**Source URL:** https://general.veevavault.dev/rn/20r3.md
# Vault Developer Release Notes
We are pleased to bring you the following additions and enhancements to Developer Portal features in 20R3.
## Developer Features in 20R3 {#developer-features-in-20r3}
We are pleased to bring you the following additions and enhancements to Developer Portal features in 20R3. REST API features added in 20R3 only affect API v20.3, unless otherwise noted.
## Service Announcements {#Service_Announcement}
### Veeva Vault TLS Cipher Suite Changes {#veeva-vault-tls-cipher-suite-changes}
Beginning with the 20R3 release, we will be modifying the set of TLS cipher suites supported by Vault servers, removing weak ciphers and changing the priority order to utilize stronger ciphers. These changes may affect some custom integrations, but not users accessing Vault with a supported browser.
All customers with affected integrations will be contacted directly by Veeva Services prior to any changes so that they can test their integrations. Testing can be performed on a limited release sandbox beginning with the 20R2.2 release (August 21, 2020).
Learn more about [Veeva Vault cipher suite changes](/docs/tls/cipher).
#### Recommended Update to Integration DNS Caching {#recommended-update-to-integration-dns-caching}
As part of efforts to reduce release window downtime, we recommend all Veeva customers update their DNS caching so that integrations don’t cache the DNS forever. We recommend that you configure the DNS TTL value to no more than 60 seconds. This ensures that when a Vault resource IP address changes, your integration will be able to receive and use the new IP address by re-querying the DNS.
Learn more about [integration DNS caching changes](/docs/dns-caching/).
#### SAML/Spark Certificate Rollover {#20r3-samlspark-certificate-rollover}
Vault is scheduled to roll over the signing certificate used to sign SAML Single Sign-on requests and Spark Messaging connections. There is no expected downtime. The new certificate has been published and can be downloaded from [Vault Help](https://platform.veevavault.help/en/lr/18270). Your IT organization needs to ensure that the new certificate is configured on your Enterprise Identity Provider system prior to the Initial Certificate Rollover event. You also need to ensure that your Spark integrations don’t cache the certificate and are able to pick up the new certificate immediately after the rollover.
Learn more about the [SAML/Spark certificate rollover on Veeva Trust](https://trust.veeva.com/#!/incident/191572).
#### Re-Enable Large Size Asset Inbox Folder Triggers {#20r3-reenable-large-size-asset-inbox-folder-triggers}
In the previous 20R2.2 release, we disabled the automatic processing of files uploaded directly to the Inbox folder on the file staging server and introduced the ability to upload Large Size Asset renditions using the Vault REST API’s **Add Multiple Document Renditions** endpoint. With this 20R3.0 general release, we are re-enabling the automatic processing of files placed in the staging server’s Inbox folder. Note that we strongly recommend using the new process of uploading to the file staging server, either through FTP or the new [File Staging API](#File_Staging_API), and then using the **Add Multiple Document Renditions** endpoint to import large files into Vault. This process is more effective and does not require users to rename files after importing them.
## REST API v20.3 {#rest-api-v203}
We are pleased to bring you the following additions and enhancements to Developer Portal features in 20R3. REST API features added in 20R3 only affect API v20.3, unless otherwise noted.
### Global Updates {#20r3-global-updates}
### Keep Session Alive During Long API Requests {#20r3-keep-session-alive-during-long-api-requests}
This feature enhances the Vault API framework to ensure that as long as an API request is active, the session that made that API call will continue to be valid until the request finishes executing.
### OAuth Profiles: Enable Azure as a Standalone Authorization Server Type {#20r3-oauth-profiles-enable-azure-as-a-standalone-authorization-server-type}
This feature splits the Authorization Server Type configuration or *ADFS / Azure AD* on OAuth / OpenID Connect Profiles into two separate options: (1) *ADFS*, and (2) *Azure AD*. By default, all current configurations which have the *Authorization Server Type* set to *ADFS / Azure AD*, will receive a value of *ADFS* after this release.
