}

PUT /v1/close/coin/{serial}

The response was changed to:

{
"confirmationRequired": true
}

confirmationRequired = true if confirmation required, otherwise – false

PATCH /authentication/users/{userId}/totp was replaced with POST /totp

totpSecretparameter was removed from the request body for API:

PATCH /profiles/{userId}/security-settings

userId parameter was removed from the request body for API

POST /authorization/totp

Added

POST /merchant-payments/{identifier}/access-token

Deprecated/Deleted

I18n properties changes

Configuration changes

The following parameters were added to application.yaml file:

token:
access:
...
login-changer-ttl: 60 # in minutes
payment-executor-ttl: 30 # in minutes
...

Database changes

Permission changes

The new technical role payment_executor was created, and the new permission PAYMENT_EXECUTOR was assigned to this role. PAYMENT_EXECUTOR permission allows calling the following API operations:

  • POST /merchant-payments/{identifier}/execute

  • POST /gate/transactions/{tx}/submit