The *Authorization Server Type* setting manifests itself in the response to the Authentication Type Discovery API, in the field `oauthProviderType`. The *Azure AD* option will be exposed as *Azure*.
### New Endpoints {#20r3-new-endpoints}
### File Staging API {#File_Staging_API}
With this feature, Vault adds a new REST API which allows you to manage files on the Vault file staging server. Until now, the only way to manage the files on the file staging server was through FTPS protocol. Because this API interfaces with the same file staging area, and has more features than what is exposed through the FTPS, customers may consider using this API instead of the FTPS.
We’ve also renamed the *Application: FTP Staging* permission to *Application: File Staging*.
View these endpoints in the [v20.3 API Reference](/vault-api/api-reference/20.3/file-staging).
### High Volume Object (HVO) {#20r3-high-volume-object-hvo}
This feature adds a new, alternative `data_store` for Vault Objects which is optimized for large or frequent transactions. Compared to the `standard` data store, the new `high_volume` data store delivers very fast write performance, but has a narrower feature set than standard Vault Objects and requires technical knowledge to configure optimally. For this reason, it is recommended to thoroughly read and understand the [documentation on High Volume Objects](https://platform.veevavault.help/en/lr/62987) before using this data store.
Some MDL execute requests against HVO object may require the [new asynchronous endpoint](/vault-api/api-reference/20.3/vault-query-language-vql).
### Managing Sandbox Allowances {#20r3-managing-sandbox-allowances}
This feature enables Vault Admins and developers to manage sandbox allowances across all their sandboxes through a newly introduced API endpoint. The *Retrieve Sandboxes* endpoint now provides information about not only sandboxes created from the logged-in Vault, but also any clone created from another sandbox. A new endpoint to retrieve additional sandbox details by Vault ID is also introduced with this feature.
Learn more about [setting sandbox entitlements](/vault-api/api-reference/20.3/sandbox-vaults/set-sandbox-entitlements) and [retrieving sandbox details by ID](/vault-api/api-reference/20.3/sandbox-vaults/retrieve-sandbox-details-by-id).
### Bulk Active Workflow Actions: Cancel & Reassign Tasks {#20r3-bulk-active-workflow-actions-cancel-reassign-tasks}
This feature allows bulk cancellation and reassignment of workflow tasks by users with appropriate permissions. These new actions work for document, multi-document, and object workflows.
API users can cancel all tasks assigned to a user by providing user IDs for task owners, or cancel all instances of a specific task by providing task IDs.
API users can reassign tasks by providing the user ID of the current task assignee and user ID of the new task assignee. Vault will fetch all the tasks assigned to the current user and reassign them to the new user.
Learn more in the [v20.3 API Reference](/vault-api/api-reference/20.3/bulk-active-workflow-actions).
##Existing Endpoints
### New API Parameter for Adding Large Size Asset Renditions {#20r3-new-api-parameter-for-adding-large-size-asset-renditions}
As of 20R2.2, Vault will no longer automatically process files placed in the FTP Inbox. Users will instead upload files to any folder on the FTP, and then use the Vault REST API to upload renditions to the correct document. This feature also adds the new `largeSizeAsset` query parameter to the [Add Multiple Document Renditions](/vault-api/api-reference/20.2/vault-query-language-vql) endpoint, allowing users to add *Large Size Asset* type renditions with **Document Migration Mode** limitations even if the user does not have *Document Migration* permission.
It should be noted that when *Large Size Asset* renditions are added the MIME type will be guessed according to the file extension, until the file is fully processed. Similarly, the MD5 checksum will be set to *Pending* until the checksum has been asynchronously calculated.
If the CSV contains any rendition type other than *Large Size Asset*, the API call will fail.
Learn more about [Uploading Renditions and Creating Staged Documents in Vault Help](https://platform.veevavault.help/en/lr/38655).
### Support Event Actions in CrossLink Create Draft {#20r3-support-event-actions-in-crosslink-create-draft}
We now support Event Actions on the Create Draft action for CrossLink documents.
### Generate Outbound Package from Vault Compare {#20r3-generate-outbound-package-from-vault-compare}
This feature enhances the Vault Comparison feature to optionally generate Outbound Packages based on the differences found in the comparison report. Each Outbound Package in the generated sequence can contain up to 200 components. The *Summary* and *Description* fields of each Outbound Package include information on the contents of the package as well as Vaults the comparison was based on.
A new optional body parameter, `generate_outbound_packages` has been added to the Vault Compare API and generates Outbound Packages when set to `true`. If omitted, the default value is `false`.
Learn more in the [v20.3 API Reference](/vault-api/api-reference/20.3/configuration-migration/vault-compare).
### Vault Configuration Report API Enhancement {#20r3-vault-configuration-report-api-enhancement}
This feature introduces an optional body parameter, `include_doc_binder_templates`, to the [Vault Configuration Report](/vault-api/api-reference/20.3/configuration-migration/vault-configuration-report) endpoint. When set to `false`, the configuration report excludes document and binder templates. If omitted, the default value is `true`.
### Vault Loader Bulk Remove Users from Document Roles {#20r3-vault-loader-bulk-remove-users-from-document-roles}
This feature adds support for bulk removal of users from document roles to the Vault Loader Command Line Tool (CLI) as well as the Multi-File Load REST API.
### Support Archived Documents in Document Export {#20r3-support-archived-documents-in-document-export}
As of API v20.3, API users with the *View Archive* permission can now export archived documents with the existing export document APIs:
### Audit Action Security {#20r3-audit-action-security}
When admins use Vault’s full audit export API, they now only need access to the relevant audit logs in order to download CSVs. Prior to this release, admins needed access to all admin logs in order to download the CSVs.
The full audit export API is the following endpoint:
When used with the `all_dates` parameter.
### Application-Specific Endpoints {#20r3-applicationspecific-endpoints}
### Match Documents to EDL Item API {#20r3-match-documents-to-edl-item-api}
This feature allows API users to match specific document versions to, and remove manually matched documents from, EDL items via the Vault REST API. You must have a security profile that grants *Application: EDL Matching: Edit Document Matches* permission, and EDL Matched Document APIs must be enabled in your Vault.
View these endpoints in the [v20.3 API reference](/vault-api/api-reference/20.3/expected-document-lists/add-edl-matched-documentss).
### Site Connect: Safety Distribution {#20r3-site-connect-safety-distribution}
This new Site Connect API allows Sponsors and CROs to send Safety reports and letters to Sites using Veeva SiteVault.
View this endpoint in the [v20.3 API reference](/vault-api/api-reference/20.3/vault-query-language-vql).
### Standard Metrics Job to Update Global Content Type from ‘Not Specified’ to Mapped Value {#20r3-standard-metrics-job-to-update-global-content-type-from-not-specified-to-mapped-value}
This feature allows Vault Owners to run a new asynchronous job called Standard Metrics GCT Mapping Document Update with a new public API. This job will run automatically with the 20R2.3 release and updates any documents whose *Global Content Type* is *Not Specified* to a mapped Global Content Type value. If no mapped Global Content Type value is configured or inherited from the parent document type, Vault does not update the document. This job does not update archived documents.
Learn more in the [v20.3 API Reference](/vault-api/api-reference/20.3/vault-query-language-vql).
## VQL & MDL {#vql--mdl}
### New VQL Clauses: MAXROWS, SKIP, PAGESIZE, PAGEOFFSET {#20r3-new-vql-clauses-maxrows-skip-pagesize-pageoffset}
In VQL v20.3+, we’ve introduced four new operators:
* The `MAXROWS` clause instructs VQL to fetch the maximum of N rows, applied after any filters.
* The `SKIP` clause instructs VQL to skip first N results. Results start from the N+1’th row.
* The `PAGESIZE` clause is a synonym for `LIMIT`, which defines the number of results returned per page. If both `LIMIT` and `PAGESIZE` are used in a query, `PAGESIZE` will overwrite `LIMIT`.
* The `PAGEOFFSET` clause is a synonym for `OFFSET`, which displays the “next” and “previous” pages of results. If both `OFFSET` and `PAGEOFFSET` are used in a query, `PAGEOFFSET` will overwrite `OFFSET`.
Learn more about these new clauses in the [VQL reference](/vql/references/language-specifications/result-handling#Sorting_Ordering_Results).
### Pagination for Relationships and matched_documents Query Targets {#20r3-pagination-for-relationships-and-matched_documents-query-targets}
This feature enhances pagination in VQL when querying `relationships` and `matched_documents` query targets. The response will include the standard pagination mechanism using the `next_page` and `previous_page` URLs when the result set is larger than what can fit on a single response page.
Learn more about [paginating results in VQL](/vql/references/query-performance-best-practices#Paginating_Results).
### VQL Enhancement to Allow Selecting Both Names & Labels on Certain Document Fields {#20r3-vql-enhancement-to-allow-selecting-both-names-labels-on-certain-document-fields}
This feature introduces the `toName()` function, which allows `SELECT` and `WHERE` clauses to use names instead of labels in queries on certain document fields. Additionally, users can now use the `AS` clause to define an optional alias when using a function on a field in the `SELECT` clause of a document query. For example:
`SELECT id, lifecycle__v, toName(lifecycle__v) AS lifecyclealias`
Learn more about [Querying Document Fields by Name](/vql/functions-options/toname).
### Number Precision for Vault Object Field Queries {#20r3-number-precision-for-vault-object-field-queries}
This feature enhances the decimal precision of field values for number fields. As of VQL v20.3+, object read precision is based on the number field's scale. For example, if you save an object record number field with a value of 3.0, but the metadata of the number field is configured with scale of 2, you will see a field value of 3.00 in VQL query results.
### Describe No Longer Returns Deleted Document Fields {#20r3-sdescribe-no-longer-returns-deleted-document-fieldss}
*Release Date: 20R2.4; October 16, 2020*
Vault no longer returns deleted document fields in VQL queries, or when retrieving document field metadata or component records through MDL.This feature was added in 20R2.4 and reverted in 20R3.0.
## Vault Java SDK {#vault-java-sdk}
### PicklistService: Retrieve Labels in User’s Language {#20r3-picklistservice-retrieve-labels-in-users-language}
Previously, `PicklistService` could only retrieve labels in the Vault's base language. In this release, we’ve added new methods to the Vault Java SDK which allows retrieval of picklist labels in the user’s language. This enhancement allows your integrations to deliver a more localized experience to your users.
### Integration Query Object Rules {#20r3-integration-query-object-rules}
The Spark framework requires that integrations are processed through a Vault Java SDK Spark message processor. To support all aspects of the filtering capabilities of query object rules, we’ve added a few [new interfaces to the Vault Java SDK](https://repo.veevavault.com/javadoc/vault-sdk-api/20.2.4/docs/api/com/veeva/vault/sdk/api/integration/package-summary.html) to get and resolve query object rules, as well as replace tokens.
The *Filter Clause* used to define your query object rules are written with [Criteria VQL](https://platform.veevavault.help/en/gr/1037069).
### Spark Field Rules: Additional Data Type Support for Field Defaults {#20r3-spark-field-rules-additional-data-type-support-for-field-defaults}
Spark Field Rules for mapping fields now supports Number, Boolean, Date, Datetime, and Picklist (single and multiple) in the field defaults, supplementing the existing string and array data types. If the format is correctly entered, a field default can be persisted to a target object field of these data types.
### SDK Job Administration {#20r3-sdk-job-administration}
This feature enables Vault Admins to manage SDK Jobs through the new SDK Job Metadata UI (**Admin** > **Operations** > **SDK Job Metadata**), in addition to management via MDL commands. Learn more about [administering SDK job metadata in Vault Help](https://platform.veevavault.help/en/lr/64660).